Mixed into clients that use signature v4 authorization.
# File lib/aws/core/authorize_v4.rb, line 98 def action_name http_method.to_s.upcase end
# File lib/aws/core/authorize_v4.rb, line 130 def canonical_header_values values values = [values] unless values.is_a?(Array) values.map(&:to_s).map(&:strip).join(',') end
# File lib/aws/core/authorize_v4.rb, line 120 def canonical_headers headers = [] self.headers.each_pair do |k,v| header = [k.to_s.downcase, v] headers << header unless header.first == 'authorization' end headers = headers.sort_by(&:first) headers.map{|k,v| "#{k}:#{canonical_header_values(v)}" }.join("\n") end
# File lib/aws/core/authorize_v4.rb, line 110 def canonical_querystring http_method.to_s.upcase == 'GET' ? url_encoded_params : '' end
# File lib/aws/core/authorize_v4.rb, line 82 def canonical_request parts = [] parts << action_name parts << canonical_uri parts << canonical_querystring parts << canonical_headers + "\n" parts << signed_headers parts << hex16(hash(payload)) parts.join("\n") end
# File lib/aws/core/authorize_v4.rb, line 102 def canonical_uri path end
# File lib/aws/core/authorize_v4.rb, line 73 def credential_string datetime parts = [] parts << datetime[0,8] parts << region parts << service parts << 'aws4_request' parts.join("/") end
# File lib/aws/core/authorize_v4.rb, line 143 def hash string Digest::SHA256.digest(string) end
# File lib/aws/core/authorize_v4.rb, line 135 def hex16 string string.unpack('H*').first end
# File lib/aws/core/authorize_v4.rb, line 139 def hmac key, string OpenSSL::HMAC.digest(OpenSSL::Digest::Digest.new('sha256'), key, string) end
# File lib/aws/core/authorize_v4.rb, line 106 def payload body || '' end
# File lib/aws/core/authorize_v4.rb, line 93 def service # this method is implemented in the request class for each service raise NotImplementedError end
# File lib/aws/core/authorize_v4.rb, line 55 def signature signer, datetime k_secret = signer.secret_access_key k_date = hmac("AWS4" + k_secret, datetime[0,8]) k_region = hmac(k_date, region) k_service = hmac(k_region, service) k_credentials = hmac(k_service, 'aws4_request') hmac(k_credentials, string_to_sign(datetime)) end
# File lib/aws/core/authorize_v4.rb, line 114 def signed_headers to_sign = headers.keys.map{|k| k.to_s.downcase } to_sign.delete('authorization') to_sign.sort.join(";") end
# File lib/aws/core/authorize_v4.rb, line 64 def string_to_sign datetime parts = [] parts << 'AWS4-HMAC-SHA256' parts << datetime parts << credential_string(datetime) parts << hex16(hash(canonical_request)) parts.join("\n") end