Class: Aws::Plugins::Sign::SignatureV4 Private

Inherits:
Object
  • Object
show all
Defined in:
lib/aws-sdk-core/plugins/sign.rb

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(auth_scheme, config, sigv4_overrides = {}) ⇒ SignatureV4

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns a new instance of SignatureV4.



105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
 
# File 'lib/aws-sdk-core/plugins/sign.rb', line 105

def initialize(auth_scheme, config, sigv4_overrides = {})
  scheme_name = auth_scheme['name']

  unless %w[sigv4 sigv4a sigv4-s3express].include?(scheme_name)
    raise ArgumentError,
          "Expected sigv4, sigv4a, or sigv4-s3express auth scheme, got #{scheme_name}"
  end

  region = if scheme_name == 'sigv4a'
             auth_scheme['signingRegionSet'].join(',')
           else
             auth_scheme['signingRegion']
           end
  begin
    @signer = config.sigv4_signer || Aws::Sigv4::Signer.new(
      service: config.sigv4_name || auth_scheme['signingName'],
      region: sigv4_overrides[:region] || config.sigv4_region || region,
      credentials_provider: sigv4_overrides[:credentials] || config.credentials,
      signing_algorithm: scheme_name.to_sym,
      uri_escape_path: !!!auth_scheme['disableDoubleEncoding'],
      normalize_path: !!!auth_scheme['disableNormalizePath'],
      unsigned_headers: %w[content-length user-agent x-amzn-trace-id expect transfer-encoding connection]
    )
  rescue Aws::Sigv4::Errors::MissingCredentialsError
    raise Aws::Errors::MissingCredentialsError
  end
end

Instance Attribute Details

#signerObject (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future. 



103
104
105
 
# File 'lib/aws-sdk-core/plugins/sign.rb', line 103

def signer
  @signer
end

Instance Method Details

#credentialsObject

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future. 



168
169
170
 
# File 'lib/aws-sdk-core/plugins/sign.rb', line 168

def credentials
  @signer.credentials_provider
end

#presign_url(*args) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future. 



160
161
162
 
# File 'lib/aws-sdk-core/plugins/sign.rb', line 160

def presign_url(*args)
  @signer.presign_url(*args)
end

#sign(context) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future. 



133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
 
# File 'lib/aws-sdk-core/plugins/sign.rb', line 133

def sign(context)
  req = context.http_request

  apply_authtype(context, req)
  reset_signature(req)
  apply_clock_skew(context, req)

  # compute the signature
  begin
    signature = @signer.sign_request(
      http_method: req.http_method,
      url: req.endpoint,
      headers: req.headers,
      body: req.body
    )
  rescue Aws::Sigv4::Errors::MissingCredentialsError
    # Necessary for when credentials is explicitly set to nil
    raise Aws::Errors::MissingCredentialsError
  end
  # apply signature headers
  req.headers.update(signature.headers)

  # add request metadata with signature components for debugging
  context[:canonical_request] = signature.canonical_request
  context[:string_to_sign] = signature.string_to_sign
end

#sign_event(*args) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future. 



164
165
166
 
# File 'lib/aws-sdk-core/plugins/sign.rb', line 164

def sign_event(*args)
  @signer.sign_event(*args)
end