aws-sdk 1.30.1 → 1.31.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +6 -3
- data/lib/aws/api_config/CloudFront-2013-11-11.yml +2886 -0
- data/lib/aws/api_config/CloudTrail-2013-11-01.yml +36 -0
- data/lib/aws/api_config/ElasticTranscoder-2012-09-25.yml +67 -446
- data/lib/aws/auto_scaling.rb +0 -1
- data/lib/aws/auto_scaling/client.rb +2 -0
- data/lib/aws/cloud_formation.rb +0 -1
- data/lib/aws/cloud_formation/client.rb +2 -0
- data/lib/aws/cloud_front.rb +0 -1
- data/lib/aws/cloud_front/client.rb +6 -6
- data/lib/aws/cloud_search.rb +0 -1
- data/lib/aws/cloud_search/client.rb +3 -0
- data/lib/aws/cloud_trail.rb +0 -1
- data/lib/aws/cloud_trail/client.rb +2 -0
- data/lib/aws/cloud_watch.rb +0 -1
- data/lib/aws/cloud_watch/client.rb +2 -0
- data/lib/aws/core.rb +8 -6
- data/lib/aws/core/client.rb +30 -4
- data/lib/aws/core/configuration.rb +1 -1
- data/lib/aws/core/http/request.rb +2 -1
- data/lib/aws/core/signers/base.rb +46 -0
- data/lib/aws/core/signers/cloud_front.rb +56 -0
- data/lib/aws/core/signers/s3.rb +159 -0
- data/lib/aws/core/signers/version_2.rb +72 -0
- data/lib/aws/core/signers/version_3.rb +86 -0
- data/lib/aws/core/signers/version_3_https.rb +61 -0
- data/lib/aws/core/signers/version_4.rb +228 -0
- data/lib/aws/core/signers/version_4/chunk_signed_stream.rb +191 -0
- data/lib/aws/data_pipeline.rb +0 -1
- data/lib/aws/data_pipeline/client.rb +3 -0
- data/lib/aws/direct_connect.rb +0 -1
- data/lib/aws/direct_connect/client.rb +3 -0
- data/lib/aws/dynamo_db.rb +0 -1
- data/lib/aws/dynamo_db/client.rb +2 -0
- data/lib/aws/ec2.rb +0 -1
- data/lib/aws/ec2/client.rb +21 -0
- data/lib/aws/elastic_beanstalk.rb +0 -1
- data/lib/aws/elastic_beanstalk/client.rb +3 -0
- data/lib/aws/elastic_transcoder.rb +0 -1
- data/lib/aws/elastic_transcoder/client.rb +2 -0
- data/lib/aws/elasticache.rb +0 -1
- data/lib/aws/elasticache/client.rb +2 -0
- data/lib/aws/elb.rb +0 -1
- data/lib/aws/elb/client.rb +2 -0
- data/lib/aws/emr.rb +0 -1
- data/lib/aws/emr/client.rb +2 -0
- data/lib/aws/glacier.rb +0 -1
- data/lib/aws/glacier/client.rb +2 -0
- data/lib/aws/iam.rb +0 -1
- data/lib/aws/iam/client.rb +2 -0
- data/lib/aws/import_export.rb +0 -1
- data/lib/aws/import_export/client.rb +2 -0
- data/lib/aws/kinesis.rb +0 -1
- data/lib/aws/kinesis/client.rb +2 -0
- data/lib/aws/ops_works.rb +0 -1
- data/lib/aws/ops_works/client.rb +2 -0
- data/lib/aws/rds.rb +0 -1
- data/lib/aws/rds/client.rb +2 -0
- data/lib/aws/redshift.rb +0 -1
- data/lib/aws/redshift/client.rb +2 -0
- data/lib/aws/route_53.rb +0 -1
- data/lib/aws/route_53/client.rb +2 -0
- data/lib/aws/s3.rb +1 -0
- data/lib/aws/s3/bucket_collection.rb +9 -7
- data/lib/aws/s3/client.rb +70 -9
- data/lib/aws/s3/config.rb +12 -0
- data/lib/aws/s3/object_collection.rb +4 -9
- data/lib/aws/s3/presign_v4.rb +127 -0
- data/lib/aws/s3/presigned_post.rb +1 -1
