Class: RightAws::AwsUtils
- Inherits:
-
Object
- Object
- RightAws::AwsUtils
- Defined in:
- lib/awsbase/right_awsbase.rb
Overview
:nodoc:
Constant Summary collapse
- TOKEN_GENERATOR_CHARSET =
Generates a token in format of:
1. "1dd8d4e4-db6b-11df-b31d-0025b37efad0 (if UUID gem is loaded) 2. "1287483761-855215-zSv2z-bWGj2-31M5t-ags9m" (if UUID gem is not loaded)
('a'..'z').to_a + ('A'..'Z').to_a + ('0'..'9').to_a
- @@digest1 =
OpenSSL::Digest::Digest.new("sha1")
- @@digest256 =
Some installation may not support sha256
OpenSSL::Digest::Digest.new("sha256") rescue nil
Class Method Summary collapse
- .allow_only(allowed_keys, params) ⇒ Object
-
.amz_escape(param) ⇒ Object
Escape a string accordingly Amazon rulles docs.amazonwebservices.com/AmazonSimpleDB/2007-11-07/DeveloperGuide/index.html?REST_RESTAuth.html.
- .caller_method ⇒ Object
-
.fix_service_params(service_hash, signature) ⇒ Object
Set a timestamp and a signature version.
- .generate_unique_token ⇒ Object
- .mandatory_arguments(required_args, params) ⇒ Object
- .sign(aws_secret_access_key, auth_string) ⇒ Object
-
.sign_request_v0(aws_secret_access_key, service_hash) ⇒ Object
Signature Version 0 A deprecated guy (should work till septemper 2009).
-
.sign_request_v1(aws_secret_access_key, service_hash) ⇒ Object
Signature Version 1 Another deprecated guy (should work till septemper 2009).
-
.sign_request_v2(aws_secret_access_key, service_hash, http_verb, host, uri) ⇒ Object
Signature Version 2 EC2, SQS and SDB requests must be signed by this guy.
- .split_items_and_params(array) ⇒ Object
-
.URLencode(raw) ⇒ Object
From Amazon’s SQS Dev Guide, a brief description of how to escape: “URL encode the computed signature and other query parameters as specified in RFC1738, section 2.2.
- .utc_iso8601(time) ⇒ Object
-
.xml_escape(text) ⇒ Object
:nodoc:.
-
.xml_unescape(text) ⇒ Object
:nodoc:.
Class Method Details
.allow_only(allowed_keys, params) ⇒ Object
124 125 126 127 128 |
# File 'lib/awsbase/right_awsbase.rb', line 124 def self.allow_only(allowed_keys, params) bogus_args = [] params.keys.each {|p| bogus_args.push(p) unless allowed_keys.include?(p) } raise AwsError.new("The following arguments were given but are not legal for the function call #{caller_method}: #{bogus_args.inspect}") if bogus_args.length > 0 end |
.amz_escape(param) ⇒ Object
Escape a string accordingly Amazon rulles docs.amazonwebservices.com/AmazonSimpleDB/2007-11-07/DeveloperGuide/index.html?REST_RESTAuth.html
49 50 51 52 53 |
# File 'lib/awsbase/right_awsbase.rb', line 49 def self.amz_escape(param) param.to_s.gsub(/([^a-zA-Z0-9._~-]+)/n) do '%' + $1.unpack('H2' * $1.size).join('%').upcase end end |
.caller_method ⇒ Object
136 137 138 139 |
# File 'lib/awsbase/right_awsbase.rb', line 136 def self.caller_method caller[1]=~/`(.*?)'/ $1 end |
.fix_service_params(service_hash, signature) ⇒ Object
Set a timestamp and a signature version
64 65 66 67 68 |
# File 'lib/awsbase/right_awsbase.rb', line 64 def self.fix_service_params(service_hash, signature) service_hash["Timestamp"] ||= utc_iso8601(Time.now) unless service_hash["Expires"] service_hash["SignatureVersion"] = signature service_hash end |
.generate_unique_token ⇒ Object
151 152 153 154 155 156 157 158 159 |
# File 'lib/awsbase/right_awsbase.rb', line 151 def self.generate_unique_token time = Time.now token = "%d-%06d" % [time.to_i, time.usec] 4.times do token << "-" 5.times { token << TOKEN_GENERATOR_CHARSET[rand(TOKEN_GENERATOR_CHARSET.size)] } end token end |
.mandatory_arguments(required_args, params) ⇒ Object
130 131 132 133 134 |
# File 'lib/awsbase/right_awsbase.rb', line 130 def self.mandatory_arguments(required_args, params) rargs = required_args.dup params.keys.each {|p| rargs.delete(p)} raise AwsError.new("The following mandatory arguments were not provided to #{caller_method}: #{rargs.inspect}") if rargs.length > 0 end |
.sign(aws_secret_access_key, auth_string) ⇒ Object
43 44 45 |
# File 'lib/awsbase/right_awsbase.rb', line 43 def self.sign(aws_secret_access_key, auth_string) Base64.encode64(OpenSSL::HMAC.digest(@@digest1, aws_secret_access_key, auth_string)).strip end |
.sign_request_v0(aws_secret_access_key, service_hash) ⇒ Object
