class Aws::Sigv2::Signer
the ‘aws-sigv4` gem instead.
@deprecated This signer is deprecated. You should use
def extract_credentials_provider(options)
def extract_credentials_provider(options) if options[:credentials_provider] options[:credentials_provider] elsif options.key?(:credentials) || options.key?(:access_key_id) StaticCredentialsProvider.new(options) else raise ArgumentError, <<-MSG g credentials, provide credentials with one of the following options: ccess_key_id and :secret_access_key redentials redentials_provider MSG end end
def extract_http_method(request)
def extract_http_method(request) if request[:http_method] request[:http_method].upcase else msg = "missing required option :http_method" raise ArgumentError, msg end end
def extract_url(request)
def extract_url(request) if request[:url] URI.parse(request[:url].to_s) else msg = "missing required option :url" raise ArgumentError, msg end end
def host(url)
-
(String)-
Parameters:
-
url(URI::HTTP, URI::HTTPS) --
def host(url) if (url.scheme == 'http' && url.port != 80) || (url.scheme == 'https' && url.port != 443) then "#{url.host}:#{url.port}" else url.host end end
def initialize(options = {})
-
:credentials_provider(#credentials) -- An object that responds -
:credentials(Credentials) -- -
:session_token(String) -- (nil) -
:secret_access_key(String) -- -
:access_key_id(String) --
Overloads:
-
initialize(credentials_provider:) -
initialize(credentials:) -
initialize(access_key_id:, secret_access_key:, session_token:nil)
def initialize(options = {}) @credentials_provider = extract_credentials_provider(options) end
def param_list(params)
-
(Array-)
Parameters:
-
params(Hash) --
def param_list(params) params.keys.sort.inject([]) do |list, param_name| if param_name == 'Signature' list # do not sign the previous signature else list << "#{uri_escape(param_name)}=#{uri_escape(params[param_name])}" end end end
def path(url)
-
(String)-
Parameters:
-
url(URI::HTTP, URI::HTTPS) --
def path(url) if url.path == '' '/' else uri_escape_path(url.path) end end
def sign_request(request)
-
(Hash)- Returns a hash of un-escaped signature
Options Hash:
(**request)-
:params(optional, Hash) -- Request -
:url(required, String, URI::HTTPS, URI::HTTP) -- -
:http_method(required, String) -- One of
Parameters:
-
request(Hash) --
def sign_request(request) creds = @credentials_provider.credentials http_method = extract_http_method(request) url = extract_url(request) params = request[:params] || {} timestamp = params['Timestamp'] timestamp ||= Time.now.utc.strftime('%Y-%m-%dT%H:%M:%SZ') auth_params = {} auth_params['AWSAccessKeyId'] = creds.access_key_id auth_params['SecurityToken'] = creds.session_token if creds.session_token auth_params['Timestamp'] = timestamp auth_params['SignatureVersion'] = '2' auth_params['SignatureMethod'] = 'HmacSHA256' sts = string_to_sign(http_method, url, params.merge(auth_params)) auth_params['Signature'] = signature(sts, creds.secret_access_key) auth_params end
def signature(string_to_sign, secret_access_key)
-
(String-)
Parameters:
-
secret_access_key(String) -- -
string_to_sign(String) --
def signature(string_to_sign, secret_access_key) Base64.encode64( OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), secret_access_key, string_to_sign) ).strip end
def string_to_sign(http_method, url, params)
-
(String)-
Parameters:
-
params(Hash) -- -
url(URI::HTTP, URI::HTTPS) -- -
http_method(String) --
def string_to_sign(http_method, url, params) [ http_method, host(url), path(url), param_list(params).join('&'), ].join("\n") end
def uri_escape(value)
-
(String)-
Parameters:
-
value(String) --
def uri_escape(value) if value.nil? nil else CGI.escape(value.encode('UTF-8')).gsub('+', '%20').gsub('%7E', '~') end end
def uri_escape_path(path)
-
(String)-
Parameters:
-
path(String) --
def uri_escape_path(path) path.gsub(/[^\/]+/) { |part| uri_escape(part) } end