func ExampleV4Signer() {
// Get auth from env vars
auth, err := aws.EnvAuth()
if err != nil {
fmt.Println(err)
}
// Create a signer with the auth, name of the service, and aws region
signer := aws.NewV4Signer(auth, "dynamodb", aws.USEast)
// Create a request
req, err := http.NewRequest("POST", aws.USEast.DynamoDBEndpoint, strings.NewReader("sample_request"))
if err != nil {
fmt.Println(err)
}
// Date or x-amz-date header is required to sign a request
req.Header.Add("Date", time.Now().UTC().Format(http.TimeFormat))
// Sign the request
signer.Sign(req)
// Issue signed request
http.DefaultClient.Do(req)
}
func (s *V4SignerSuite) TestCases(c *C) {
signer := aws.NewV4Signer(s.auth, "host", s.region)
for _, testCase := range s.cases {
req, err := http.NewRequest(testCase.request.method, "http://"+testCase.request.host+testCase.request.url, strings.NewReader(testCase.request.body))
c.Assert(err, IsNil, Commentf("Testcase: %s", testCase.label))
for _, v := range testCase.request.headers {
h := strings.SplitN(v, ":", 2)
req.Header.Add(h[0], h[1])
}
req.Header.Set("host", req.Host)
t := signer.RequestTime(req)
canonicalRequest := signer.CanonicalRequest(req)
c.Check(canonicalRequest, Equals, testCase.canonicalRequest, Commentf("Testcase: %s", testCase.label))
stringToSign := signer.StringToSign(t, canonicalRequest)
c.Check(stringToSign, Equals, testCase.stringToSign, Commentf("Testcase: %s", testCase.label))
signature := signer.Signature(t, stringToSign)
c.Check(signature, Equals, testCase.signature, Commentf("Testcase: %s", testCase.label))
authorization := signer.Authorization(req.Header, t, signature)
c.Check(authorization, Equals, testCase.authorization, Commentf("Testcase: %s", testCase.label))
signer.Sign(req)
c.Check(req.Header.Get("Authorization"), Equals, testCase.authorization, Commentf("Testcase: %s", testCase.label))
}
}
func (elb *ELB) query(params map[string]string, resp interface{}) error {
params["Version"] = "2012-06-01"
params["Timestamp"] = time.Now().In(time.UTC).Format(time.RFC3339)
data := strings.NewReader(multimap(params).Encode())
hreq, err := http.NewRequest("GET", elb.Region.ELBEndpoint+"/", data)
if err != nil {
return err
}
hreq.URL.RawQuery = multimap(params).Encode()
token := elb.Auth.Token()
if token != "" {
hreq.Header.Set("X-Amz-Security-Token", token)
}
signer := aws.NewV4Signer(elb.Auth, "elasticloadbalancing", elb.Region)
signer.Sign(hreq)
r, err := http.DefaultClient.Do(hreq)
if err != nil {
return err
}
defer r.Body.Close()
if r.StatusCode != 200 {
return buildError(r)
}
return xml.NewDecoder(r.Body).Decode(resp)
}
func (s *Server) queryServer(target string, query *Query) ([]byte, error) {
data := strings.NewReader(query.String())
hreq, err := http.NewRequest("POST", s.Region.DynamoDBEndpoint+"/", data)
if err != nil {
return nil, err
}
hreq.Header.Set("Content-Type", "application/x-amz-json-1.0")
hreq.Header.Set("X-Amz-Date", time.Now().UTC().Format(aws.ISO8601BasicFormat))
hreq.Header.Set("X-Amz-Target", target)
token := s.Auth.Token()
if token != "" {
hreq.Header.Set("X-Amz-Security-Token", token)
}
signer := aws.NewV4Signer(s.Auth, "dynamodb", s.Region)
signer.Sign(hreq)
resp, err := http.DefaultClient.Do(hreq)
if err != nil {
log.Printf("Error calling Amazon")
return nil, err
}
defer resp.Body.Close()
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
log.Printf("Could not read response body")
return nil, err
}
// http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ErrorHandling.html
// "A response code of 200 indicates the operation was successful."
if resp.StatusCode != 200 {
ddbErr := buildError(resp, body)
return nil, ddbErr
}
return body, nil
}
func (sts *STS) query(params map[string]string, resp interface{}) error {
params["Version"] = "2011-06-15"
data := strings.NewReader(multimap(params).Encode())
hreq, err := http.NewRequest("POST", sts.Region.STSEndpoint+"/", data)
if err != nil {
return err
}
hreq.Header.Set("Content-Type", "application/x-www-form-urlencoded; param=value")
token := sts.Auth.Token()
if token != "" {
hreq.Header.Set("X-Amz-Security-Token", token)
}
signer := aws.NewV4Signer(sts.Auth, "sts", sts.Region)
signer.Sign(hreq)
if debug {
log.Printf("%v -> {\n", hreq)
}
r, err := http.DefaultClient.Do(hreq)
if err != nil {
log.Printf("Error calling Amazon")
return err
}
defer r.Body.Close()
if debug {
dump, _ := httputil.DumpResponse(r, true)
log.Printf("response:\n")
log.Printf("%v\n}\n", string(dump))
}
if r.StatusCode != 200 {
return buildError(r)
}
err = xml.NewDecoder(r.Body).Decode(resp)
return err
}
func (s *SQS) query(queueUrl string, params map[string]string, resp interface{}) (err error) {
params["Version"] = API_VERSION
params["Timestamp"] = time.Now().In(time.UTC).Format(time.RFC3339)
var url_ *url.URL
var path string
switch {
// fully qualified queueUrl
case strings.HasPrefix(queueUrl, "http"):
url_, err = url.Parse(queueUrl)
path = queueUrl[len(s.Region.SQSEndpoint):]
// relative queueUrl
case strings.HasPrefix(queueUrl, "/"):
url_, err = url.Parse(s.Region.SQSEndpoint + queueUrl)
path = queueUrl
// zero-value for queueUrl
default:
url_, err = url.Parse(s.Region.SQSEndpoint)
path = "/"
}
if err != nil {
return err
}
if s.Auth.Token() != "" {
params["SecurityToken"] = s.Auth.Token()
}
var r *http.Response
if s.Region.Name == "cn-north-1" {
var sarray []string
for k, v := range params {
sarray = append(sarray, aws.Encode(k)+"="+aws.Encode(v))
}
req, err := http.NewRequest("GET", fmt.Sprintf("%s?%s", url_, strings.Join(sarray, "&")), nil)
if err != nil {
return err
}
signer := aws.NewV4Signer(s.Auth, "sqs", s.Region)
signer.Sign(req)
client := http.Client{}
r, err = client.Do(req)
} else {
sign(s.Auth, "GET", path, params, url_.Host)
url_.RawQuery = multimap(params).Encode()
r, err = http.Get(url_.String())
}
if debug {
log.Printf("GET ", url_.String())
}
if err != nil {
return err
}
defer r.Body.Close()
if debug {
dump, _ := httputil.DumpResponse(r, true)
log.Printf("DUMP:\n", string(dump))
}
if r.StatusCode != 200 {
return buildError(r)
}
err = xml.NewDecoder(r.Body).Decode(resp)
io.Copy(ioutil.Discard, r.Body)
return err
}