awsraw 0.0.2 → 0.1.0

data/README.md

@@ -0,0 +1,56 @@
+# awsraw
+
+A client for [Amazon Web Services](http://www.amazonaws.com/) in the style of
+[FlickRaw](http://hanklords.github.com/flickraw/)
+
+## Background
+
+AWSRaw helps you make authenticated requests to AWS's various services. It
+doesn't provide any higher-level concepts like, for example, "delete this
+file from S3". Instead, you should understand S3's http API and know that
+sending a `DELETE` request to the bucket/key URL will result in the file
+being deleted.
+
+While these higher-level concepts can be useful (see, e.g.,
+[fog](https://github.com/fog/fog)), they can also get in the way. Being
+able to use a new AWS feature by simply following the AWS docs' examples
+directly is very nice, instead of having to dig deep into a higher-level
+library to figure out how they've mapped that new feature into their
+terminology and API.
+
+## Usage
+
+### S3
+
+Standard requests:
+
+```ruby
+require 'awsraw/s3/client'
+
+s3 = AWSRaw::S3::Client.new(
+       ENV['AWS_ACCESS_KEY_ID'],
+       ENV['AWS_SECRET_ACCESS_KEY'])
+
+s3.request(:method  => "PUT",
+           :bucket  => "mah-sekret-buckit",
+           :key     => "reaction.gif",
+           :content => File.read("reaction.gif"),
+           :headers => { "Content-Type" => "image/gif" })
+```
+
+Signed query-string requests, to allow authorized clients to get protected
+resources:
+
+```ruby
+require 'awsraw/s3/query_string_signer'
+
+signer = AWSRaw::S3::QueryStringSigner.new(
+           ENV['AWS_ACCESS_KEY_ID'],
+           ENV['AWS_SECRET_ACCESS_KEY'])
+
+url = "http://s3.amazonaws.com/mah-sekret-bucket/reaction.gif"
+expiry = Time.now.utc + 60 # 1 minute from now
+temporary_url = signer.sign_with_query_string(url, expiry.to_i)
+puts temporary_url
+  # => "http://s3.amazonaws.com/mah-sekret-bucket/reaction.gif?Signature=..."
+```

data/awsraw.gemspec

@@ -5,8 +5,8 @@ require "awsraw/version"
 Gem::Specification.new do |s|
   s.name        = "awsraw"
   s.version     = Awsraw::VERSION
-  s.authors     = ["Pete Yandell"]
-  s.email       = ["pete@notahat.com"]
+  s.authors     = ["Pete Yandell", "David Goodlad"]
+  s.email       = ["pete@notahat.com", "david@goodlad.net"]
   s.homepage    = "http://github.com/envato/awsraw"
   s.summary     = %q{Minimal AWS client}
   s.description = %q{A client for Amazon Web Services in the style of FlickRaw}

data/lib/awsraw/s3/query_string_signer.rb

@@ -0,0 +1,53 @@
+require 'awsraw/s3/signer'
+require 'cgi'
+
+module AWSRaw
+  module S3
+
+    # Generates a signed query string to make an authenticated S3 GET request
+    #
+    # See http://docs.amazonwebservices.com/AmazonS3/latest/dev/RESTAuthentication.html#RESTAuthenticationQueryStringAuth
+    #
+    # The Authorization header method is usually preferable, as implemented in
+    # AWSRaw::S3::Signer. However, you may have occasions where you need a
+    # simple "download URL", without having to tell your user-agent (browser,
+    # curl, wget, etc) about all the special AWS headers. The query string
+    # authentication method is useful in those cases.
+    class QueryStringSigner < Signer
+      def sign_with_query_string(url, expires)
+        query_string_hash = query_string_hash(url, expires)
+
+        uri = URI.parse(url)
+        uri.query = query_string_hash.map { |k,v| "#{k}=#{v}" }.join("&")
+        uri.to_s
+      end
+
+      def query_string_hash(url, expires)
+        string_to_sign = string_to_sign(url, expires)
+        signature = encoded_signature(string_to_sign)
+
+        {
+          "AWSAccessKeyId" => @access_key_id,
+          "Expires"        => expires.to_s,
+          "Signature"      => CGI.escape(signature)
+        }
+      end
+
+      def string_to_sign(url, expires)
+        [
+          "GET",
+          # Assume user-agent won't send Content-MD5 header
+          "",
+          # Assume user-agent won't send Content-Type header
+          "",
+          expires.to_s,
+          # Assume user-agent won't send any amz headers
+          canonicalized_amz_headers({}),
+          canonicalized_resource(URI.parse(url))
+        ].flatten.join("\n")
+      end
+
+    end
+
+  end
+end

data/lib/awsraw/s3/signer.rb

@@ -16,14 +16,20 @@ module AWSRaw
         @secret_access_key = secret_access_key
       end
 
-      def signature(request)
+      def authorization_header_value(request)
         string_to_sign = string_to_sign(request)
+        signature = encoded_signature(string_to_sign)
 
