aws-sdk 1.30.1 → 1.31.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +6 -3
- data/lib/aws/api_config/CloudFront-2013-11-11.yml +2886 -0
- data/lib/aws/api_config/CloudTrail-2013-11-01.yml +36 -0
- data/lib/aws/api_config/ElasticTranscoder-2012-09-25.yml +67 -446
- data/lib/aws/auto_scaling.rb +0 -1
- data/lib/aws/auto_scaling/client.rb +2 -0
- data/lib/aws/cloud_formation.rb +0 -1
- data/lib/aws/cloud_formation/client.rb +2 -0
- data/lib/aws/cloud_front.rb +0 -1
- data/lib/aws/cloud_front/client.rb +6 -6
- data/lib/aws/cloud_search.rb +0 -1
- data/lib/aws/cloud_search/client.rb +3 -0
- data/lib/aws/cloud_trail.rb +0 -1
- data/lib/aws/cloud_trail/client.rb +2 -0
- data/lib/aws/cloud_watch.rb +0 -1
- data/lib/aws/cloud_watch/client.rb +2 -0
- data/lib/aws/core.rb +8 -6
- data/lib/aws/core/client.rb +30 -4
- data/lib/aws/core/configuration.rb +1 -1
- data/lib/aws/core/http/request.rb +2 -1
- data/lib/aws/core/signers/base.rb +46 -0
- data/lib/aws/core/signers/cloud_front.rb +56 -0
- data/lib/aws/core/signers/s3.rb +159 -0
- data/lib/aws/core/signers/version_2.rb +72 -0
- data/lib/aws/core/signers/version_3.rb +86 -0
- data/lib/aws/core/signers/version_3_https.rb +61 -0
- data/lib/aws/core/signers/version_4.rb +228 -0
- data/lib/aws/core/signers/version_4/chunk_signed_stream.rb +191 -0
- data/lib/aws/data_pipeline.rb +0 -1
- data/lib/aws/data_pipeline/client.rb +3 -0
- data/lib/aws/direct_connect.rb +0 -1
- data/lib/aws/direct_connect/client.rb +3 -0
- data/lib/aws/dynamo_db.rb +0 -1
- data/lib/aws/dynamo_db/client.rb +2 -0
- data/lib/aws/ec2.rb +0 -1
- data/lib/aws/ec2/client.rb +21 -0
- data/lib/aws/elastic_beanstalk.rb +0 -1
- data/lib/aws/elastic_beanstalk/client.rb +3 -0
- data/lib/aws/elastic_transcoder.rb +0 -1
- data/lib/aws/elastic_transcoder/client.rb +2 -0
- data/lib/aws/elasticache.rb +0 -1
- data/lib/aws/elasticache/client.rb +2 -0
- data/lib/aws/elb.rb +0 -1
- data/lib/aws/elb/client.rb +2 -0
- data/lib/aws/emr.rb +0 -1
- data/lib/aws/emr/client.rb +2 -0
- data/lib/aws/glacier.rb +0 -1
- data/lib/aws/glacier/client.rb +2 -0
- data/lib/aws/iam.rb +0 -1
- data/lib/aws/iam/client.rb +2 -0
- data/lib/aws/import_export.rb +0 -1
- data/lib/aws/import_export/client.rb +2 -0
- data/lib/aws/kinesis.rb +0 -1
- data/lib/aws/kinesis/client.rb +2 -0
- data/lib/aws/ops_works.rb +0 -1
- data/lib/aws/ops_works/client.rb +2 -0
- data/lib/aws/rds.rb +0 -1
- data/lib/aws/rds/client.rb +2 -0
- data/lib/aws/redshift.rb +0 -1
- data/lib/aws/redshift/client.rb +2 -0
- data/lib/aws/route_53.rb +0 -1
- data/lib/aws/route_53/client.rb +2 -0
- data/lib/aws/s3.rb +1 -0
- data/lib/aws/s3/bucket_collection.rb +9 -7
- data/lib/aws/s3/client.rb +70 -9
- data/lib/aws/s3/config.rb +12 -0
- data/lib/aws/s3/object_collection.rb +4 -9
- data/lib/aws/s3/presign_v4.rb +127 -0
- data/lib/aws/s3/presigned_post.rb +1 -1
- data/lib/aws/s3/request.rb +0 -136
- data/lib/aws/s3/s3_object.rb +40 -19
- data/lib/aws/simple_db.rb +0 -1
- data/lib/aws/simple_db/client.rb +2 -0
