Example #1
0
func TestStandaloneSign(t *testing.T) {
	creds := unit.Session.Config.Credentials
	signer := v4.NewSigner(creds)

	for _, c := range standaloneSignCases {
		host := fmt.Sprintf("%s.%s.%s.amazonaws.com",
			c.SubDomain, c.Region, c.Service)

		req, err := http.NewRequest("GET", fmt.Sprintf("https://%s", host), nil)
		assert.NoError(t, err)

		req.URL.Path = c.OrigURI
		req.URL.RawQuery = c.OrigQuery
		req.URL.Opaque = fmt.Sprintf("//%s%s", host, c.EscapedURI)
		opaqueURI := req.URL.Opaque

		_, err = signer.Sign(req, nil, c.Service, c.Region, time.Unix(0, 0))
		assert.NoError(t, err)

		actual := req.Header.Get("Authorization")
		assert.Equal(t, c.ExpSig, actual)
		assert.Equal(t, c.OrigURI, req.URL.Path)
		assert.Equal(t, opaqueURI, req.URL.Opaque)
	}
}
Example #2
0
func TestStandaloneSign(t *testing.T) {
	creds := unit.Session.Config.Credentials
	signer := v4.NewSigner(creds)

	for _, c := range standaloneSignCases {
		host := fmt.Sprintf("https://%s.%s.%s.amazonaws.com",
			c.SubDomain, c.Region, c.Service)

		req, err := http.NewRequest("GET", host, nil)
		assert.NoError(t, err)

		// URL.EscapedPath() will be used by the signer to get the
		// escaped form of the request's URI path.
		req.URL.Path = c.OrigURI
		req.URL.RawQuery = c.OrigQuery

		_, err = signer.Sign(req, nil, c.Service, c.Region, time.Unix(0, 0))
		assert.NoError(t, err)

		actual := req.Header.Get("Authorization")
		assert.Equal(t, c.ExpSig, actual)
		assert.Equal(t, c.OrigURI, req.URL.Path)
		assert.Equal(t, c.EscapedURI, req.URL.EscapedPath())
	}
}
Example #3
0
func TestStandaloneSign_CustomURIEscape(t *testing.T) {
	var expectSig = `AWS4-HMAC-SHA256 Credential=AKID/19700101/us-east-1/es/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=6601e883cc6d23871fd6c2a394c5677ea2b8c82b04a6446786d64cd74f520967`

	creds := unit.Session.Config.Credentials
	signer := v4.NewSigner(creds, func(s *v4.Signer) {
		s.DisableURIPathEscaping = true
	})

	host := "https://subdomain.us-east-1.es.amazonaws.com"
	req, err := http.NewRequest("GET", host, nil)
	assert.NoError(t, err)

	req.URL.Path = `/log-*/_search`
	req.URL.Opaque = "//subdomain.us-east-1.es.amazonaws.com/log-%2A/_search"

	_, err = signer.Sign(req, nil, "es", "us-east-1", time.Unix(0, 0))
	assert.NoError(t, err)

	actual := req.Header.Get("Authorization")
	assert.Equal(t, expectSig, actual)
}