- data/lib/aws/s3/request.rb +0 -136
- data/lib/aws/s3/s3_object.rb +40 -19
- data/lib/aws/simple_db.rb +0 -1
- data/lib/aws/simple_db/client.rb +2 -0
- data/lib/aws/simple_email_service.rb +0 -1
- data/lib/aws/simple_email_service/client.rb +2 -0
- data/lib/aws/simple_workflow.rb +0 -1
- data/lib/aws/simple_workflow/client.rb +2 -0
- data/lib/aws/sns.rb +0 -1
- data/lib/aws/sns/client.rb +2 -0
- data/lib/aws/sqs.rb +0 -1
- data/lib/aws/sqs/client.rb +2 -0
- data/lib/aws/storage_gateway.rb +0 -1
- data/lib/aws/storage_gateway/client.rb +2 -0
- data/lib/aws/sts.rb +0 -1
- data/lib/aws/sts/client.rb +2 -0
- data/lib/aws/support.rb +0 -1
- data/lib/aws/support/client.rb +2 -0
- data/lib/aws/version.rb +1 -1
- metadata +12 -38
- data/lib/aws/auto_scaling/request.rb +0 -29
- data/lib/aws/cloud_formation/request.rb +0 -29
- data/lib/aws/cloud_front/request.rb +0 -30
- data/lib/aws/cloud_search/request.rb +0 -23
- data/lib/aws/cloud_trail/request.rb +0 -30
- data/lib/aws/cloud_watch/request.rb +0 -29
- data/lib/aws/core/signature/version_2.rb +0 -56
- data/lib/aws/core/signature/version_3.rb +0 -77
- data/lib/aws/core/signature/version_3_https.rb +0 -54
- data/lib/aws/core/signature/version_4.rb +0 -135
- data/lib/aws/core/signer.rb +0 -46
- data/lib/aws/data_pipeline/request.rb +0 -26
- data/lib/aws/direct_connect/request.rb +0 -27
- data/lib/aws/dynamo_db/request.rb +0 -26
- data/lib/aws/ec2/request.rb +0 -21
- data/lib/aws/elastic_beanstalk/request.rb +0 -29
- data/lib/aws/elastic_transcoder/request.rb +0 -30
- data/lib/aws/elasticache/request.rb +0 -23
- data/lib/aws/elb/request.rb +0 -29
- data/lib/aws/emr/request.rb +0 -28
- data/lib/aws/glacier/request.rb +0 -29
- data/lib/aws/iam/request.rb +0 -29
- data/lib/aws/import_export/request.rb +0 -23
- data/lib/aws/kinesis/request.rb +0 -26
- data/lib/aws/ops_works/request.rb +0 -27
- data/lib/aws/rds/request.rb +0 -29
- data/lib/aws/redshift/request.rb +0 -29
- data/lib/aws/route_53/request.rb +0 -23
- data/lib/aws/simple_db/request.rb +0 -23
- data/lib/aws/simple_email_service/request.rb +0 -27
- data/lib/aws/simple_workflow/request.rb +0 -28
- data/lib/aws/sns/request.rb +0 -29
- data/lib/aws/sqs/request.rb +0 -31
- data/lib/aws/storage_gateway/request.rb +0 -28
- data/lib/aws/sts/request.rb +0 -29
- data/lib/aws/support/request.rb +0 -27
data/lib/aws/auto_scaling.rb
CHANGED
@@ -82,7 +82,6 @@ module AWS
|
|
82
82
|
autoload :LaunchConfigurationCollection, 'aws/auto_scaling/launch_configuration_collection'
|
83
83
|
autoload :NotificationConfiguration, 'aws/auto_scaling/notification_configuration'
|
84
84
|
autoload :NotificationConfigurationCollection, 'aws/auto_scaling/notification_configuration_collection'
|
85
|
-
autoload :Request, 'aws/auto_scaling/request'
|
86
85
|
autoload :ScalingPolicy, 'aws/auto_scaling/scaling_policy'
|
87
86
