Class: Aws4Signer::Signature
- Inherits:
-
Object
- Object
- Aws4Signer::Signature
- Defined in:
- lib/aws4_signer/signature.rb
Instance Attribute Summary collapse
-
#access_key_id ⇒ Object
readonly
Returns the value of attribute access_key_id.
-
#body ⇒ Object
readonly
Returns the value of attribute body.
-
#headers ⇒ Object
readonly
Returns the value of attribute headers.
-
#region ⇒ Object
readonly
Returns the value of attribute region.
-
#secret_access_key ⇒ Object
readonly
Returns the value of attribute secret_access_key.
-
#service ⇒ Object
readonly
Returns the value of attribute service.
-
#uri ⇒ Object
readonly
Returns the value of attribute uri.
-
#verb ⇒ Object
readonly
Returns the value of attribute verb.
Instance Method Summary collapse
- #attach_to_http_request(req) ⇒ Object
- #authorization_header ⇒ Object
- #canonical_headers ⇒ Object
- #canonical_request ⇒ Object
- #date ⇒ Object
- #date_key ⇒ Object
- #date_region_key ⇒ Object
- #date_region_service_key ⇒ Object
- #hashed_payload ⇒ Object
-
#initialize(access_key_id, secret_access_key, region, service, verb, uri, headers, body, security_token: nil) ⇒ Signature
constructor
A new instance of Signature.
- #scope ⇒ Object
- #signature ⇒ Object
- #signed_headers ⇒ Object
- #signing_key ⇒ Object
- #string_to_sign ⇒ Object
Constructor Details
#initialize(access_key_id, secret_access_key, region, service, verb, uri, headers, body, security_token: nil) ⇒ Signature
Returns a new instance of Signature.
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
# File 'lib/aws4_signer/signature.rb', line 3 def initialize(access_key_id, secret_access_key, region, service, verb, uri, headers, body, security_token: nil) @access_key_id = access_key_id @secret_access_key = secret_access_key @region = region @service = service @verb = verb @uri = uri @headers = headers.dup @body = body @headers.each do |name, value| if value.kind_of?(Array) @headers[name] = value.first end end @headers["x-amz-date"] ||= @headers.delete("X-Amz-Date") @headers["x-amz-security-token"] = security_token if security_token unless @headers["x-amz-date"] @date = Time.now.utc @headers["x-amz-date"] = @date.strftime("%Y%m%dT%H%M%SZ") end @headers["Host"] ||= @headers.delete("host") || uri.host end |
Instance Attribute Details
#access_key_id ⇒ Object (readonly)
Returns the value of attribute access_key_id.
28 29 30 |
# File 'lib/aws4_signer/signature.rb', line 28 def access_key_id @access_key_id end |
#body ⇒ Object (readonly)
Returns the value of attribute body.
28 29 30 |
# File 'lib/aws4_signer/signature.rb', line 28 def body @body end |
#headers ⇒ Object (readonly)
Returns the value of attribute headers.
28 29 30 |
# File 'lib/aws4_signer/signature.rb', line 28 def headers @headers end |
#region ⇒ Object (readonly)
Returns the value of attribute region.
28 29 30 |
# File 'lib/aws4_signer/signature.rb', line 28 def region @region end |
#secret_access_key ⇒ Object (readonly)
Returns the value of attribute secret_access_key.
28 29 30 |
# File 'lib/aws4_signer/signature.rb', line 28 def secret_access_key @secret_access_key end |
#service ⇒ Object (readonly)
Returns the value of attribute service.
28 29 30 |
# File 'lib/aws4_signer/signature.rb', line 28 def service @service end |
#uri ⇒ Object (readonly)
Returns the value of attribute uri.
28 29 30 |
# File 'lib/aws4_signer/signature.rb', line 28 def uri @uri end |
#verb ⇒ Object (readonly)
Returns the value of attribute verb.
