Class: Aws::S3::LegacySigner Private
- Inherits:
-
Object
- Object
- Aws::S3::LegacySigner
- Defined in:
- lib/aws-sdk-s3/legacy_signer.rb
This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.
Constant Summary collapse
- SIGNED_QUERYSTRING_PARAMS =
This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.
Set.new(%w( acl delete cors lifecycle location logging notification partNumber policy requestPayment restore tagging torrent uploadId uploads versionId versioning versions website replication requestPayment accelerate response-content-type response-content-language response-expires response-cache-control response-content-disposition response-content-encoding ))
Instance Attribute Summary collapse
- #credentials ⇒ Object readonly private
- #params ⇒ Object readonly private
Class Method Summary collapse
- .sign(context) ⇒ Object private
Instance Method Summary collapse
- #authorization(request) ⇒ Object private
-
#canonicalized_headers(request) ⇒ Object
private
CanonicalizedAmzHeaders.
-
#canonicalized_resource(endpoint) ⇒ Object
private
From the S3 developer guide.
- #digest(secret, string_to_sign) ⇒ Object private
- #hmac(key, value) ⇒ Object private
-
#initialize(credentials, params, force_path_style) ⇒ LegacySigner
constructor
private
A new instance of LegacySigner.
- #sign(request) ⇒ Object private
- #signature(request) ⇒ Object private
- #signed_querystring_params(endpoint) ⇒ Object private
- #signing_string_date(request) ⇒ Object private
-
#string_to_sign(request) ⇒ Object
private
From the S3 developer guide:.
- #uri_escape(s) ⇒ Object private
Constructor Details
#initialize(credentials, params, force_path_style) ⇒ LegacySigner
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Returns a new instance of LegacySigner.
35 36 37 38 39 40 41 42 |
# File 'lib/aws-sdk-s3/legacy_signer.rb', line 35 def initialize(credentials, params, force_path_style) @credentials = credentials.credentials @params = Query::ParamList.new params.each_pair do |param_name, param_value| @params.set(param_name, param_value) end @force_path_style = force_path_style end |
Instance Attribute Details
#credentials ⇒ Object (readonly)
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
44 45 46 |
# File 'lib/aws-sdk-s3/legacy_signer.rb', line 44 def credentials @credentials end |
#params ⇒ Object (readonly)
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
44 45 46 |
# File 'lib/aws-sdk-s3/legacy_signer.rb', line 44 def params @params end |
Class Method Details
.sign(context) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
26 27 28 29 30 31 32 |
# File 'lib/aws-sdk-s3/legacy_signer.rb', line 26 def self.sign(context) new( context.config.credentials, context.params, context.config.force_path_style ).sign(context.http_request) end |
Instance Method Details
#authorization(request) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
53 54 55 |
# File 'lib/aws-sdk-s3/legacy_signer.rb', line 53 def (request) "AWS #{credentials.access_key_id}:#{signature(request)}" end |
#canonicalized_headers(request) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
CanonicalizedAmzHeaders
See the developer guide for more information on how this element is generated.