- data/lib/aws/simple_email_service.rb +0 -1
- data/lib/aws/simple_email_service/client.rb +2 -0
- data/lib/aws/simple_workflow.rb +0 -1
- data/lib/aws/simple_workflow/client.rb +2 -0
- data/lib/aws/sns.rb +0 -1
- data/lib/aws/sns/client.rb +2 -0
- data/lib/aws/sqs.rb +0 -1
- data/lib/aws/sqs/client.rb +2 -0
- data/lib/aws/storage_gateway.rb +0 -1
- data/lib/aws/storage_gateway/client.rb +2 -0
- data/lib/aws/sts.rb +0 -1
- data/lib/aws/sts/client.rb +2 -0
- data/lib/aws/support.rb +0 -1
- data/lib/aws/support/client.rb +2 -0
- data/lib/aws/version.rb +1 -1
- metadata +12 -38
- data/lib/aws/auto_scaling/request.rb +0 -29
- data/lib/aws/cloud_formation/request.rb +0 -29
- data/lib/aws/cloud_front/request.rb +0 -30
- data/lib/aws/cloud_search/request.rb +0 -23
- data/lib/aws/cloud_trail/request.rb +0 -30
- data/lib/aws/cloud_watch/request.rb +0 -29
- data/lib/aws/core/signature/version_2.rb +0 -56
- data/lib/aws/core/signature/version_3.rb +0 -77
- data/lib/aws/core/signature/version_3_https.rb +0 -54
- data/lib/aws/core/signature/version_4.rb +0 -135
- data/lib/aws/core/signer.rb +0 -46
- data/lib/aws/data_pipeline/request.rb +0 -26
- data/lib/aws/direct_connect/request.rb +0 -27
- data/lib/aws/dynamo_db/request.rb +0 -26
- data/lib/aws/ec2/request.rb +0 -21
- data/lib/aws/elastic_beanstalk/request.rb +0 -29
- data/lib/aws/elastic_transcoder/request.rb +0 -30
- data/lib/aws/elasticache/request.rb +0 -23
- data/lib/aws/elb/request.rb +0 -29
- data/lib/aws/emr/request.rb +0 -28
- data/lib/aws/glacier/request.rb +0 -29
- data/lib/aws/iam/request.rb +0 -29
- data/lib/aws/import_export/request.rb +0 -23
- data/lib/aws/kinesis/request.rb +0 -26
- data/lib/aws/ops_works/request.rb +0 -27
- data/lib/aws/rds/request.rb +0 -29
- data/lib/aws/redshift/request.rb +0 -29
- data/lib/aws/route_53/request.rb +0 -23
- data/lib/aws/simple_db/request.rb +0 -23
- data/lib/aws/simple_email_service/request.rb +0 -27
- data/lib/aws/simple_workflow/request.rb +0 -28
- data/lib/aws/sns/request.rb +0 -29
- data/lib/aws/sqs/request.rb +0 -31
- data/lib/aws/storage_gateway/request.rb +0 -28
- data/lib/aws/sts/request.rb +0 -29
- data/lib/aws/support/request.rb +0 -27
@@ -1,29 +0,0 @@
|
|
1
|
-
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
-
#
|
3
|
-
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
-
# may not use this file except in compliance with the License. A copy of
|
5
|
-
# the License is located at
|
6
|
-
#
|
7
|
-
# http://aws.amazon.com/apache2.0/
|
8
|
-
#
|
9
|
-
# or in the "license" file accompanying this file. This file is
|
10
|
-
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
-
# ANY KIND, either express or implied. See the License for the specific
|
12
|
-
# language governing permissions and limitations under the License.
|
13
|
-
|
14
|
-
module AWS
|
15
|
-
class AutoScaling
|
16
|
-
|
17
|
-
# @api private
|
18
|
-
class Request < Core::Http::Request
|
19
|
-
|
20
|
-
include Core::Signature::Version4
|
21
|
-
|
22
|
-
def service
|
23
|
-
'autoscaling'
