func (s *Sign4Suite) TestCanonicalRequest(c *C) {
expect := "GET\n/\nfoo=Zoo&foo=aha\ndate:Mon, 09 Sep 2011 23:36:00 GMT\nhost:host.foo.com\n\n" +
"date;host\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
buf := new(bytes.Buffer)
err := s.request2.Write(buf)
c.Assert(err, IsNil)
cr, err := sign4.CanonicalRequest(buf.String())
c.Assert(err, IsNil)
c.Assert(cr.Headers, Equals, "date;host")
//fmt.Println(cr)
c.Assert(cr.CanonicalRequest, Equals, expect)
}
func (s *Sign4Suite) TestStringToSign(c *C) {
buf := new(bytes.Buffer)
err := s.request2.Write(buf)
c.Assert(err, IsNil)
cr, err := sign4.CanonicalRequest(buf.String())
c.Assert(err, IsNil)
t := time.Date(2011, time.September, 9, 23, 36, 0, 0, time.UTC)
sts := sign4.StringToSign(cr.CanonicalRequest, "20110909/us-east-1/host/aws4_request", t)
expect := "AWS4-HMAC-SHA256\n20110909T233600Z\n20110909/us-east-1/host/aws4_request\ne25f777ba161a0f1baf778a87faf057187cf5987f17953320e3ca399feb5f00d"
c.Assert(sts, Equals, expect)
//fmt.Println(sts)
}
func (s *Sign4Suite) TestAWSSuite(c *C) {
if *testSuiteDir == "" {
c.Skip("-test-suite-dir not provided, skipping aws4 testsuite")
}
accessKey := "AKIDEXAMPLE"
secretKey := "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY"
regionName := "us-east-1"
serviceName := "host"
tests := []string{"get-header-value-trim", "get-vanilla-query", "get-relative",
"get-relative-relative", "get-slash", "get-slash-dot-slash",
"get-slashes", "get-slash-pointless-dot", "get-space", "get-unreserved",
"get-utf8", "get-vanilla", "get-vanilla-empty-query-key", "get-vanilla-query",
"get-vanilla-query-order-key", "get-vanilla-query-order-key-case",
"get-vanilla-query-order-value", "get-vanilla-query-unreserved",
"get-vanilla-ut8-query", "post-header-key-case", "post-header-key-sort",
"post-header-value-case", "post-vanilla", "post-vanilla-empty-query-value",
"post-vanilla-query",
//"post-vanilla-query-nonunreserved" // this one is pretty pathological, FIXME ?
//"post-vanilla-query-space" // don't think this a valid http request (a space in the URI?)
"post-x-www-form-urlencoded", "post-x-www-form-urlencoded-parameters",
}
// broken tests: "get-header-key-duplicate", "get-header-value-order"
// see https://forums.aws.amazon.com/thread.jspa?messageID=491017
//buff := new(bytes.Buffer)
for _, test := range tests {
c.Log("TestAWSSuite test: %v", test)
reqFileName := filepath.Join(*testSuiteDir, test+".req")
creqFileName := filepath.Join(*testSuiteDir, test+".creq")
stsFileName := filepath.Join(*testSuiteDir, test+".sts")
sreqFileName := filepath.Join(*testSuiteDir, test+".sreq")
readBytes, err := ioutil.ReadFile(reqFileName)
c.Assert(err, IsNil)
//fmt.Println("readBytes:\n", readBytes)
// canonical request
canonReq, err := sign4.CanonicalRequest(string(readBytes))
c.Assert(err, IsNil)
readBytes, err = ioutil.ReadFile(creqFileName)
c.Assert(err, IsNil)
c.Assert(canonReq.CanonicalRequest, Equals, string(readBytes))
// string to sign
t, err := getTimeFromCR(canonReq)
c.Assert(err, IsNil)
credentialScope := sign4.CredentialScope(*t, regionName, serviceName)
stringToSign := sign4.StringToSign(canonReq.CanonicalRequest, credentialScope, *t)
readBytes, err = ioutil.ReadFile(stsFileName)
c.Assert(err, IsNil)
c.Assert(stringToSign, Equals, string(readBytes))
// signed
signature, err := sign4.SignStringToSign(stringToSign, secretKey)
c.Assert(err, IsNil)
authHdrVal := sign4.AuthHeaderValue(signature, accessKey, credentialScope, canonReq)
// Authorized value
sreq, err := getAWSSuiteReq(sreqFileName)
c.Assert(err, IsNil)
c.Assert(authHdrVal, Not(Equals), "")
c.Assert(authHdrVal, Equals, sreq.Header.Get("Authorization"))
}
}