Class: Aws::Plugins::Sign::SignatureV4 Private

Inherits:
Object
  • Object
show all
Defined in:
lib/aws-sdk-core/plugins/sign.rb

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(auth_scheme, config, sigv4_overrides = {}) ⇒ SignatureV4

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns a new instance of SignatureV4.



101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
 
# File 'lib/aws-sdk-core/plugins/sign.rb', line 101

def initialize(auth_scheme, config, sigv4_overrides = {})
  scheme_name = auth_scheme['name']
  unless %w[sigv4 sigv4a sigv4-s3express].include?(scheme_name)
    raise ArgumentError, "Expected sigv4, sigv4a, or sigv4-s3express auth scheme, got #{scheme_name}"
  end
  region = if scheme_name == 'sigv4a'
             auth_scheme['signingRegionSet'].join(',')
           else
             auth_scheme['signingRegion']
           end
  begin
    @signer = config.sigv4_signer || Aws::Sigv4::Signer.new(
      service: config.sigv4_name || auth_scheme['signingName'],
      region: sigv4_overrides[:region] || config.sigv4_region || region,
      credentials_provider: sigv4_overrides[:credentials] || config.credentials,
      signing_algorithm: scheme_name.to_sym,
      uri_escape_path: !auth_scheme['disableDoubleEncoding'],
      normalize_path: !auth_scheme['disableNormalizePath'],
      unsigned_headers: %w[content-length user-agent x-amzn-trace-id expect transfer-encoding connection]
    )
  rescue Aws::Sigv4::Errors::MissingCredentialsError
    raise Aws::Errors::MissingCredentialsError
  end
end

Instance Attribute Details

#signerObject (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future. 



126
127
128
 
# File 'lib/aws-sdk-core/plugins/sign.rb', line 126

def signer
  @signer
end

Instance Method Details

#credentialsObject

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future. 



163
164
165
 
# File 'lib/aws-sdk-core/plugins/sign.rb', line 163

def credentials
  @signer.credentials_provider
end

#presign_url(*args) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future. 



155
156
157
 
# File 'lib/aws-sdk-core/plugins/sign.rb', line 155

def presign_url(*args)
  @signer.presign_url(*args)
end

#sign(context) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future. 



128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
 
# File 'lib/aws-sdk-core/plugins/sign.rb', line 128

def sign(context)
  req = context.http_request

  apply_authtype(context, req)
  reset_signature(req)
  apply_clock_skew(context, req)

  # compute the signature
  begin
    signature = @signer.sign_request(
      http_method: req.http_method,
      url: req.endpoint,
      headers: req.headers,
      body: req.body
    )
  rescue Aws::Sigv4::Errors::MissingCredentialsError
    # Necessary for when credentials is explicitly set to nil
    raise Aws::Errors::MissingCredentialsError
  end
  # apply signature headers
  req.headers.update(signature.headers)

  # add request metadata with signature components for debugging
  context[:canonical_request] = signature.canonical_request
  context[:string_to_sign] = signature.string_to_sign
end

#sign_event(*args) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future. 



159
160
161
 
# File 'lib/aws-sdk-core/plugins/sign.rb', line 159

def sign_event(*args)
  @signer.sign_event(*args)
end