Class: S3::Signature

Inherits:
Object
  • Object
show all
Defined in:
lib/s3/signature.rb

Overview

Class responsible for generating signatures to requests.

Implements algorithm defined by Amazon Web Services to sign request with secret private credentials

See

docs.amazonwebservices.com/AmazonS3/latest/index.html?RESTAuthentication.html

Class Method Summary collapse

Class Method Details

.generate(options) ⇒ Object

Generates signature for given parameters

Options

  • :host - Hostname

  • :request - Net::HTTPRequest object with correct headers

  • :access_key_id - Access key id

  • :secret_access_key - Secret access key

Returns

Generated signature string for given hostname and request



24
25
26
27
28
29
30
31
32
33
# File 'lib/s3/signature.rb', line 24

def self.generate(options)
  request = options[:request]
  access_key_id = options[:access_key_id]

  options.merge!(:headers => request, :method => request.method, :resource => request.path)

  signature = canonicalized_signature(options)

  "AWS #{access_key_id}:#{signature}"
end

.generate_temporary_url(options) ⇒ Object

Generates temporary URL for given resource

Options

  • :bucket - Bucket in which the resource resides

  • :resource - Path to the resouce you want to create a temporary link to

  • :access_key - Access key

  • :secret_access_key - Secret access key

  • :expires_at - Unix time stamp of when the resouce link will expire

  • :method - HTTP request method you want to use on the resource, defaults to GET

  • :headers - Any additional HTTP headers you intend to use when requesting the resource



79
80
81
82
83
84
85
86
87
88
89
90
91
92
# File 'lib/s3/signature.rb', line 79

def self.generate_temporary_url(options)
  bucket = options[:bucket]
  resource = options[:resource]
  access_key = options[:access_key]
  expires = options[:expires_at].to_i
  resource = File.join(bucket, resource) unless S3::Bucket.vhost?(bucket)
  signature = generate_temporary_url_signature(options)
  protocol = options[:use_ssl] ? 'https' : 'http'
  
  url = "#{protocol}://#{(bucket + ".") if S3::Bucket.vhost?(bucket)}#{S3::HOST}/#{resource}"
  url << "?AWSAccessKeyId=#{access_key}"
  url << "&Expires=#{expires}"
  url << "&Signature=#{signature}"
end

.generate_temporary_url_signature(options) ⇒ Object

Generates temporary URL signature for given resource

Options

  • :bucket - Bucket in which the resource resides

  • :resource - Path to the resouce you want to create a temporary link to

  • :secret_access_key - Secret access key

  • :expires_at - Unix time stamp of when the resouce link will expire

  • :method - HTTP request method you want to use on the resource, defaults to GET

  • :headers - Any additional HTTP headers you intend to use when requesting the resource



48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# File 'lib/s3/signature.rb', line 48

def self.generate_temporary_url_signature(options)
  bucket = options[:bucket]
  resource = options[:resource]
  secret_access_key = options[:secret_access_key]
  expires = options[:expires_at]

  headers = options[:headers] || {}
  headers.merge!("date" => expires.to_i.to_s)

  options.merge!(:resource => "/#{bucket}/#{URI.escape(resource)}",
                 :method => options[:method] || :get,
                 :headers => headers)
  signature = canonicalized_signature(options)

  CGI.escape(signature)
end