|
autoload :ScalingPolicyCollection, 'aws/auto_scaling/scaling_policy_collection'
|
88
87
|
autoload :ScalingPolicyOptions, 'aws/auto_scaling/scaling_policy_options'
|
data/lib/aws/cloud_formation.rb
CHANGED
@@ -147,7 +147,6 @@ module AWS
|
|
147
147
|
|
148
148
|
autoload :Client, 'aws/cloud_formation/client'
|
149
149
|
autoload :Errors, 'aws/cloud_formation/errors'
|
150
|
-
autoload :Request, 'aws/cloud_formation/request'
|
151
150
|
autoload :Stack, 'aws/cloud_formation/stack'
|
152
151
|
autoload :StackCollection, 'aws/cloud_formation/stack_collection'
|
153
152
|
autoload :StackEvent, 'aws/cloud_formation/stack_event'
|
data/lib/aws/cloud_front.rb
CHANGED
@@ -16,7 +16,9 @@ module AWS
|
|
16
16
|
|
17
17
|
class Client < Core::RESTXMLClient
|
18
18
|
|
19
|
-
API_VERSION = '2013-
|
19
|
+
API_VERSION = '2013-11-11'
|
20
|
+
|
21
|
+
signature_version :Version4, 'cloudfront'
|
20
22
|
|
21
23
|
# @api private
|
22
24
|
CACHEABLE_REQUESTS = Set[]
|
@@ -24,21 +26,19 @@ module AWS
|
|
24
26
|
end
|
25
27
|
|
26
28
|
class Client::V20130512 < Client
|
27
|
-
|
28
29
|
define_client_methods('2013-05-12')
|
29
|
-
|
30
30
|
end
|
31
31
|
|
32
32
|
class Client::V20130826 < Client
|
33
|
-
|
34
33
|
define_client_methods('2013-08-26')
|
35
|
-
|
36
34
|
end
|
37
35
|
|
38
36
|
class Client::V20130927 < Client
|
39
|
-
|
40
37
|
define_client_methods('2013-09-27')
|
38
|
+
end
|
41
39
|
|
40
|
+
class Client::V20131111 < Client
|
41
|
+
define_client_methods('2013-11-11')
|
42
42
|
end
|
43
43
|
|
44
44
|
end
|
data/lib/aws/cloud_search.rb
CHANGED
data/lib/aws/cloud_trail.rb
CHANGED
data/lib/aws/cloud_watch.rb
CHANGED
@@ -71,7 +71,6 @@ module AWS
|
|
71
71
|
autoload :MetricCollection, 'aws/cloud_watch/metric_collection'
|
72
72
|
autoload :MetricAlarmCollection, 'aws/cloud_watch/metric_alarm_collection'
|
73
73
|
autoload :MetricStatistics, 'aws/cloud_watch/metric_statistics'
|
74
|
-
autoload :Request, 'aws/cloud_watch/request'
|
75
74
|
|
76
75
|
include Core::ServiceInterface
|
77
76
|
|
data/lib/aws/core.rb
CHANGED
@@ -201,7 +201,6 @@ module AWS
|
|
201
201
|
autoload :RESTResponseParser, "#{SRC}/core/rest_response_parser"
|
202
202
|
|
203
203
|
autoload :ServiceInterface, "#{SRC}/core/service_interface"
|
204
|
-
autoload :Signer, "#{SRC}/core/signer"
|
205
204
|
autoload :UriEscape, "#{SRC}/core/uri_escape"
|
206
205
|
|
207
206
|
module Options
|
@@ -210,11 +209,14 @@ module AWS
|
|
210
209
|
autoload :Validator, "#{SRC}/core/options/validator"
|
211
210
|
end
|
212
211
|
|
213
|
-
module
|
214
|
-
autoload :
|
215
|
-
autoload :
|
216
|
-
autoload :
|
217
|
-
autoload :
|
212
|
+
module Signers
|
213
|
+
autoload :Base, "#{SRC}/core/signers/base"
|
214
|
+
autoload :CloudFront, "#{SRC}/core/signers/cloud_front"
|
215
|
+
autoload :S3, "#{SRC}/core/signers/s3"
|
216
|
+
