class Aws::Sigv4::Signer
def sign_request(request)
-
(Signature)- Return an instance of {Signature} that has
Options Hash:
(**request)-
:body(optional, String, IO) -- The HTTP request body. -
:headers(optional, Hash) -- A hash of headers -
:url(required, String, URI::HTTP, URI::HTTPS) -- -
:http_method(required, String) -- One of
Parameters:
-
request(Hash) --
def sign_request(request) creds, _ = fetch_credentials http_method = extract_http_method(request) url = extract_url(request) Signer.normalize_path(url) if @normalize_path headers = downcase_headers(request[:headers]) datetime = headers['x-amz-date'] datetime ||= Time.now.utc.strftime("%Y%m%dT%H%M%SZ") date = datetime[0,8] content_sha256 = headers['x-amz-content-sha256'] content_sha256 ||= sha256_hexdigest(request[:body] || '') sigv4_headers = {} sigv4_headers['host'] = headers['host'] || host(url) sigv4_headers['x-amz-date'] = datetime if creds.session_token && !@omit_session_token if @signing_algorithm == 'sigv4-s3express'.to_sym sigv4_headers['x-amz-s3session-token'] = creds.session_token else sigv4_headers['x-amz-security-token'] = creds.session_token end end sigv4_headers['x-amz-content-sha256'] ||= content_sha256 if @apply_checksum_header if @signing_algorithm == :sigv4a && @region && !@region.empty? sigv4_headers['x-amz-region-set'] = @region end headers = headers.merge(sigv4_headers) # merge so we do not modify given headers hash algorithm = sts_algorithm # compute signature parts creq = canonical_request(http_method, url, headers, content_sha256) sts = string_to_sign(datetime, creq, algorithm) sig = if @signing_algorithm == :sigv4a asymmetric_signature(creds, sts) else signature(creds.secret_access_key, date, sts) end algorithm = sts_algorithm # apply signature sigv4_headers['authorization'] = [ "#{algorithm} Credential=#{credential(creds, date)}", "SignedHeaders=#{signed_headers(headers)}", "Signature=#{sig}", ].join(', ') # skip signing the session token, but include it in the headers if creds.session_token && @omit_session_token sigv4_headers['x-amz-security-token'] = creds.session_token end # Returning the signature components. Signature.new( headers: sigv4_headers, string_to_sign: sts, canonical_request: creq, content_sha256: content_sha256, signature: sig ) end