+        "AWS #{@access_key_id}:#{signature}"
+      end
+
+      # Backwards compatibility
+      alias_method :signature, :authorization_header_value
+
+      def encoded_signature(string_to_sign)
         digest    = OpenSSL::Digest::Digest.new("sha1")
         sha       = OpenSSL::HMAC.digest(digest, @secret_access_key, string_to_sign)
         signature = Base64.encode64(sha).strip
-
-        "AWS #{@access_key_id}:#{signature}"
       end
 
       def string_to_sign(request)

data/lib/awsraw/version.rb

@@ -1,3 +1,3 @@
 module Awsraw
-  VERSION = "0.0.2"
+  VERSION = "0.1.0"
 end

data/spec/s3/query_string_signer_spec.rb

@@ -0,0 +1,29 @@
+require 'awsraw/s3/query_string_signer'
+
+describe AWSRaw::S3::QueryStringSigner do
+  let(:access_key_id)     { "AKIAIOSFODNN7EXAMPLE" }
+  let(:secret_access_key) { "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY" }
+
+  subject { AWSRaw::S3::QueryStringSigner.new(access_key_id, secret_access_key) }
+
+  context "examples from Amazon docs" do
+    it "signs a get request correctly" do
+      url = "http://s3.amazonaws.com/johnsmith/photos/puppy.jpg"
+      expiry = 1175139620
+
+      subject.string_to_sign(url, expiry).should ==
+        "GET\n\n\n#{expiry}\n/johnsmith/photos/puppy.jpg"
+
+      subject.query_string_hash(url, expiry).should == {
+        "AWSAccessKeyId" => access_key_id,
+        "Expires"        => expiry.to_s,
+        "Signature"      => "NpgCjnDzrM%2BWFzoENXmpNDUsSn8%3D"
+      }
+
+      subject.sign_with_query_string(url, expiry).to_s.should ==
+        "http://s3.amazonaws.com/johnsmith/photos/puppy.jpg?AWSAccessKeyId=#{access_key_id}&Expires=#{expiry}&Signature=NpgCjnDzrM%2BWFzoENXmpNDUsSn8%3D"
+    end
+
+  end
+end
+

data/spec/s3/signer_spec.rb

@@ -1,8 +1,8 @@
 require 'awsraw/s3/signer'
 
 describe AWSRaw::S3::Signer do
-  let(:access_key_id)     { "0PN5J17HBGZHT7JJ3X82" }
-  let(:secret_access_key) { "uV3F3YluFJax1cknvbcGwgjvx4QpvB+leU8dUj2o" }
+  let(:access_key_id)     { "AKIAIOSFODNN7EXAMPLE" }
+  let(:secret_access_key) { "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY" }
 
   subject { AWSRaw::S3::Signer.new(access_key_id, secret_access_key) }
 
@@ -17,7 +17,7 @@ describe AWSRaw::S3::Signer do
       subject.string_to_sign(request).should ==
         "GET\n\n\nTue, 27 Mar 2007 19:36:42 +0000\n/johnsmith/photos/puppy.jpg"
 
-      subject.signature(request).should == "AWS #{access_key_id}:xXjDGYUmKxnwqr5KXNPGldn5LbA="
+      subject.signature(request).should == "AWS #{access_key_id}:bWq2s1WEIj+Ydj0vQ697zp+IXMU="
     end
 
     it "signs an upload correctly" do
@@ -42,7 +42,7 @@ describe AWSRaw::S3::Signer do
       subject.string_to_sign(request).should ==
         "PUT\n4gJE4saaMU4BqNR0kLY+lw==\napplication/x-download\nTue, 27 Mar 2007 21:06:08 +0000\nx-amz-acl:public-read\nx-amz-meta-checksumalgorithm:crc32\nx-amz-meta-filechecksum:0x02661779\nx-amz-meta-reviewedby:joe@johnsmith.net,jane@johnsmith.net\n/static.johnsmith.net/db-backup.dat.gz"
 
-      subject.signature(request).should == "AWS #{access_key_id}:C0FlOtU8Ylb9KDTpZqYkZPX91iI="
+      subject.signature(request).should == "AWS #{access_key_id}:ilyl83RwaSoYIEdixDQcA4OnAnc="
     end
 
   end

metadata

@@ -1,107 +1,103 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: awsraw
-version: !ruby/object:Gem::Version 
-  hash: 27
+version: !ruby/object:Gem::Version
+  version: 0.1.0
   prerelease: 
-  segments: 
-  - 0
-  - 0
-  - 2
-  version: 0.0.2
 platform: ruby
-authors: 
+authors:
 - Pete Yandell
+- David Goodlad
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2012-02-12 00:00:00 +11:00
-default_executable: 
-dependencies: 
-- !ruby/object:Gem::Dependency 
+date: 2012-11-22 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
   prerelease: false
-  version_requirements: &id001 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
-  requirement: *id001
-- !ruby/object:Gem::Dependency 
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
   name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
   prerelease: false
-  version_requirements: &id002 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
-  requirement: *id002
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: A client for Amazon Web Services in the style of FlickRaw
-email: 
+email:
 - pete@notahat.com
+- david@goodlad.net
 executables: []
-
 extensions: []
-
 extra_rdoc_files: []
-
-files: 
+files:
 - .gitignore
 - Gemfile
+- README.md
 - Rakefile
 - awsraw.gemspec
 - lib/awsraw.rb
 - lib/awsraw/s3/client.rb
+- lib/awsraw/s3/query_string_signer.rb
 - lib/awsraw/s3/request.rb
 - lib/awsraw/s3/response.rb
 - lib/awsraw/s3/signer.rb
 - lib/awsraw/version.rb
 - spec/s3/client_spec.rb
+- spec/s3/query_string_signer_spec.rb
 - spec/s3/signer_spec.rb
-has_rdoc: true
 homepage: http://github.com/envato/awsraw
 licenses: []
-
 post_install_message: 
 rdoc_options: []
-
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
       - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
+      hash: 2614771455796597765
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
       - 0
-      version: "0"
+      hash: 2614771455796597765
 requirements: []
-
 rubyforge_project: awsraw
-rubygems_version: 1.6.2
+rubygems_version: 1.8.23
 signing_key: 
 specification_version: 3
 summary: Minimal AWS client
-test_files: 
+test_files:
 - spec/s3/client_spec.rb
+- spec/s3/query_string_signer_spec.rb
 - spec/s3/signer_spec.rb