autoload :Version2, "#{SRC}/core/signers/version_2"
|
217
|
+
autoload :Version3, "#{SRC}/core/signers/version_3"
|
218
|
+
autoload :Version3Https, "#{SRC}/core/signers/version_3_https"
|
219
|
+
autoload :Version4, "#{SRC}/core/signers/version_4"
|
218
220
|
end
|
219
221
|
|
220
222
|
module XML
|
data/lib/aws/core/client.rb
CHANGED
@@ -48,7 +48,7 @@ module AWS
|
|
48
48
|
|
49
49
|
# translate these into service specific configuration options,
|
50
50
|
# e.g. :endpoint into :s3_endpoint
|
51
|
-
[:endpoint, :region, :port].each do |opt|
|
51
|
+
[:endpoint, :region, :port, :signature_version].each do |opt|
|
52
52
|
if options[opt]
|
53
53
|
options[:"#{service_ruby_name}_#{opt}"] = options.delete(opt)
|
54
54
|
end
|
@@ -57,6 +57,8 @@ module AWS
|
|
57
57
|
@config = (options.delete(:config) || AWS.config)
|
58
58
|
@config = @config.with(options)
|
59
59
|
|
60
|
+
@region = @config.send(:"#{service_ruby_name}_region")
|
61
|
+
|
60
62
|
@credential_provider = @config.credential_provider
|
61
63
|
@http_handler = @config.http_handler
|
62
64
|
@endpoint = config.send(:"#{service_ruby_name}_endpoint")
|
@@ -188,7 +190,7 @@ module AWS
|
|
188
190
|
|
189
191
|
# @api private
|
190
192
|
def new_request
|
191
|
-
|
193
|
+
Http::Request.new
|
192
194
|
end
|
193
195
|
|
194
196
|
def new_response(*args, &block)
|
@@ -480,7 +482,7 @@ module AWS
|
|
480
482
|
|
481
483
|
response = new_response do
|
482
484
|
req = client.send(:build_request, name, options)
|
483
|
-
|
485
|
+
client.send(:sign_request, req)
|
484
486
|
req
|
485
487
|
end
|
486
488
|
|
@@ -543,7 +545,7 @@ module AWS
|
|
543
545
|
http_request.service_ruby_name = service_ruby_name
|
544
546
|
http_request.host = endpoint
|
545
547
|
http_request.port = port
|
546
|
-
http_request.region =
|
548
|
+
http_request.region = @region
|
547
549
|
http_request.use_ssl = config.use_ssl?
|
548
550
|
|
549
551
|
send("configure_#{name}_request", http_request, opts)
|
@@ -565,6 +567,13 @@ module AWS
|
|
565
567
|
|
566
568
|
end
|
567
569
|
|
570
|
+
# @param [Http::Request] req
|
571
|
+
# @return [Http::Request]
|
572
|
+
# @api private
|
573
|
+
def sign_request req
|
574
|
+
req
|
575
|
+
end
|
576
|
+
|
568
577
|
def user_agent_string
|
569
578
|
engine = (RUBY_ENGINE rescue nil or "ruby")
|
570
579
|
user_agent = "%s aws-sdk-ruby/#{VERSION} %s/%s %s" %
|
@@ -675,6 +684,23 @@ module AWS
|
|
675
684
|
YAML.load(File.read(path))
|
676
685
|
end
|
677
686
|
|
687
|
+
# @param [Symbol] version
|
688
|
+
# @param [String,nil] service_signing_name Required for `:Version4`
|
689
|
+
# @api private
|
690
|
+
def signature_version version, service_signing_name = nil
|
691
|
+
define_method(:sign_request) do |req|
|
692
|
+
@signer ||= begin
|
693
|
+
signer_class = AWS::Core::Signers.const_get(version)
|
694
|
+
signer_args = (version == :Version4) ?