28 29 30 |
# File 'lib/aws4_signer/signature.rb', line 28 def verb @verb end |
Instance Method Details
#attach_to_http_request(req) ⇒ Object
30 31 32 33 34 35 36 37 38 39 |
# File 'lib/aws4_signer/signature.rb', line 30 def attach_to_http_request(req) headers.each do |name, value| req[name.downcase] = value end req["x-amz-content-sha256"] = Digest::SHA2.hexdigest(req.body || '', 256) req["authorization"] = req end |
#authorization_header ⇒ Object
41 42 43 44 45 46 |
# File 'lib/aws4_signer/signature.rb', line 41 def "AWS4-HMAC-SHA256 " \ "Credential=#{@access_key_id}/#{scope}," \ "SignedHeaders=#{signed_headers}," \ "Signature=#{signature}" end |
#canonical_headers ⇒ Object
56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 |
# File 'lib/aws4_signer/signature.rb', line 56 def canonical_headers @canonical_headers ||= begin signed = [] hs = headers.sort_by { |name, _| name.downcase }.flat_map { |name, value| next if name == "Authorization" signed << name.downcase case value when Array value.each do |v| "#{name.downcase}:#{v.to_s.strip}\n" end else "#{name.downcase}:#{value.to_s.strip}\n" end }.compact.join.freeze @signed_headers = signed.join(";").freeze hs end end |
#canonical_request ⇒ Object
86 87 88 89 90 91 92 93 94 95 96 |
# File 'lib/aws4_signer/signature.rb', line 86 def canonical_request @canonical_request ||= [ @verb.upcase, @uri.path, @uri.query&.split('&').map { |x| x.split('=') }.sort_by(&:first) .map { |x| x.join('=') }.join('&'), canonical_headers, signed_headers, hashed_payload, ].join("\n") end |
#date ⇒ Object
48 49 50 51 52 53 54 |
# File 'lib/aws4_signer/signature.rb', line 48 def date @date ||= begin time = Time.strptime(headers["x-amz-date"],"%Y%m%dT%H%M%SZ") time += time.utc_offset time.utc end end |
#date_key ⇒ Object
111 112 113 |
# File 'lib/aws4_signer/signature.rb', line 111 def date_key @date_key ||= hmac("AWS4#{@secret_access_key}", date.strftime("%Y%m%d")) end |
#date_region_key ⇒ Object
115 116 117 |
# File 'lib/aws4_signer/signature.rb', line 115 def date_region_key @date_region_key ||= hmac(date_key, region) end |
#date_region_service_key ⇒ Object
119 120 121 |
# File 'lib/aws4_signer/signature.rb', line 119 def date_region_service_key @date_region_service_key ||= hmac(date_region_key, service) end |
#hashed_payload ⇒ Object
82 83 84 |
# File 'lib/aws4_signer/signature.rb', line 82 def hashed_payload @hashed_payload ||= Digest::SHA2.hexdigest(body, 256) end |
#scope ⇒ Object
98 99 100 |
# File 'lib/aws4_signer/signature.rb', line 98 def scope "#{date.strftime("%Y%m%d")}/#{@region}/#{service}/aws4_request" end |
#signature ⇒ Object
127 128 129 |
# File 'lib/aws4_signer/signature.rb', line 127 def signature @signature ||= hmac(signing_key, string_to_sign, :hex) end |
#signed_headers ⇒ Object
78 79 80 |
# File 'lib/aws4_signer/signature.rb', line 78 def signed_headers canonical_headers; @signed_headers end |
#signing_key ⇒ Object
123 124 125 |
# File 'lib/aws4_signer/signature.rb', line 123 def signing_key @signing_key ||= hmac(date_region_service_key, 'aws4_request') end |
#string_to_sign ⇒ Object
102 103 104 105 106 107 108 109 |
# File 'lib/aws4_signer/signature.rb', line 102 def string_to_sign @string_to_sign ||= [ "AWS4-HMAC-SHA256", headers["x-amz-date"], scope, Digest::SHA2.hexdigest(canonical_request, 256), ].join("\n") end |