func sign(auth aws.Auth, method, path string, params map[string]string, host string) {
params["AWSAccessKeyId"] = auth.AccessKey
params["SignatureVersion"] = "2"
params["SignatureMethod"] = "HmacSHA256"
if auth.Token() != "" {
params["SecurityToken"] = auth.Token()
}
// AWS specifies that the parameters in a signed request must
// be provided in the natural order of the keys. This is distinct
// from the natural order of the encoded value of key=value.
// Percent and gocheck.Equals affect the sorting order.
var keys, sarray []string
for k, _ := range params {
keys = append(keys, k)
}
sort.Strings(keys)
for _, k := range keys {
sarray = append(sarray, aws.Encode(k)+"="+aws.Encode(params[k]))
}
// Check whether path has any length and if not set it to /
if len(path) == 0 {
path = "/"
}
joined := strings.Join(sarray, "&")
payload := method + "\n" + host + "\n" + path + "\n" + joined
hash := hmac.New(sha256.New, []byte(auth.SecretKey))
hash.Write([]byte(payload))
signature := make([]byte, b64.EncodedLen(hash.Size()))
b64.Encode(signature, hash.Sum(nil))
params["Signature"] = string(signature)
}
func sign(auth aws.Auth, method, path string, params map[string]string, host string) {
params["AWSAccessKeyId"] = auth.AccessKey
params["SignatureVersion"] = "2"
params["SignatureMethod"] = "HmacSHA256"
var sarray []string
for k, v := range params {
sarray = append(sarray, aws.Encode(k)+"="+aws.Encode(v))
}
sort.StringSlice(sarray).Sort()
joined := strings.Join(sarray, "&")
payload := method + "\n" + host + "\n" + path + "\n" + joined
hash := hmac.New(sha256.New, []byte(auth.SecretKey))
hash.Write([]byte(payload))
signature := make([]byte, b64.EncodedLen(hash.Size()))
b64.Encode(signature, hash.Sum(nil))
params["Signature"] = string(signature)
}
func sign(auth *aws.Auth, method, path string, params url.Values, headers http.Header) {
var host string
for k, v := range headers {
k = strings.ToLower(k)
switch k {
case "host":
host = v[0]
}
}
accessKey, secretKey, token := auth.Credentials()
// set up some defaults used for signing the request
params["AWSAccessKeyId"] = []string{accessKey}
params["SignatureVersion"] = []string{"2"}
params["SignatureMethod"] = []string{"HmacSHA256"}
if token != "" {
params["SecurityToken"] = []string{token}
}
// join up all the incoming params
var sarray []string
for k, v := range params {
sarray = append(sarray, aws.Encode(k)+"="+aws.Encode(v[0]))
}
sort.StringSlice(sarray).Sort()
joined := strings.Join(sarray, "&")
// create the payload, sign it and create the signature
payload := strings.Join([]string{method, host, "/", joined}, "\n")
hash := hmac.New(sha256.New, []byte(secretKey))
hash.Write([]byte(payload))
signature := make([]byte, b64.EncodedLen(hash.Size()))
b64.Encode(signature, hash.Sum(nil))
// add the signature to the outgoing params
params["Signature"] = []string{string(signature)}
}
func sign(auth *aws.Auth, method, path string, params map[string]string, host string) {
accessKey, secretKey, _ := auth.Credentials()
params["AWSAccessKeyId"] = accessKey
params["SignatureVersion"] = "2"
params["SignatureMethod"] = "HmacSHA256"
var keys, sarray []string
for k := range params {
keys = append(keys, k)
}
sort.Strings(keys)
for _, k := range keys {
sarray = append(sarray, aws.Encode(k)+"="+aws.Encode(params[k]))
}
joined := strings.Join(sarray, "&")
payload := method + "\n" + host + "\n" + path + "\n" + joined