|
695
|
+
[credential_provider, service_signing_name, @region] :
|
696
|
+
[credential_provider]
|
697
|
+
signer_class.new(*signer_args)
|
698
|
+
end
|
699
|
+
@signer.sign_request(req)
|
700
|
+
req
|
701
|
+
end
|
702
|
+
end
|
703
|
+
|
678
704
|
# Defines one method for each service operation described in
|
679
705
|
# the API configuration.
|
680
706
|
# @param [String] api_version
|
@@ -437,7 +437,7 @@ module AWS
|
|
437
437
|
else
|
438
438
|
'us-gov-west-1' # e.g. iam.us-gov.amazonaws.com
|
439
439
|
end
|
440
|
-
elsif matches = endpoint.match(/^.+?[.-](.+)\.amazonaws.com
|
440
|
+
elsif matches = endpoint.match(/^.+?[.-](.+)\.amazonaws.com/)
|
441
441
|
matches[1]
|
442
442
|
else
|
443
443
|
AWS.const_get(name).global_endpoint? ? 'us-east-1' : config.region
|
@@ -89,6 +89,7 @@ module AWS
|
|
89
89
|
# @api private
|
90
90
|
attr_accessor :continue_timeout
|
91
91
|
|
92
|
+
# @api private
|
92
93
|
def endpoint
|
93
94
|
scheme = use_ssl ? 'https' : 'http'
|
94
95
|
port = case scheme
|
@@ -237,7 +238,7 @@ module AWS
|
|
237
238
|
end
|
238
239
|
|
239
240
|
def encoded
|
240
|
-
value ? "#{escape(name)}=#{escape(value)}" : escape(name)
|
241
|
+
value ? "#{escape(name)}=#{escape(value)}" : "#{escape(name)}="
|
241
242
|
end
|
242
243
|
|
243
244
|
end
|
@@ -0,0 +1,46 @@
|
|
1
|
+
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
+
# may not use this file except in compliance with the License. A copy of
|
5
|
+
# the License is located at
|
6
|
+
#
|
7
|
+
# http://aws.amazon.com/apache2.0/
|
8
|
+
#
|
9
|
+
# or in the "license" file accompanying this file. This file is
|
10
|
+
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
+
# ANY KIND, either express or implied. See the License for the specific
|
12
|
+
# language governing permissions and limitations under the License.
|
13
|
+
|
14
|
+
require 'base64'
|
15
|
+
|
16
|
+
module AWS
|
17
|
+
module Core
|
18
|
+
module Signers
|
19
|
+
# @api private
|
20
|
+
module Base
|
21
|
+
|
22
|
+
# Signs a string using the credentials stored in memory.
|
23
|
+
# @param [String] secret Usually an AWS secret access key.
|
24
|
+
# @param [String] string_to_sign The string to sign.
|
25
|
+
# @param [String] digest_method The digest method to use when
|
26
|
+
# computing the HMAC digest.
|
27
|
+
# @return [String] Returns the computed signature.
|
28
|
+
def sign secret, string_to_sign, digest_method = 'sha256'
|
29
|
+
Base64.encode64(hmac(secret, string_to_sign, digest_method)).strip
|
30
|
+
end
|
31
|
+
module_function :sign
|
32
|
+
|
33
|
+
# Computes an HMAC digest of the passed string.
|
34
|
+
# @param [String] key
|
35
|
+
# @param [String] value
|
36
|
+
# @param [String] digest ('sha256')
|
37
|
+
# @return [String]
|
38
|
+
def hmac key, value, digest = 'sha256'
|
39
|
+
OpenSSL::HMAC.digest(OpenSSL::Digest::Digest.new(digest), key, value)
