Class: S3::Signature

Inherits:

Object

• Object
• S3::Signature

Defined in:

lib/s3/signature.rb

Overview

Class responsible for generating signatures to requests.

Implements algorithm defined by Amazon Web Services to sign request with secret private credentials

See

docs.amazonwebservices.com/AmazonS3/latest/index.html?RESTAuthentication.html

Class Method Summary

• .generate(options) ⇒ Object

  Generates signature for given parameters.

• .generate_temporary_url(options) ⇒ Object

  Generates temporary URL for given resource.

• .generate_temporary_url_signature(options) ⇒ Object

  Generates temporary URL signature for given resource.

Class Method Details

.generate(options) ⇒ Object

Generates signature for given parameters

Options

• :host - Hostname

• :request - Net::HTTPRequest object with correct headers

• :access_key_id - Access key id

• :secret_access_key - Secret access key

Returns

Generated signature string for given hostname and request

# File 'lib/s3/signature.rb', line 24

def self.generate(options)
  request = options[:request]
  access_key_id = options[:access_key_id]

  options.merge!(:headers => request,
                 :method => request.method,
                 :resource => request.path)

  signature = canonicalized_signature(options)

  "AWS #{access_key_id}:#{signature}"
end

.generate_temporary_url(options) ⇒ Object

Generates temporary URL for given resource

Options

• :bucket - Bucket in which the resource resides

• :resource - Path to the resouce you want to create a temporary link to

• :access_key - Access key

• :secret_access_key - Secret access key

• :expires_at - Unix time stamp of when the resouce link will expire

• :method - HTTP request method you want to use on the resource, defaults to GET

• :headers - Any additional HTTP headers you intend to use when requesting the resource

# File 'lib/s3/signature.rb', line 81

def self.generate_temporary_url(options)
  bucket = options[:bucket]
  resource = options[:resource]
  access_key = options[:access_key]
  expires = options[:expires_at].to_i
  signature = generate_temporary_url_signature(options)

  url = "http://#{S3::HOST}/#{bucket}/#{resource}"
  url << "?AWSAccessKeyId=#{access_key}"
  url << "&Expires=#{expires}"
  url << "&Signature=#{signature}"
end

.generate_temporary_url_signature(options) ⇒ Object

Generates temporary URL signature for given resource

Options

• :bucket - Bucket in which the resource resides

• :resource - Path to the resouce you want to create a temporary link to

• :secret_access_key - Secret access key

• :expires_at - Unix time stamp of when the resouce link will expire

• :method - HTTP request method you want to use on the resource, defaults to GET

• :headers - Any additional HTTP headers you intend to use when requesting the resource

# File 'lib/s3/signature.rb', line 50

def self.generate_temporary_url_signature(options)
  bucket = options[:bucket]
  resource = options[:resource]
  secret_access_key = options[:secret_access_key]
  expires = options[:expires_at]

  headers = options[:headers] || {}
  headers.merge!('date' => expires.to_i.to_s)

  options.merge!(:resource => "/#{bucket}/#{resource}",
                 :method => options[:method] || :get,
                 :headers => headers)
  signature = canonicalized_signature(options)

  CGI.escape(signature)
end