hash := hmac.New(sha256.New, []byte(secretKey))
hash.Write([]byte(payload))
signature := make([]byte, b64.EncodedLen(hash.Size()))
b64.Encode(signature, hash.Sum(nil))
params["Signature"] = string(signature)
}
func (s *S) TestEncode(c *C) {
c.Assert(aws.Encode("foo"), Equals, "foo")
c.Assert(aws.Encode("/"), Equals, "%2F")
}
func (s *S) TestEncode(c *gocheck.C) {
c.Assert(aws.Encode("foo"), gocheck.Equals, "foo")
c.Assert(aws.Encode("/"), gocheck.Equals, "%2F")
}
func (s *SQS) query(queueUrl string, params map[string]string, resp interface{}) (err error) {
params["Version"] = API_VERSION
params["Timestamp"] = time.Now().In(time.UTC).Format(time.RFC3339)
var url_ *url.URL
switch {
// fully qualified queueUrl
case strings.HasPrefix(queueUrl, "http"):
url_, err = url.Parse(queueUrl)
// relative queueUrl
case strings.HasPrefix(queueUrl, "/"):
url_, err = url.Parse(s.Region.SQSEndpoint + queueUrl)
// zero-value for queueUrl
default:
url_, err = url.Parse(s.Region.SQSEndpoint)
}
if err != nil {
return err
}
if s.Auth.Token() != "" {
params["SecurityToken"] = s.Auth.Token()
}
var r *http.Response
var sarray []string
for k, v := range params {
sarray = append(sarray, aws.Encode(k)+"="+aws.Encode(v))
}
req, err := http.NewRequest("GET", fmt.Sprintf("%s?%s", url_, strings.Join(sarray, "&")), nil)
if err != nil {
return err
}
signer := aws.NewV4Signer(s.Auth, "sqs", s.Region)
signer.Sign(req)
var client http.Client
if s.transport == nil {
client = http.Client{}
} else {
client = http.Client{Transport: s.transport}
}
r, err = client.Do(req)
if debug {
log.Printf("GET %s\n", url_.String())
}
if err != nil {
return err
}
defer r.Body.Close()
if debug {
dump, _ := httputil.DumpResponse(r, true)
log.Printf("DUMP:%s\n", string(dump))
}
if r.StatusCode != 200 {
return buildError(r)
}
err = xml.NewDecoder(r.Body).Decode(resp)
io.Copy(ioutil.Discard, r.Body)
return err
}
func (s *SQS) query(queueUrl string, params map[string]string, resp interface{}) (err error) {
params["Version"] = API_VERSION
params["Timestamp"] = time.Now().In(time.UTC).Format(time.RFC3339)
var url_ *url.URL
var path string
switch {
// fully qualified queueUrl
case strings.HasPrefix(queueUrl, "http"):
url_, err = url.Parse(queueUrl)
path = queueUrl[len(s.Region.SQSEndpoint):]
// relative queueUrl
case strings.HasPrefix(queueUrl, "/"):
url_, err = url.Parse(s.Region.SQSEndpoint + queueUrl)
path = queueUrl
// zero-value for queueUrl
default:
url_, err = url.Parse(s.Region.SQSEndpoint)
path = "/"
}
if err != nil {
return err
}
var r *http.Response
if s.Region.Name == "cn-north-1" {
var sarray []string
for k, v := range params {
sarray = append(sarray, aws.Encode(k)+"="+aws.Encode(v))
}
req, err := http.NewRequest("GET", fmt.Sprintf("%s?%s", url_, strings.Join(sarray, "&")), nil)
if err != nil {
return err
}
aws.NewV4Signer(s.Auth, "sqs", s.Region).Sign(req)
client := http.Client{}
r, err = client.Do(req)
} else {
sign(s.Auth, "GET", path, params, url_.Host)
url_.RawQuery = multimap(params).Encode()
r, err = http.Get(url_.String())
}
if debug {
log.Printf("GET ", url_.String())
}
if err != nil {
return err
}
defer r.Body.Close()
if debug {
dump, _ := httputil.DumpResponse(r, true)
log.Printf("DUMP:\n", string(dump))
}
if r.StatusCode != 200 {
return buildError(r)
}
err = xml.NewDecoder(r.Body).Decode(resp)
io.Copy(ioutil.Discard, r.Body)
return err
}