|
40
|
+
end
|
41
|
+
module_function :hmac
|
42
|
+
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
@@ -0,0 +1,56 @@
|
|
1
|
+
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
+
# may not use this file except in compliance with the License. A copy of
|
5
|
+
# the License is located at
|
6
|
+
#
|
7
|
+
# http://aws.amazon.com/apache2.0/
|
8
|
+
#
|
9
|
+
# or in the "license" file accompanying this file. This file is
|
10
|
+
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
+
# ANY KIND, either express or implied. See the License for the specific
|
12
|
+
# language governing permissions and limitations under the License.
|
13
|
+
|
14
|
+
require 'time'
|
15
|
+
|
16
|
+
module AWS
|
17
|
+
module Core
|
18
|
+
module Signers
|
19
|
+
class CloudFront
|
20
|
+
|
21
|
+
include Base
|
22
|
+
|
23
|
+
# @param [CredentialProviders::Provider] credentials
|
24
|
+
def initialize credentials
|
25
|
+
@credentials = credentials
|
26
|
+
end
|
27
|
+
|
28
|
+
# @return [CredentialProviders::Provider]
|
29
|
+
attr_reader :credentials
|
30
|
+
|
31
|
+
# @param [Http::Request] req
|
32
|
+
# @return [Http::Request]
|
33
|
+
def sign_request req
|
34
|
+
req.headers['x-amz-security-token'] = credentials.session_token if
|
35
|
+
credentials.session_token
|
36
|
+
req.headers['authorization'] =
|
37
|
+
"AWS #{credentials.access_key_id}:#{signature(req)}"
|
38
|
+
req
|
39
|
+
end
|
40
|
+
|
41
|
+
private
|
42
|
+
|
43
|
+
# @param [Http::Request] req
|
44
|
+
def signature req
|
45
|
+
sign(credentials.secret_access_key, string_to_sign(req), 'sha1')
|
46
|
+
end
|
47
|
+
|
48
|
+
# @param [Http::Request] req
|
49
|
+
def string_to_sign req
|
50
|
+
req.headers['date'] ||= Time.now.httpdate
|
51
|
+
end
|
52
|
+
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
@@ -0,0 +1,159 @@
|
|
1
|
+
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
+
# may not use this file except in compliance with the License. A copy of
|
5
|
+
# the License is located at
|
6
|
+
#
|
7
|
+
# http://aws.amazon.com/apache2.0/
|
8
|
+
#
|
9
|
+
# or in the "license" file accompanying this file. This file is
|
10
|
+
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
+
# ANY KIND, either express or implied. See the License for the specific
|
12
|
+
# language governing permissions and limitations under the License.
|
13
|
+
|
14
|
+
module AWS
|
15
|
+
module Core
|
16
|
+
module Signers
|
17
|
+
# @api private
|
18
|
+
class S3
|
19
|
+
|
20
|
+
SUB_RESOURCES = %w(
|
21
|
+
acl location logging notification partNumber policy
|
22
|
+
requestPayment torrent uploadId uploads versionId
|
23
|
+
versioning versions restore delete lifecycle tagging cors
|
24
|
+
website
|
25
|
+
)
|
26
|
+
|
27
|
+
QUERY_PARAMS = %w(
|
28
|
+
response-content-type response-content-language
|
29
|
+
response-expires response-cache-control
|
30
|
+
response-content-disposition response-content-encoding
|
31
|
+
)
|
32
|
+
|
33
|
+
# @param [CredentialProviders::Provider] credentials
|
34
|
+
def initialize credentials
|
35
|
+
@credentials = credentials
|
36
|
+
end
|
37
|
+
|
38
|
+
# @return [CredentialProviders::Provider]
|
39
|
+
attr_reader :credentials
|
40
|
+
|
41
|
+
# @param [Http::Request] req
|
42
|
+
# @return [Http::Request]
|
43
|
+
def sign_request req
|
44
|
+
if token = credentials.session_token
|
45
|
+
req.headers["x-amz-security-token"] = token
|
46
|
+
end
|
47
|
+
req.headers["authorization"] = authorization(req)
|
48
|
+
end
|
49
|
+
|
50
|
+
private
|
51
|
+
|
52
|
+