Signature Version 0 A deprecated guy (should work till septemper 2009)
72 73 74 75 76 77 |
# File 'lib/awsbase/right_awsbase.rb', line 72 def self.sign_request_v0(aws_secret_access_key, service_hash) fix_service_params(service_hash, '0') string_to_sign = "#{service_hash['Action']}#{service_hash['Timestamp'] || service_hash['Expires']}" service_hash['Signature'] = AwsUtils::sign(aws_secret_access_key, string_to_sign) service_hash.to_a.collect{|key,val| "#{amz_escape(key)}=#{amz_escape(val.to_s)}" }.join("&") end |
.sign_request_v1(aws_secret_access_key, service_hash) ⇒ Object
Signature Version 1 Another deprecated guy (should work till septemper 2009)
81 82 83 84 85 86 |
# File 'lib/awsbase/right_awsbase.rb', line 81 def self.sign_request_v1(aws_secret_access_key, service_hash) fix_service_params(service_hash, '1') string_to_sign = service_hash.sort{|a,b| (a[0].to_s.downcase)<=>(b[0].to_s.downcase)}.to_s service_hash['Signature'] = AwsUtils::sign(aws_secret_access_key, string_to_sign) service_hash.to_a.collect{|key,val| "#{amz_escape(key)}=#{amz_escape(val.to_s)}" }.join("&") end |
.sign_request_v2(aws_secret_access_key, service_hash, http_verb, host, uri) ⇒ Object
Signature Version 2 EC2, SQS and SDB requests must be signed by this guy. See: docs.amazonwebservices.com/AmazonSimpleDB/2007-11-07/DeveloperGuide/index.html?REST_RESTAuth.html
http://developer.amazonwebservices.com/connect/entry.jspa?externalID=1928
92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 |
# File 'lib/awsbase/right_awsbase.rb', line 92 def self.sign_request_v2(aws_secret_access_key, service_hash, http_verb, host, uri) fix_service_params(service_hash, '2') # select a signing method (make an old openssl working with sha1) # make 'HmacSHA256' to be a default one service_hash['SignatureMethod'] = 'HmacSHA256' unless ['HmacSHA256', 'HmacSHA1'].include?(service_hash['SignatureMethod']) service_hash['SignatureMethod'] = 'HmacSHA1' unless @@digest256 # select a digest digest = (service_hash['SignatureMethod'] == 'HmacSHA256' ? @@digest256 : @@digest1) # form string to sign canonical_string = service_hash.keys.sort.map do |key| "#{amz_escape(key)}=#{amz_escape(service_hash[key])}" end.join('&') string_to_sign = "#{http_verb.to_s.upcase}\n#{host.downcase}\n#{uri}\n#{canonical_string}" # sign the string signature = amz_escape(Base64.encode64(OpenSSL::HMAC.digest(digest, aws_secret_access_key, string_to_sign)).strip) "#{canonical_string}&Signature=#{signature}" end |
.split_items_and_params(array) ⇒ Object
141 142 143 144 145 |
# File 'lib/awsbase/right_awsbase.rb', line 141 def self.split_items_and_params(array) items = Array(array).flatten.compact params = items.last.kind_of?(Hash) ? items.pop : {} [items, params] end |
.URLencode(raw) ⇒ Object
From Amazon’s SQS Dev Guide, a brief description of how to escape: “URL encode the computed signature and other query parameters as specified in RFC1738, section 2.2. In addition, because the + character is interpreted as a blank space by Sun Java classes that perform URL decoding, make sure to encode the + character although it is not required by RFC1738.” Avoid using CGI::escape to escape URIs. CGI::escape will escape characters in the protocol, host, and port sections of the URI. Only target chars in the query string should be escaped.
119 120 121 122 |
# File 'lib/awsbase/right_awsbase.rb', line 119 def self.URLencode(raw) e = URI.escape(raw) e.gsub(/\+/, "%2b") end |
.utc_iso8601(time) ⇒ Object
36 37 38 39 40 41 |
# File 'lib/awsbase/right_awsbase.rb', line 36 def self.utc_iso8601(time) if time.is_a?(Fixnum) then time = Time::at(time) elsif time.is_a?(String) then time = Time::parse(time) end time.utc.strftime("%Y-%m-%dT%H:%M:%S.000Z") end |
.xml_escape(text) ⇒ Object
:nodoc:
55 56 57 |
# File 'lib/awsbase/right_awsbase.rb', line 55 def self.xml_escape(text) # :nodoc: REXML::Text::normalize(text) end |
.xml_unescape(text) ⇒ Object
:nodoc:
59 60 61 |
# File 'lib/awsbase/right_awsbase.rb', line 59 def self.xml_unescape(text) # :nodoc: REXML::Text::unnormalize(text) end |