105 106 107 108 109 110 111 |
# File 'lib/aws-sdk-s3/legacy_signer.rb', line 105 def canonicalized_headers(request) x_amz = request.headers.select{|k, v| k =~ /^x-amz-/i } x_amz = x_amz.collect{|k, v| [k.downcase, v] } x_amz = x_amz.sort_by{|k, v| k } x_amz = x_amz.collect{|k, v| "#{k}:#{v.to_s.strip}" }.join("\n") x_amz == '' ? nil : x_amz end |
#canonicalized_resource(endpoint) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
From the S3 developer guide
CanonicalizedResource =
[ "/" ` Bucket ] `
<HTTP-Request-URI, protocol name up to the querystring> +
[ sub-resource, if present. e.g. "?acl", "?location",
"?logging", or "?torrent"];
122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 |
# File 'lib/aws-sdk-s3/legacy_signer.rb', line 122 def canonicalized_resource(endpoint) parts = [] # virtual hosted-style requests require the hostname to appear # in the canonicalized resource prefixed by a forward slash. if bucket = params[:bucket] bucket = bucket.value ssl = endpoint.scheme == 'https' if Plugins::BucketDns.dns_compatible?(bucket, ssl) && !@force_path_style parts << "/#{bucket}" end end # append the path name (no querystring) parts << endpoint.path # lastly any sub resource querystring params need to be appened # in lexigraphical ordered joined by '&' and prefixed by '?' params = signed_querystring_params(endpoint) unless params.empty? parts << '?' parts << params.sort.collect{|p| p.to_s }.join('&') end parts.join end |
#digest(secret, string_to_sign) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
63 64 65 |
# File 'lib/aws-sdk-s3/legacy_signer.rb', line 63 def digest(secret, string_to_sign) Base64.encode64(hmac(secret, string_to_sign)).strip end |
#hmac(key, value) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
67 68 69 |
# File 'lib/aws-sdk-s3/legacy_signer.rb', line 67 def hmac(key, value) OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha1'), key, value) end |
#sign(request) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
46 47 48 49 50 51 |
# File 'lib/aws-sdk-s3/legacy_signer.rb', line 46 def sign(request) if token = credentials.session_token request.headers["X-Amz-Security-Token"] = token end request.headers['Authorization'] = (request) end |
#signature(request) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
57 58 59 60 61 |
# File 'lib/aws-sdk-s3/legacy_signer.rb', line 57 def signature(request) string_to_sign = string_to_sign(request) signature = digest(credentials.secret_access_key, string_to_sign) uri_escape(signature) end |
#signed_querystring_params(endpoint) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
151 152 153 154 155 |
# File 'lib/aws-sdk-s3/legacy_signer.rb', line 151 def signed_querystring_params(endpoint) endpoint.query.to_s.split('&').select do |p| SIGNED_QUERYSTRING_PARAMS.include?(p.split('=')[0]) end.map { |p| CGI.unescape(p) } end |
#signing_string_date(request) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
90 91 92 93 94 95 96 97 98 |
# File 'lib/aws-sdk-s3/legacy_signer.rb', line 90 def signing_string_date(request) # if a date is provided via x-amz-date then we should omit the # Date header from the signing string (should appear as a blank line) if request.headers.detect{|k,v| k.to_s =~ /^x-amz-date$/i } '' else request.headers['Date'] = Time.now.httpdate end end |
#string_to_sign(request) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
From the S3 developer guide:
StringToSign =
HTTP-Verb ` "\n" `
content-md5 ` "\n" `
content-type ` "\n" `
date ` "\n" `
CanonicalizedAmzHeaders + CanonicalizedResource;
80 81 82 83 84 85 86 87 88 |
# File 'lib/aws-sdk-s3/legacy_signer.rb', line 80 def string_to_sign(request) [ request.http_method, request.headers.values_at('Content-Md5', 'Content-Type').join("\n"), signing_string_date(request), canonicalized_headers(request), canonicalized_resource(request.endpoint), ].flatten.compact.join("\n") end |
#uri_escape(s) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 |
# File 'lib/aws-sdk-s3/legacy_signer.rb', line 157 def uri_escape(s) #URI.escape(s) # URI.escape is deprecated, replacing it with escape from webrick # to squelch the massive number of warnings generated from Ruby. # The following script was used to determine the differences # between the various escape methods available. The webrick # escape only had two differences and it is available in the # standard lib. # # (0..255).each {|c| # s = [c].pack("C") # e = [ # CGI.escape(s), # ERB::Util.url_encode(s), # URI.encode_www_form_component(s), # WEBrick::HTTPUtils.escape_form(s), # WEBrick::HTTPUtils.escape(s), # URI.escape(s), # ] # next if e.uniq.length == 1 # puts("%5s %5s %5s %5s %5s %5s %5s" % ([s.inspect] + e)) # } # WEBrick::HTTPUtils.escape(s).gsub('%5B', '[').gsub('%5D', ']') end |