File: version_3.rb

package info (click to toggle)
ruby-aws-sdk 1.67.0-3
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 6,840 kB
  • sloc: ruby: 28,436; makefile: 7
file content (86 lines) | stat: -rw-r--r-- 2,554 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"). You
# may not use this file except in compliance with the License. A copy of
# the License is located at
#
#     http://aws.amazon.com/apache2.0/
#
# or in the "license" file accompanying this file. This file is
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
# ANY KIND, either express or implied. See the License for the specific
# language governing permissions and limitations under the License.

require 'openssl'
require 'time'

module AWS
  module Core
    module Signers
      # @api private
      class Version3

        include Base

        # @param [CredentialProviders::Provider] credentials
        def initialize credentials
          @credentials = credentials
        end

        # @return [CredentialProviders::Provider]
        attr_reader :credentials

        # @param [Http::Request] req
        # @return [Http::Request]
        def sign_request req
          req.headers["x-amz-date"] ||= (req.headers["date"] ||= Time.now.httpdate)
          req.headers["host"] ||= req.host
          req.headers["x-amz-security-token"] = credentials.session_token if
            credentials.session_token
          req.headers["x-amzn-authorization"] =
            "AWS3 "+
            "AWSAccessKeyId=#{credentials.access_key_id},"+
            "Algorithm=HmacSHA256,"+
            "SignedHeaders=#{headers_to_sign(req).join(';')},"+
            "Signature=#{signature(req)}"
        end

        private

        # @param [Http::Request] req
        def signature req, service_signing_name = nil
          sign(credentials.secret_access_key, string_to_sign(req))
        end

        # @param [Http::Request] req
        def string_to_sign req
          OpenSSL::Digest::SHA256.digest([
            req.http_method,
            "/",
            "",
            canonical_headers(req),
            req.body
          ].join("\n"))
        end

        # @param [Http::Request] req
        def canonical_headers req
          headers_to_sign(req).map do |name|
            value = req.headers[name]
            "#{name.downcase.strip}:#{value.strip}\n"
          end.sort.join
        end

        # @param [Http::Request] req
        def headers_to_sign req
          req.headers.keys.select do |header|
              header == "host" ||
              header == "content-encoding" ||
              header =~ /^x-amz/
          end
        end

      end
    end
  end
end