Example #1
0
func (s *Sign4Suite) TestAWSSuite(c *C) {
	if *testSuiteDir == "" {
		c.Skip("-test-suite-dir not provided, skipping aws4 testsuite")
	}

	accessKey := "AKIDEXAMPLE"
	secretKey := "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY"
	regionName := "us-east-1"
	serviceName := "host"

	tests := []string{"get-header-value-trim", "get-vanilla-query", "get-relative",
		"get-relative-relative", "get-slash", "get-slash-dot-slash",
		"get-slashes", "get-slash-pointless-dot", "get-space", "get-unreserved",
		"get-utf8", "get-vanilla", "get-vanilla-empty-query-key", "get-vanilla-query",
		"get-vanilla-query-order-key", "get-vanilla-query-order-key-case",
		"get-vanilla-query-order-value", "get-vanilla-query-unreserved",
		"get-vanilla-ut8-query", "post-header-key-case", "post-header-key-sort",
		"post-header-value-case", "post-vanilla", "post-vanilla-empty-query-value",
		"post-vanilla-query",
		//"post-vanilla-query-nonunreserved" // this one is pretty pathological, FIXME ?
		//"post-vanilla-query-space"		// don't think this a valid http request (a space in the URI?)
		"post-x-www-form-urlencoded", "post-x-www-form-urlencoded-parameters",
	}
	// broken tests: "get-header-key-duplicate", "get-header-value-order"
	// see https://forums.aws.amazon.com/thread.jspa?messageID=491017

	//buff := new(bytes.Buffer)

	for _, test := range tests {
		c.Log("TestAWSSuite test: %v", test)
		reqFileName := filepath.Join(*testSuiteDir, test+".req")
		creqFileName := filepath.Join(*testSuiteDir, test+".creq")
		stsFileName := filepath.Join(*testSuiteDir, test+".sts")
		sreqFileName := filepath.Join(*testSuiteDir, test+".sreq")

		readBytes, err := ioutil.ReadFile(reqFileName)
		c.Assert(err, IsNil)
		//fmt.Println("readBytes:\n", readBytes)

		// canonical request
		canonReq, err := sign4.CanonicalRequest(string(readBytes))
		c.Assert(err, IsNil)
		readBytes, err = ioutil.ReadFile(creqFileName)
		c.Assert(err, IsNil)
		c.Assert(canonReq.CanonicalRequest, Equals, string(readBytes))

		// string to sign
		t, err := getTimeFromCR(canonReq)
		c.Assert(err, IsNil)
		credentialScope := sign4.CredentialScope(*t, regionName, serviceName)
		stringToSign := sign4.StringToSign(canonReq.CanonicalRequest, credentialScope, *t)

		readBytes, err = ioutil.ReadFile(stsFileName)
		c.Assert(err, IsNil)
		c.Assert(stringToSign, Equals, string(readBytes))

		// signed
		signature, err := sign4.SignStringToSign(stringToSign, secretKey)
		c.Assert(err, IsNil)
		authHdrVal := sign4.AuthHeaderValue(signature, accessKey, credentialScope, canonReq)

		// Authorized value
		sreq, err := getAWSSuiteReq(sreqFileName)
		c.Assert(err, IsNil)
		c.Assert(authHdrVal, Not(Equals), "")
		c.Assert(authHdrVal, Equals, sreq.Header.Get("Authorization"))
	}
}
Example #2
0
func (s *Sign4Suite) TestCredentialScope(c *C) {
	t := time.Date(2011, time.September, 9, 23, 36, 0, 0, time.UTC)
	scope := sign4.CredentialScope(t, "us-east-1", "iam")
	c.Assert(scope, Equals, "20110909/us-east-1/iam/aws4_request")
}