func sign(auth aws.Auth, method, path string, params map[string]string, host string) { params["AWSAccessKeyId"] = auth.AccessKey params["SignatureVersion"] = "2" params["SignatureMethod"] = "HmacSHA256" if auth.Token() != "" { params["SecurityToken"] = auth.Token() } // AWS specifies that the parameters in a signed request must // be provided in the natural order of the keys. This is distinct // from the natural order of the encoded value of key=value. // Percent and equals affect the sorting order. var keys, sarray []string for k, _ := range params { keys = append(keys, k) } sort.Strings(keys) for _, k := range keys { sarray = append(sarray, aws.Encode(k)+"="+aws.Encode(params[k])) } joined := strings.Join(sarray, "&") payload := method + "\n" + host + "\n" + path + "\n" + joined hash := hmac.New(sha256.New, []byte(auth.SecretKey)) hash.Write([]byte(payload)) signature := make([]byte, b64.EncodedLen(hash.Size())) b64.Encode(signature, hash.Sum(nil)) params["Signature"] = string(signature) }
func sign(auth aws.Auth, method, path string, params map[string]string, host string) { params["AWSAccessKeyId"] = auth.AccessKey params["SignatureVersion"] = "2" params["SignatureMethod"] = "HmacSHA256" var sarray []string for k, v := range params { sarray = append(sarray, aws.Encode(k)+"="+aws.Encode(v)) } sort.StringSlice(sarray).Sort() joined := strings.Join(sarray, "&") payload := method + "\n" + host + "\n" + path + "\n" + joined hash := hmac.New(sha256.New, []byte(auth.SecretKey)) hash.Write([]byte(payload)) signature := make([]byte, b64.EncodedLen(hash.Size())) b64.Encode(signature, hash.Sum(nil)) params["Signature"] = string(signature) }
func sign(auth aws.Auth, method, path string, params url.Values, headers http.Header) { var host string for k, v := range headers { k = strings.ToLower(k) switch k { case "host": host = v[0] } } // set up some defaults used for signing the request params["AWSAccessKeyId"] = []string{auth.AccessKey} params["SignatureVersion"] = []string{"2"} params["SignatureMethod"] = []string{"HmacSHA256"} if auth.Token() != "" { params["SecurityToken"] = []string{auth.Token()} } // join up all the incoming params var sarray []string for k, v := range params { sarray = append(sarray, aws.Encode(k)+"="+aws.Encode(v[0])) } sort.StringSlice(sarray).Sort() joined := strings.Join(sarray, "&") // create the payload, sign it and create the signature payload := strings.Join([]string{method, host, "/", joined}, "\n") hash := hmac.New(sha256.New, []byte(auth.SecretKey)) hash.Write([]byte(payload)) signature := make([]byte, b64.EncodedLen(hash.Size())) b64.Encode(signature, hash.Sum(nil)) // add the signature to the outgoing params params["Signature"] = []string{string(signature)} }
func (s *SQS) query(queueUrl string, params map[string]string, resp interface{}) (err error) { params["Version"] = API_VERSION params["Timestamp"] = time.Now().In(time.UTC).Format(time.RFC3339) var url_ *url.URL var path string switch { // fully qualified queueUrl case strings.HasPrefix(queueUrl, "http"): url_, err = url.Parse(queueUrl) path = queueUrl[len(s.Region.SQSEndpoint):] // relative queueUrl case strings.HasPrefix(queueUrl, "/"): url_, err = url.Parse(s.Region.SQSEndpoint + queueUrl) path = queueUrl // zero-value for queueUrl default: url_, err = url.Parse(s.Region.SQSEndpoint) path = "/" } if err != nil { return err } if s.Auth.Token() != "" { params["SecurityToken"] = s.Auth.Token() } var r *http.Response if s.Region.Name == "cn-north-1" { var sarray []string for k, v := range params { sarray = append(sarray, aws.Encode(k)+"="+aws.Encode(v)) } req, err := http.NewRequest("GET", fmt.Sprintf("%s?%s", url_, strings.Join(sarray, "&")), nil) if err != nil { return err } signer := aws.NewV4Signer(s.Auth, "sqs", s.Region) signer.Sign(req) client := http.Client{} r, err = client.Do(req) } else { sign(s.Auth, "GET", path, params, url_.Host) url_.RawQuery = multimap(params).Encode() r, err = http.Get(url_.String()) } if debug { log.Printf("GET ", url_.String()) } if err != nil { return err } defer r.Body.Close() if debug { dump, _ := httputil.DumpResponse(r, true) log.Printf("DUMP:\n", string(dump)) } if r.StatusCode != 200 { return buildError(r) } err = xml.NewDecoder(r.Body).Decode(resp) io.Copy(ioutil.Discard, r.Body) return err }
func (s *S) TestEncode(c *C) { c.Assert(aws.Encode("foo"), Equals, "foo") c.Assert(aws.Encode("/"), Equals, "%2F") }