|
24
|
-
end
|
25
|
-
|
26
|
-
end
|
27
|
-
|
28
|
-
end
|
29
|
-
end
|
@@ -1,29 +0,0 @@
|
|
1
|
-
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
-
#
|
3
|
-
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
-
# may not use this file except in compliance with the License. A copy of
|
5
|
-
# the License is located at
|
6
|
-
#
|
7
|
-
# http://aws.amazon.com/apache2.0/
|
8
|
-
#
|
9
|
-
# or in the "license" file accompanying this file. This file is
|
10
|
-
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
-
# ANY KIND, either express or implied. See the License for the specific
|
12
|
-
# language governing permissions and limitations under the License.
|
13
|
-
|
14
|
-
module AWS
|
15
|
-
class CloudFormation
|
16
|
-
|
17
|
-
# @api private
|
18
|
-
class Request < Core::Http::Request
|
19
|
-
|
20
|
-
include Core::Signature::Version4
|
21
|
-
|
22
|
-
def service
|
23
|
-
'cloudformation'
|
24
|
-
end
|
25
|
-
|
26
|
-
end
|
27
|
-
|
28
|
-
end
|
29
|
-
end
|
@@ -1,30 +0,0 @@
|
|
1
|
-
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
-
#
|
3
|
-
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
-
# may not use this file except in compliance with the License. A copy of
|
5
|
-
# the License is located at
|
6
|
-
#
|
7
|
-
# http://aws.amazon.com/apache2.0/
|
8
|
-
#
|
9
|
-
# or in the "license" file accompanying this file. This file is
|
10
|
-
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
-
# ANY KIND, either express or implied. See the License for the specific
|
12
|
-
# language governing permissions and limitations under the License.
|
13
|
-
|
14
|
-
require 'time'
|
15
|
-
|
16
|
-
module AWS
|
17
|
-
class CloudFront
|
18
|
-
|
19
|
-
# @api private
|
20
|
-
class Request < Core::Http::Request
|
21
|
-
|
22
|
-
include Core::Signature::Version4
|
23
|
-
|
24
|
-
def service
|
25
|
-
'cloudfront'
|
26
|
-
end
|
27
|
-
|
28
|
-
end
|
29
|
-
end
|
30
|
-
end
|
@@ -1,23 +0,0 @@
|
|
1
|
-
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
-
#
|
3
|
-
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
-
# may not use this file except in compliance with the License. A copy of
|
5
|
-
# the License is located at
|
6
|
-
#
|
7
|
-
# http://aws.amazon.com/apache2.0/
|
8
|
-
#
|
9
|
-
# or in the "license" file accompanying this file. This file is
|
10
|
-
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
-
# ANY KIND, either express or implied. See the License for the specific
|
12
|
-
# language governing permissions and limitations under the License.
|
13
|
-
|
14
|
-
module AWS
|
15
|
-
class CloudSearch
|
16
|
-
|
17
|
-
# @api private
|
18
|
-
class Request < Core::Http::Request
|
19
|
-
include Core::Signature::Version2
|
20
|
-
end
|
21
|
-
|
22
|
-
end
|
23
|
-
end
|
@@ -1,30 +0,0 @@
|
|
1
|
-
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
-
#
|
3
|
-
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
-
# may not use this file except in compliance with the License. A copy of
|
5
|
-
# the License is located at
|
6
|
-
#
|
7
|
-
# http://aws.amazon.com/apache2.0/
|
8
|
-
#
|
9
|
-
# or in the "license" file accompanying this file. This file is
|
10
|
-
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
-
# ANY KIND, either express or implied. See the License for the specific
|
12
|
-
# language governing permissions and limitations under the License.
|
13
|
-
|
14
|
-
require 'time'
|
15
|
-
|
16
|
-
module AWS
|
17
|
-
class CloudTrail
|
18
|
-
|
19
|
-
# @api private
|
20
|
-
class Request < Core::Http::Request
|
21
|
-
|
22
|
-
include Core::Signature::Version4
|
23
|
-
|
24
|
-
def service
|
25
|
-
'cloudtrail'