def authorization req
|
53
|
+
"AWS #{credentials.access_key_id}:#{signature(req)}"
|
54
|
+
end
|
55
|
+
|
56
|
+
def signature req
|
57
|
+
secret = credentials.secret_access_key
|
58
|
+
signature = self.class.string_to_sign(req)
|
59
|
+
signature = Base.sign(credentials.secret_access_key, signature, 'sha1')
|
60
|
+
URI.escape(signature)
|
61
|
+
end
|
62
|
+
|
63
|
+
class << self
|
64
|
+
|
65
|
+
# From the S3 developer guide:
|
66
|
+
#
|
67
|
+
# StringToSign =
|
68
|
+
# HTTP-Verb ` "\n" `
|
69
|
+
# content-md5 ` "\n" `
|
70
|
+
# content-type ` "\n" `
|
71
|
+
# date ` "\n" `
|
72
|
+
# CanonicalizedAmzHeaders + CanonicalizedResource;
|
73
|
+
#
|
74
|
+
def string_to_sign req
|
75
|
+
[
|
76
|
+
req.http_method,
|
77
|
+
req.headers.values_at('content-md5', 'content-type').join("\n"),
|
78
|
+
signing_string_date(req),
|
79
|
+
canonicalized_headers(req),
|
80
|
+
canonicalized_resource(req),
|
81
|
+
].flatten.compact.join("\n")
|
82
|
+
end
|
83
|
+
|
84
|
+
def signing_string_date req
|
85
|
+
# if a date is provided via x-amz-date then we should omit the
|
86
|
+
# Date header from the signing string (should appear as a blank line)
|
87
|
+
if req.headers.detect{|k,v| k.to_s =~ /^x-amz-date$/i }
|
88
|
+
''
|
89
|
+
else
|
90
|
+
req.headers['date'] ||= Time.now.httpdate
|
91
|
+
end
|
92
|
+
end
|
93
|
+
|
94
|
+
# CanonicalizedAmzHeaders
|
95
|
+
#
|
96
|
+
# See the developer guide for more information on how this element
|
97
|
+
# is generated.
|
98
|
+
#
|
99
|
+
def canonicalized_headers req
|
100
|
+
x_amz = req.headers.select{|k, v| k.to_s =~ /^x-amz-/i }
|
101
|
+
x_amz = x_amz.collect{|k, v| [k.downcase, v] }
|
102
|
+
x_amz = x_amz.sort_by{|k, v| k }
|
103
|
+
x_amz = x_amz.collect{|k, v| "#{k}:#{v.to_s.strip}" }.join("\n")
|
104
|
+
x_amz == '' ? nil : x_amz
|
105
|
+
end
|
106
|
+
|
107
|
+
# From the S3 developer guide
|
108
|
+
#
|
109
|
+
# CanonicalizedResource =
|
110
|
+
# [ "/" ` Bucket ] `
|
111
|
+
# <HTTP-Request-URI, protocol name up to the querystring> +
|
112
|
+
# [ sub-resource, if present. e.g. "?acl", "?location",
|
113
|
+
# "?logging", or "?torrent"];
|
114
|
+
#
|
115
|
+
# @api private
|
116
|
+
def canonicalized_resource req
|
117
|
+
|
118
|
+
parts = []
|
119
|
+
|
120
|
+
# virtual hosted-style requests require the hostname to appear
|
121
|
+
# in the canonicalized resource prefixed by a forward slash.
|
122
|
+
if
|
123
|
+
AWS::S3::Client.dns_compatible_bucket_name?(req.bucket) and
|
124
|
+
!req.path_style?
|
125
|
+
then
|
126
|
+
parts << "/#{req.bucket}"
|
127
|
+
end
|
128
|
+
|
129
|
+
# all requests require the portion of the un-decoded uri up to
|
130
|
+
# but not including the query string
|
131
|
+
parts << req.path
|
132
|
+
|
133
|
+
# lastly any sub resource querystring params need to be appened
|
134
|
+
# in lexigraphical ordered joined by '&' and prefixed by '?'
|
135
|
+
params =
|
136
|
+
sub_resource_params(req) +
|
137
|
+
query_parameters_for_signature(req)
|
138
|
+
|
139
|
+
unless params.empty?
|
140
|
+
parts << '?'
|
141
|
+
parts << params.sort.collect{|p| p.to_s }.join('&')
|
142
|
+
end
|
143
|
+
|
144
|
+
parts.join
|
145
|
+
end
|
146
|
+
|
147
|
+
def sub_resource_params req
|
148
|
+
req.params.select{|p| SUB_RESOURCES.include?(p.name) }
|
149
|
+
end
|
150
|
+
|
151
|
+
def query_parameters_for_signature req
|
152
|
+
req.params.select { |p| QUERY_PARAMS.include?(p.name) }
|
153
|
+
end
|
154
|
+
|
155
|
+
end
|
156
|
+
end
|
157
|
+
end
|
158
|
+
end
|
159
|
+
end
|