1 | var AWS = require('../core');
|
2 | var inherit = AWS.util.inherit;
|
3 |
|
4 |
|
5 |
|
6 |
|
7 | AWS.Signers.V3 = inherit(AWS.Signers.RequestSigner, {
|
8 | addAuthorization: function addAuthorization(credentials, date) {
|
9 |
|
10 | var datetime = AWS.util.date.rfc822(date);
|
11 |
|
12 | this.request.headers['X-Amz-Date'] = datetime;
|
13 |
|
14 | if (credentials.sessionToken) {
|
15 | this.request.headers['x-amz-security-token'] = credentials.sessionToken;
|
16 | }
|
17 |
|
18 | this.request.headers['X-Amzn-Authorization'] =
|
19 | this.authorization(credentials, datetime);
|
20 |
|
21 | },
|
22 |
|
23 | authorization: function authorization(credentials) {
|
24 | return 'AWS3 ' +
|
25 | 'AWSAccessKeyId=' + credentials.accessKeyId + ',' +
|
26 | 'Algorithm=HmacSHA256,' +
|
27 | 'SignedHeaders=' + this.signedHeaders() + ',' +
|
28 | 'Signature=' + this.signature(credentials);
|
29 | },
|
30 |
|
31 | signedHeaders: function signedHeaders() {
|
32 | var headers = [];
|
33 | AWS.util.arrayEach(this.headersToSign(), function iterator(h) {
|
34 | headers.push(h.toLowerCase());
|
35 | });
|
36 | return headers.sort().join(';');
|
37 | },
|
38 |
|
39 | canonicalHeaders: function canonicalHeaders() {
|
40 | var headers = this.request.headers;
|
41 | var parts = [];
|
42 | AWS.util.arrayEach(this.headersToSign(), function iterator(h) {
|
43 | parts.push(h.toLowerCase().trim() + ':' + String(headers[h]).trim());
|
44 | });
|
45 | return parts.sort().join('\n') + '\n';
|
46 | },
|
47 |
|
48 | headersToSign: function headersToSign() {
|
49 | var headers = [];
|
50 | AWS.util.each(this.request.headers, function iterator(k) {
|
51 | if (k === 'Host' || k === 'Content-Encoding' || k.match(/^X-Amz/i)) {
|
52 | headers.push(k);
|
53 | }
|
54 | });
|
55 | return headers;
|
56 | },
|
57 |
|
58 | signature: function signature(credentials) {
|
59 | return AWS.util.crypto.hmac(credentials.secretAccessKey, this.stringToSign(), 'base64');
|
60 | },
|
61 |
|
62 | stringToSign: function stringToSign() {
|
63 | var parts = [];
|
64 | parts.push(this.request.method);
|
65 | parts.push('/');
|
66 | parts.push('');
|
67 | parts.push(this.canonicalHeaders());
|
68 | parts.push(this.request.body);
|
69 | return AWS.util.crypto.sha256(parts.join('\n'));
|
70 | }
|
71 |
|
72 | });
|
73 |
|
74 |
|
75 |
|
76 |
|
77 | module.exports = AWS.Signers.V3;
|