@smithy/signature-v4 1.0.0 → 1.0.2

package/dist-types/ts3.4/SignatureV4.d.ts

@@ -0,0 +1,67 @@
+import { AwsCredentialIdentity, ChecksumConstructor, EventSigner, EventSigningArguments, FormattedEvent, HashConstructor, HttpRequest, MessageSigner, Provider, RequestPresigner, RequestPresigningArguments, RequestSigner, RequestSigningArguments, SignableMessage, SignedMessage, SigningArguments, StringSigner } from "@smithy/types";
+export interface SignatureV4Init {
+    /**
+     * The service signing name.
+     */
+    service: string;
+    /**
+     * The region name or a function that returns a promise that will be
+     * resolved with the region name.
+     */
+    region: string | Provider<string>;
+    /**
+     * The credentials with which the request should be signed or a function
+     * that returns a promise that will be resolved with credentials.
+     */
+    credentials: AwsCredentialIdentity | Provider<AwsCredentialIdentity>;
+    /**
+     * A constructor function for a hash object that will calculate SHA-256 HMAC
+     * checksums.
+     */
+    sha256?: ChecksumConstructor | HashConstructor;
+    /**
+     * Whether to uri-escape the request URI path as part of computing the
+     * canonical request string. This is required for every AWS service, except
+     * Amazon S3, as of late 2017.
+     *
+     * @default [true]
+     */
+    uriEscapePath?: boolean;
+    /**
+     * Whether to calculate a checksum of the request body and include it as
+     * either a request header (when signing) or as a query string parameter
+     * (when presigning). This is required for AWS Glacier and Amazon S3 and optional for
+     * every other AWS service as of late 2017.
+     *
+     * @default [true]
+     */
+    applyChecksum?: boolean;
+}
+export interface SignatureV4CryptoInit {
+    sha256: ChecksumConstructor | HashConstructor;
+}
+export declare class SignatureV4 implements RequestPresigner, RequestSigner, StringSigner, EventSigner, MessageSigner {
+    private readonly service;
+    private readonly regionProvider;
+    private readonly credentialProvider;
+    private readonly sha256;
+    private readonly uriEscapePath;
+    private readonly applyChecksum;
+    private readonly headerMarshaller;
+    constructor({ applyChecksum, credentials, region, service, sha256, uriEscapePath, }: SignatureV4Init & SignatureV4CryptoInit);
+    presign(originalRequest: HttpRequest, options?: RequestPresigningArguments): Promise<HttpRequest>;
+    sign(stringToSign: string, options?: SigningArguments): Promise<string>;
+    sign(event: FormattedEvent, options: EventSigningArguments): Promise<string>;
+    sign(event: SignableMessage, options: SigningArguments): Promise<SignedMessage>;
+    sign(requestToSign: HttpRequest, options?: RequestSigningArguments): Promise<HttpRequest>;
+    private signEvent;
+    signMessage(signableMessage: SignableMessage, { signingDate, signingRegion, signingService }: SigningArguments): Promise<SignedMessage>;
+    private signString;
+    private signRequest;
+    private createCanonicalRequest;
+    private createStringToSign;
+    private getCanonicalPath;
+    private getSignature;
+    private getSigningKey;
+    private validateResolvedCredentials;
+}

package/dist-types/ts3.4/cloneRequest.d.ts

@@ -0,0 +1,6 @@
+import { HttpRequest, QueryParameterBag } from "@smithy/types";
+/**
+ * @internal
+ */
+export declare const cloneRequest: ({ headers, query, ...rest }: HttpRequest) => HttpRequest;
+export declare const cloneQuery: (query: QueryParameterBag) => QueryParameterBag;

