// queryV4Signprepares and runs the req request, signed with aws v4 signatures.
// If resp is not nil, the XML data contained in the response
// body will be unmarshalled on it.
func (s3 *S3) queryV4Sign(req *request, resp interface{}) error {
if req.headers == nil {
req.headers = map[string][]string{}
}
err := s3.setBaseURL(req)
if err != nil {
return err
}
hreq, err := s3.setupHttpRequest(req)
if err != nil {
return err
}
// req.Host must be set for V4 signature calculation
hreq.Host = hreq.URL.Host
signer := aws.NewV4Signer(s3.Auth, "s3", s3.Region)
signer.IncludeXAmzContentSha256 = true
signer.Sign(hreq)
_, err = s3.doHttpRequest(hreq, resp)
return err
}
// prepare sets up req to be delivered to S3.
func (s3 *S3) prepare(req *request) error {
// Copy so they can be mutated without affecting on retries.
params := make(url.Values)
headers := make(http.Header)
for k, v := range req.params {
params[k] = v
}
for k, v := range req.headers {
headers[k] = v
}
req.params = params
req.headers = headers
if !req.prepared {
req.prepared = true
if req.method == "" {
req.method = "GET"
}
if !strings.HasPrefix(req.path, "/") {
req.path = "/" + req.path
}
err := s3.setBaseURL(req)
if err != nil {
return err
}
}
if s3.Signature == aws.V2Signature && s3.Auth.Token() != "" {
req.headers["X-Amz-Security-Token"] = []string{s3.Auth.Token()}
} else if s3.Auth.Token() != "" {
req.params.Set("X-Amz-Security-Token", s3.Auth.Token())
}
if s3.Signature == aws.V2Signature {
// Always sign again as it's not clear how far the
// server has handled a previous attempt.
u, err := url.Parse(req.baseurl)
if err != nil {
return err
}
signpathPartiallyEscaped := partiallyEscapedPath(req.path)
if strings.IndexAny(s3.Region.S3BucketEndpoint, "${bucket}") >= 0 {
signpathPartiallyEscaped = "/" + req.bucket + signpathPartiallyEscaped
}
req.headers["Host"] = []string{u.Host}
req.headers["Date"] = []string{time.Now().In(time.UTC).Format(time.RFC1123)}
sign(s3.Auth, req.method, signpathPartiallyEscaped, req.params, req.headers)
} else {
hreq, err := s3.setupHttpRequest(req)
if err != nil {
return err
}
hreq.Host = hreq.URL.Host
signer := aws.NewV4Signer(s3.Auth, "s3", s3.Region)
signer.IncludeXAmzContentSha256 = true
signer.Sign(hreq)
req.payload = hreq.Body
if _, ok := headers["Content-Length"]; ok {
req.headers["Content-Length"] = headers["Content-Length"]
}
}
return nil
}