|
26
|
-
end
|
27
|
-
|
28
|
-
end
|
29
|
-
end
|
30
|
-
end
|
@@ -1,29 +0,0 @@
|
|
1
|
-
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
-
#
|
3
|
-
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
-
# may not use this file except in compliance with the License. A copy of
|
5
|
-
# the License is located at
|
6
|
-
#
|
7
|
-
# http://aws.amazon.com/apache2.0/
|
8
|
-
#
|
9
|
-
# or in the "license" file accompanying this file. This file is
|
10
|
-
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
-
# ANY KIND, either express or implied. See the License for the specific
|
12
|
-
# language governing permissions and limitations under the License.
|
13
|
-
|
14
|
-
module AWS
|
15
|
-
class CloudWatch
|
16
|
-
|
17
|
-
# @api private
|
18
|
-
class Request < Core::Http::Request
|
19
|
-
|
20
|
-
include Core::Signature::Version4
|
21
|
-
|
22
|
-
def service
|
23
|
-
'monitoring'
|
24
|
-
end
|
25
|
-
|
26
|
-
end
|
27
|
-
|
28
|
-
end
|
29
|
-
end
|
@@ -1,56 +0,0 @@
|
|
1
|
-
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
-
#
|
3
|
-
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
-
# may not use this file except in compliance with the License. A copy of
|
5
|
-
# the License is located at
|
6
|
-
#
|
7
|
-
# http://aws.amazon.com/apache2.0/
|
8
|
-
#
|
9
|
-
# or in the "license" file accompanying this file. This file is
|
10
|
-
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
-
# ANY KIND, either express or implied. See the License for the specific
|
12
|
-
# language governing permissions and limitations under the License.
|
13
|
-
|
14
|
-
module AWS
|
15
|
-
module Core
|
16
|
-
module Signature
|
17
|
-
module Version2
|
18
|
-
|
19
|
-
def add_authorization! credentials
|
20
|
-
add_param('AWSAccessKeyId', credentials.access_key_id)
|
21
|
-
if token = credentials.session_token
|
22
|
-
add_param("SecurityToken", token)
|
23
|
-
end
|
24
|
-
add_param('SignatureVersion', '2')
|
25
|
-
add_param('SignatureMethod', 'HmacSHA256')
|
26
|
-
add_param('Signature', signature(credentials))
|
27
|
-
self.body = url_encoded_params
|
28
|
-
end
|
29
|
-
|
30
|
-
protected
|
31
|
-
|
32
|
-
def signature credentials
|
33
|
-
Signer.sign(credentials.secret_access_key, string_to_sign)
|
34
|
-
end
|
35
|
-
|
36
|
-
def string_to_sign
|
37
|
-
|
38
|
-
host =
|
39
|
-
case port
|
40
|
-
when 80, 443 then self.host
|
41
|
-
else "#{self.host}:#{port}"
|
42
|
-
end
|
43
|
-
|
44
|
-
[
|
45
|
-
http_method,
|
46
|
-
host.to_s.downcase,
|
47
|
-
path,
|
48
|
-
params.sort.collect { |p| p.encoded }.join('&'),
|
49
|
-
].join("\n")
|
50
|
-
|
51
|
-
end
|
52
|
-
|
53
|
-
end
|
54
|
-
end
|
55
|
-
end
|
56
|
-
end
|
@@ -1,77 +0,0 @@
|
|
1
|
-
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
-
#
|
3
|
-
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
-
# may not use this file except in compliance with the License. A copy of
|
5
|
-
# the License is located at
|
6
|
-
#
|
7
|
-
# http://aws.amazon.com/apache2.0/
|
8
|
-
#
|
9
|
-
# or in the "license" file accompanying this file. This file is
|
10
|
-
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
-
# ANY KIND, either express or implied. See the License for the specific
|
12
|
-
