func (s *Sign4Suite) TestSignStringToSign(c *C) {
sts := "AWS4-HMAC-SHA256\n20110909T233600Z\n20110909/us-east-1/iam/aws4_request\n3511de7e95d28ecd39e9513b642aee07e54f4941150d8df8bf94b328ef7e55e2"
ssts, err := sign4.SignStringToSign(sts, "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY")
c.Assert(err, IsNil)
//fmt.Println("ssts:", ssts)
c.Assert(ssts, Equals, "ced6826de92d2bdeed8f846f0bf508e8559e98e4b0199114b84c54174deb456c")
}
func (s *Sign4Suite) TestAWSSuite(c *C) {
if *testSuiteDir == "" {
c.Skip("-test-suite-dir not provided, skipping aws4 testsuite")
}
accessKey := "AKIDEXAMPLE"
secretKey := "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY"
regionName := "us-east-1"
serviceName := "host"
tests := []string{"get-header-value-trim", "get-vanilla-query", "get-relative",
"get-relative-relative", "get-slash", "get-slash-dot-slash",
"get-slashes", "get-slash-pointless-dot", "get-space", "get-unreserved",
"get-utf8", "get-vanilla", "get-vanilla-empty-query-key", "get-vanilla-query",
"get-vanilla-query-order-key", "get-vanilla-query-order-key-case",
"get-vanilla-query-order-value", "get-vanilla-query-unreserved",
"get-vanilla-ut8-query", "post-header-key-case", "post-header-key-sort",
"post-header-value-case", "post-vanilla", "post-vanilla-empty-query-value",
"post-vanilla-query",
//"post-vanilla-query-nonunreserved" // this one is pretty pathological, FIXME ?
//"post-vanilla-query-space" // don't think this a valid http request (a space in the URI?)
"post-x-www-form-urlencoded", "post-x-www-form-urlencoded-parameters",
}
// broken tests: "get-header-key-duplicate", "get-header-value-order"
// see https://forums.aws.amazon.com/thread.jspa?messageID=491017
//buff := new(bytes.Buffer)
for _, test := range tests {
c.Log("TestAWSSuite test: %v", test)
reqFileName := filepath.Join(*testSuiteDir, test+".req")
creqFileName := filepath.Join(*testSuiteDir, test+".creq")
stsFileName := filepath.Join(*testSuiteDir, test+".sts")
sreqFileName := filepath.Join(*testSuiteDir, test+".sreq")
readBytes, err := ioutil.ReadFile(reqFileName)
c.Assert(err, IsNil)
//fmt.Println("readBytes:\n", readBytes)
// canonical request
canonReq, err := sign4.CanonicalRequest(string(readBytes))
c.Assert(err, IsNil)
readBytes, err = ioutil.ReadFile(creqFileName)
c.Assert(err, IsNil)
c.Assert(canonReq.CanonicalRequest, Equals, string(readBytes))
// string to sign
t, err := getTimeFromCR(canonReq)
c.Assert(err, IsNil)
credentialScope := sign4.CredentialScope(*t, regionName, serviceName)
stringToSign := sign4.StringToSign(canonReq.CanonicalRequest, credentialScope, *t)
readBytes, err = ioutil.ReadFile(stsFileName)
c.Assert(err, IsNil)
c.Assert(stringToSign, Equals, string(readBytes))
// signed
signature, err := sign4.SignStringToSign(stringToSign, secretKey)
c.Assert(err, IsNil)
authHdrVal := sign4.AuthHeaderValue(signature, accessKey, credentialScope, canonReq)
// Authorized value
sreq, err := getAWSSuiteReq(sreqFileName)
c.Assert(err, IsNil)
c.Assert(authHdrVal, Not(Equals), "")
c.Assert(authHdrVal, Equals, sreq.Header.Get("Authorization"))
}
}