package/dist-types/ts3.4/constants.d.ts

@@ -0,0 +1,43 @@
+export declare const ALGORITHM_QUERY_PARAM = "X-Amz-Algorithm";
+export declare const CREDENTIAL_QUERY_PARAM = "X-Amz-Credential";
+export declare const AMZ_DATE_QUERY_PARAM = "X-Amz-Date";
+export declare const SIGNED_HEADERS_QUERY_PARAM = "X-Amz-SignedHeaders";
+export declare const EXPIRES_QUERY_PARAM = "X-Amz-Expires";
+export declare const SIGNATURE_QUERY_PARAM = "X-Amz-Signature";
+export declare const TOKEN_QUERY_PARAM = "X-Amz-Security-Token";
+export declare const REGION_SET_PARAM = "X-Amz-Region-Set";
+export declare const AUTH_HEADER = "authorization";
+export declare const AMZ_DATE_HEADER: string;
+export declare const DATE_HEADER = "date";
+export declare const GENERATED_HEADERS: string[];
+export declare const SIGNATURE_HEADER: string;
+export declare const SHA256_HEADER = "x-amz-content-sha256";
+export declare const TOKEN_HEADER: string;
+export declare const HOST_HEADER = "host";
+export declare const ALWAYS_UNSIGNABLE_HEADERS: {
+    authorization: boolean;
+    "cache-control": boolean;
+    connection: boolean;
+    expect: boolean;
+    from: boolean;
+    "keep-alive": boolean;
+    "max-forwards": boolean;
+    pragma: boolean;
+    referer: boolean;
+    te: boolean;
+    trailer: boolean;
+    "transfer-encoding": boolean;
+    upgrade: boolean;
+    "user-agent": boolean;
+    "x-amzn-trace-id": boolean;
+};
+export declare const PROXY_HEADER_PATTERN: RegExp;
+export declare const SEC_HEADER_PATTERN: RegExp;
+export declare const UNSIGNABLE_PATTERNS: RegExp[];
+export declare const ALGORITHM_IDENTIFIER = "AWS4-HMAC-SHA256";
+export declare const ALGORITHM_IDENTIFIER_V4A = "AWS4-ECDSA-P256-SHA256";
+export declare const EVENT_ALGORITHM_IDENTIFIER = "AWS4-HMAC-SHA256-PAYLOAD";
+export declare const UNSIGNED_PAYLOAD = "UNSIGNED-PAYLOAD";
+export declare const MAX_CACHE_SIZE = 50;
+export declare const KEY_TYPE_IDENTIFIER = "aws4_request";
+export declare const MAX_PRESIGNED_TTL: number;

package/dist-types/ts3.4/credentialDerivation.d.ts

@@ -0,0 +1,26 @@
+import { AwsCredentialIdentity, ChecksumConstructor, HashConstructor } from "@smithy/types";
+/**
+ * Create a string describing the scope of credentials used to sign a request.
+ *
+ * @param shortDate The current calendar date in the form YYYYMMDD.
+ * @param region    The AWS region in which the service resides.
+ * @param service   The service to which the signed request is being sent.
+ */
+export declare const createScope: (shortDate: string, region: string, service: string) => string;
+/**
+ * Derive a signing key from its composite parts
+ *
+ * @param sha256Constructor A constructor function that can instantiate SHA-256
+ *                          hash objects.
+ * @param credentials       The credentials with which the request will be
+ *                          signed.
+ * @param shortDate         The current calendar date in the form YYYYMMDD.
+ * @param region            The AWS region in which the service resides.
+ * @param service           The service to which the signed request is being
+ *                          sent.
+ */
+export declare const getSigningKey: (sha256Constructor: ChecksumConstructor | HashConstructor, credentials: AwsCredentialIdentity, shortDate: string, region: string, service: string) => Promise<Uint8Array>;
+/**
+ * @internal
+ */
+export declare const clearCredentialCache: () => void;

package/dist-types/ts3.4/getCanonicalHeaders.d.ts

@@ -0,0 +1,5 @@
+import { HeaderBag, HttpRequest } from "@smithy/types";
+/**
+ * @private
+ */
+export declare const getCanonicalHeaders: ({ headers }: HttpRequest, unsignableHeaders?: Set<string>, signableHeaders?: Set<string>) => HeaderBag;

package/dist-types/ts3.4/getCanonicalQuery.d.ts

@@ -0,0 +1,5 @@
+import { HttpRequest } from "@smithy/types";
+/**
+ * @private
+ */
+export declare const getCanonicalQuery: ({ query }: HttpRequest) => string;

package/dist-types/ts3.4/getPayloadHash.d.ts

@@ -0,0 +1,5 @@
+import { ChecksumConstructor, HashConstructor, HttpRequest } from "@smithy/types";
+/**
+ * @private
+ */
+export declare const getPayloadHash: ({ headers, body }: HttpRequest, hashConstructor: ChecksumConstructor | HashConstructor) => Promise<string>;