# language governing permissions and limitations under the License.
|
13
|
-
|
14
|
-
require 'openssl'
|
15
|
-
require 'time'
|
16
|
-
|
17
|
-
module AWS
|
18
|
-
module Core
|
19
|
-
module Signature
|
20
|
-
module Version3
|
21
|
-
|
22
|
-
def self.included base
|
23
|
-
base.send(:include, Signer)
|
24
|
-
end
|
25
|
-
|
26
|
-
def add_authorization! credentials
|
27
|
-
|
28
|
-
headers["x-amz-date"] ||= (headers["date"] ||= Time.now.httpdate)
|
29
|
-
headers["host"] ||= host
|
30
|
-
|
31
|
-
headers["x-amz-security-token"] = credentials.session_token if
|
32
|
-
credentials.session_token
|
33
|
-
|
34
|
-
# compute the authorization
|
35
|
-
headers["x-amzn-authorization"] =
|
36
|
-
"AWS3 "+
|
37
|
-
"AWSAccessKeyId=#{credentials.access_key_id},"+
|
38
|
-
"Algorithm=HmacSHA256,"+
|
39
|
-
"SignedHeaders=#{headers_to_sign.join(';')},"+
|
40
|
-
"Signature=#{signature(credentials)}"
|
41
|
-
end
|
42
|
-
|
43
|
-
protected
|
44
|
-
|
45
|
-
def signature credentials
|
46
|
-
Signer.sign(credentials.secret_access_key, string_to_sign)
|
47
|
-
end
|
48
|
-
|
49
|
-
def string_to_sign
|
50
|
-
OpenSSL::Digest::SHA256.digest([
|
51
|
-
http_method,
|
52
|
-
"/",
|
53
|
-
"",
|
54
|
-
canonical_headers,
|
55
|
-
body
|
56
|
-
].join("\n"))
|
57
|
-
end
|
58
|
-
|
59
|
-
def canonical_headers
|
60
|
-
headers_to_sign.map do |name|
|
61
|
-
value = headers[name]
|
62
|
-
"#{name.downcase.strip}:#{value.strip}\n"
|
63
|
-
end.sort.join
|
64
|
-
end
|
65
|
-
|
66
|
-
def headers_to_sign
|
67
|
-
headers.keys.select do |header|
|
68
|
-
header == "host" ||
|
69
|
-
header == "content-encoding" ||
|
70
|
-
header =~ /^x-amz/
|
71
|
-
end
|
72
|
-
end
|
73
|
-
|
74
|
-
end
|
75
|
-
end
|
76
|
-
end
|
77
|
-
end
|
@@ -1,54 +0,0 @@
|
|
1
|
-
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
-
#
|
3
|
-
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
-
# may not use this file except in compliance with the License. A copy of
|
5
|
-
# the License is located at
|
6
|
-
#
|
7
|
-
# http://aws.amazon.com/apache2.0/
|
8
|
-
#
|
9
|
-
# or in the "license" file accompanying this file. This file is
|
10
|
-
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
-
# ANY KIND, either express or implied. See the License for the specific
|
12
|
-
# language governing permissions and limitations under the License.
|
13
|
-
|
14
|
-
require 'time'
|
15
|
-
|
16
|
-
module AWS
|
17
|
-
module Core
|
18
|
-
module Signature
|
19
|
-
module Version3HTTPS
|
20
|
-
|
21
|
-
def self.included base
|
22
|
-
base.send(:include, Signer)
|
23
|
-
end
|
24
|
-
|
25
|
-
def add_authorization! credentials
|
26
|
-
|
27
|
-
self.access_key_id = credentials.access_key_id
|
28
|
-
|
29
|
-
parts = []
|
30
|
-
parts << "AWS3-HTTPS AWSAccessKeyId=#{access_key_id}"
|
31
|
-
parts << "Algorithm=HmacSHA256"
|
32
|
-
parts << "Signature=#{signature(credentials)}"
|
33
|
-
headers['x-amzn-authorization'] = parts.join(',')
|
34
|
-
|
35
|
-
headers['x-amz-security-token'] = credentials.session_token if
|
36
|
-
credentials.session_token
|
37
|
-
|
38
|
-
end
|
39
|
-
|
40
|
-
protected
|
41
|
-
|
42
|
-
def signature credentials
|
43
|
-
Signer.sign(credentials.secret_access_key, string_to_sign)
|
44
|
-
end
|
45
|
-
|
46
|
-
def string_to_sign
|
47
|
-
headers['date'] ||= Time.now.httpdate
|
48
|
-
end
|
49
|
-
|
50
|
-
end
|
51
|
-
end
|
52
|
-
end
|
53
|
-
end
|
54
|
-
|
@@ -1,135 +0,0 @@
|
|
1
|
-
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
-
#
|
3
|
-
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
-
# may not use this file except in compliance with the License. A copy of
|
5
|
-
# the License is located at
|
6
|
-
#
|
7
|
-
# http://aws.amazon.com/apache2.0/
|
8
|
-
#
|
9
|
-
# or in the "license" file accompanying this file. This file is
|
10
|
-
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
-
# ANY KIND, either express or implied. See the License for the specific
|
12
|
-
# language governing permissions and limitations under the License.
|
13
|
-
|
14
|
-
require 'time'
|
15
|
-
require 'openssl'
|
16
|
-
require 'digest'
|
17
|
-
|
18
|
-
module AWS
|
19
|
-
module Core
|
20
|
-
module Signature
|
21
|
-
module Version4
|
22
|
-
|
23
|
-
def self.included base
|
24
|
-
base.send(:include, Signer)
|
25
|
-
end
|
26
|
-
|
27
|
-
def add_authorization! credentials
|
28
|
-
datetime = Time.now.utc.strftime("%Y%m%dT%H%M%SZ")
|
29
|
-
headers['content-type'] ||= 'application/x-www-form-urlencoded'
|
30
|
-
headers['host'] = host
|
31
|
-
headers['x-amz-date'] = datetime
|
32
|
-
headers['x-amz-security-token'] = credentials.session_token if
|
33
|
-
credentials.session_token
|
34
|
-
headers['x-amz-content-sha256'] ||= hexdigest(body || '')
|
35
|
-
headers['authorization'] = authorization(credentials, datetime)
|
36
|
-
end
|
37
|
-
|
38
|
-
protected
|
39
|
-
|
40
|
-
def authorization credentials, datetime
|
41
|
-
parts = []
|
42
|
-
parts << "AWS4-HMAC-SHA256 Credential=#{credentials.access_key_id}/#{credential_string(datetime)}"
|
43
|
-
parts << "SignedHeaders=#{signed_headers}"
|
44
|
-
parts << "Signature=#{signature(credentials, datetime)}"
|
45
|
-
parts.join(', ')
|
46
|
-
end
|
47
|
-
|
48
|
-
def signature credentials, datetime
|
49
|
-
k_secret = credentials.secret_access_key
|
50
|
-
k_date = hmac("AWS4" + k_secret, datetime[0,8])
|
51
|
-
k_region = hmac(k_date, region)
|
52
|
-
k_service = hmac(k_region, service)
|
53
|
-
k_credentials = hmac(k_service, 'aws4_request')
|
54
|
-
hexhmac(k_credentials, string_to_sign(datetime))
|
55
|
-
end
|
56
|
-
|
57
|
-
def string_to_sign datetime
|
58
|
-
parts = []
|
59
|
-
parts << 'AWS4-HMAC-SHA256'
|
60
|
-
parts << datetime
|
61
|
-
parts << credential_string(datetime)
|
62
|
-
parts << hexdigest(canonical_request)
|
63
|
-
parts.join("\n")
|
64
|
-
end
|
65
|
-
|
66
|
-
def credential_string datetime
|
67
|
-
parts = []
|
68
|
-
parts << datetime[0,8]
|
69
|
-
parts << region
|
70
|
-
parts << service
|
71
|
-
parts << 'aws4_request'
|
72
|
-
parts.join("/")
|
73
|
-
end
|
74
|
-
|
75
|
-
def canonical_request
|
76
|
-
parts = []
|
77
|
-
parts << http_method
|
78
|
-
parts << path
|
79
|
-
parts << querystring
|
80
|
-
parts << canonical_headers + "\n"
|
81
|
-
parts << signed_headers
|
82
|
-
parts << headers['x-amz-content-sha256']
|
83
|
-
parts.join("\n")
|
84
|
-
end
|
85
|
-
|
86
|
-
def service
|
87
|
-
# this method is implemented in the request class for each service
|
88
|
-
raise NotImplementedError
|
89
|
-
end
|
90
|
-
|
91
|
-
def signed_headers
|
92
|
-
to_sign = headers.keys.map{|k| k.to_s.downcase }
|
93
|
-
to_sign.delete('authorization')
|
94
|
-
to_sign.sort.join(";")
|
95
|
-
end
|
96
|
-
|
97
|
-
def canonical_headers
|
98
|
-
headers = []
|
99
|
-
self.headers.each_pair do |k,v|
|
100
|
-
headers << [k,v] unless k == 'authorization'
|
101
|
-
end
|
102
|
-
headers = headers.sort_by(&:first)
|
103
|
-
headers.map{|k,v| "#{k}:#{canonical_header_values(v)}" }.join("\n")
|
104
|
-
end
|
105
|
-
|
106
|
-
def canonical_header_values values
|
107
|
-
values = [values] unless values.is_a?(Array)
|
108
|
-
values.map(&:to_s).join(',').gsub(/\s+/, ' ').strip
|
109
|
-
end
|
110
|
-
|
111
|
-
def hexdigest value
|
112
|
-
digest = Digest::SHA256.new
|
113
|
-
if value.respond_to?(:read)
|
114
|
-
chunk = nil
|
115
|
-
chunk_size = 1024 * 1024 # 1 megabyte
|
116
|
-
digest.update(chunk) while chunk = value.read(chunk_size)
|
117
|
-
value.rewind
|
118
|
-
else
|
119
|
-
digest.update(value)
|
120
|
-
end
|
121
|
-
digest.hexdigest
|
122
|
-
end
|
123
|
-
|
124
|
-
def hmac key, value
|
125
|
-
OpenSSL::HMAC.digest(OpenSSL::Digest::Digest.new('sha256'), key, value)
|
126
|
-
end
|
127
|
-
|
128
|
-
def hexhmac key, value
|
129
|
-
OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha256'), key, value)
|
130
|
-
end
|
131
|
-
|
132
|
-
end
|
133
|
-
end
|
134
|
-
end
|
135
|
-
end
|