package/dist-types/ts3.4/headerUtil.d.ts

@@ -0,0 +1,4 @@
+import { HeaderBag } from "@smithy/types";
+export declare const hasHeader: (soughtHeader: string, headers: HeaderBag) => boolean;
+export declare const getHeaderValue: (soughtHeader: string, headers: HeaderBag) => string | undefined;
+export declare const deleteHeader: (soughtHeader: string, headers: HeaderBag) => void;

package/dist-types/ts3.4/index.d.ts

@@ -0,0 +1,7 @@
+export * from "./SignatureV4";
+export { getCanonicalHeaders } from "./getCanonicalHeaders";
+export { getCanonicalQuery } from "./getCanonicalQuery";
+export { getPayloadHash } from "./getPayloadHash";
+export { moveHeadersToQuery } from "./moveHeadersToQuery";
+export { prepareRequest } from "./prepareRequest";
+export * from "./credentialDerivation";

package/dist-types/ts3.4/moveHeadersToQuery.d.ts

@@ -0,0 +1,9 @@
+import { HttpRequest, QueryParameterBag } from "@smithy/types";
+/**
+ * @private
+ */
+export declare const moveHeadersToQuery: (request: HttpRequest, options?: {
+    unhoistableHeaders?: Set<string>;
+}) => HttpRequest & {
+    query: QueryParameterBag;
+};

package/dist-types/ts3.4/prepareRequest.d.ts

@@ -0,0 +1,5 @@
+import { HttpRequest } from "@smithy/types";
+/**
+ * @private
+ */
+export declare const prepareRequest: (request: HttpRequest) => HttpRequest;

package/dist-types/ts3.4/suite.fixture.d.ts

@@ -0,0 +1,14 @@
+import { HttpRequest } from "@smithy/types";
+export interface TestCase {
+    name: string;
+    request: HttpRequest;
+    authorization: string;
+}
+export declare const region = "us-east-1";
+export declare const service = "service";
+export declare const credentials: {
+    accessKeyId: string;
+    secretAccessKey: string;
+};
+export declare const signingDate: Date;
+export declare const requests: Array<TestCase>;

package/dist-types/ts3.4/utilDate.d.ts

@@ -0,0 +1,2 @@
+export declare const iso8601: (time: number | string | Date) => string;
+export declare const toDate: (time: number | string | Date) => Date;

package/package.json

@@ -1,12 +1,12 @@
 {
   "name": "@smithy/signature-v4",
-  "version": "1.0.0",
+  "version": "1.0.2",
   "description": "A standalone implementation of the AWS Signature V4 request signing algorithm",
   "main": "./dist-cjs/index.js",
   "module": "./dist-es/index.js",
   "types": "./dist-types/index.d.ts",
   "scripts": {
-    "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
+    "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types && yarn build:types:downlevel'",
     "build:cjs": "tsc -p tsconfig.cjs.json",
     "build:es": "tsc -p tsconfig.es.json",
     "build:types": "tsc -p tsconfig.types.json",
@@ -24,18 +24,18 @@
   },
   "license": "Apache-2.0",
   "dependencies": {
-    "@smithy/eventstream-codec": "workspace:^",
-    "@smithy/is-array-buffer": "workspace:^",
-    "@smithy/types": "workspace:^",
-    "@smithy/util-hex-encoding": "workspace:^",
-    "@smithy/util-middleware": "workspace:^",
-    "@smithy/util-uri-escape": "workspace:^",
-    "@smithy/util-utf8": "workspace:^",
+    "@smithy/eventstream-codec": "^1.0.2",
+    "@smithy/is-array-buffer": "^1.0.2",
+    "@smithy/types": "^1.1.1",
+    "@smithy/util-hex-encoding": "^1.0.2",
+    "@smithy/util-middleware": "^1.0.2",
+    "@smithy/util-uri-escape": "^1.0.2",
+    "@smithy/util-utf8": "^1.0.2",
     "tslib": "^2.5.0"
   },
   "devDependencies": {
     "@aws-crypto/sha256-js": "3.0.0",
-    "@smithy/protocol-http": "workspace:^",
+    "@smithy/protocol-http": "^1.1.1",
     "@tsconfig/recommended": "1.0.1",
     "concurrently": "7.0.0",
     "downlevel-dts": "0.10.1",
@@ -65,5 +65,8 @@
   },
   "typedoc": {
     "entryPoint": "src/index.ts"
+  },
+  "publishConfig": {
+    "directory": ".release/package"
   }
-}
+}