func getAuth(clientId string, accessToken string, http *http.Request) *hawk.Auth {
// Create the hawk authentication string from the request...
credentials := &hawk.Credentials{
ID: clientId,
Key: accessToken,
Hash: sha256.New,
}
return hawk.NewRequestAuth(http, credentials, 0)
}
// SignRequest will add an Authorization header
func (c *Credentials) SignRequest(req *http.Request) (err error) {
// s, err := c.SignHeader(req.Method, req.URL.String(), hash)
// req.Header.Set("Authorization", s)
// return err
credentials := &hawk.Credentials{
ID: c.ClientID,
Key: c.AccessToken,
Hash: sha256.New,
}
reqAuth := hawk.NewRequestAuth(req, credentials, 0)
reqAuth.Ext, err = getExtHeader(c)
if err != nil {
return fmt.Errorf("Internal error: was not able to generate hawk ext header from provided credentials:\n%s\n%s", c, err)
}
req.Header.Set("Authorization", reqAuth.RequestHeader())
return nil
}
// apiCall is the generic REST API calling method which performs all REST API
// calls for this library. Each auto-generated REST API method simply is a
// wrapper around this method, calling it with specific specific arguments.
func (awsProvisioner *AwsProvisioner) apiCall(payload interface{}, method, route string, result interface{}) (interface{}, *CallSummary) {
callSummary := new(CallSummary)
callSummary.HttpRequestObject = payload
var jsonPayload []byte
jsonPayload, callSummary.Error = json.Marshal(payload)
if callSummary.Error != nil {
return result, callSummary
}
callSummary.HttpRequestBody = string(jsonPayload)
httpClient := &http.Client{}
// function to perform http request - we call this using backoff library to
// have exponential backoff in case of intermittent failures (e.g. network
// blips or HTTP 5xx errors)
httpCall := func() (*http.Response, error, error) {
var ioReader io.Reader = nil
if reflect.ValueOf(payload).IsValid() && !reflect.ValueOf(payload).IsNil() {
ioReader = bytes.NewReader(jsonPayload)
}
httpRequest, err := http.NewRequest(method, awsProvisioner.BaseURL+route, ioReader)
if err != nil {
return nil, nil, fmt.Errorf("apiCall url cannot be parsed: '%v', is your BaseURL (%v) set correctly?\n%v\n", awsProvisioner.BaseURL+route, awsProvisioner.BaseURL, err)
}
httpRequest.Header.Set("Content-Type", "application/json")
callSummary.HttpRequest = httpRequest
// Refresh Authorization header with each call...
// Only authenticate if client library user wishes to.
if awsProvisioner.Authenticate {
credentials := &hawk.Credentials{
ID: awsProvisioner.ClientId,
Key: awsProvisioner.AccessToken,
Hash: sha256.New,
}
reqAuth := hawk.NewRequestAuth(httpRequest, credentials, 0)
if awsProvisioner.Certificate != "" {
reqAuth.Ext = base64.StdEncoding.EncodeToString([]byte("{\"certificate\":" + awsProvisioner.Certificate + "}"))
}
httpRequest.Header.Set("Authorization", reqAuth.RequestHeader())
}
debug("Making http request: %v", httpRequest)
resp, err := httpClient.Do(httpRequest)
return resp, err, nil
}
// Make HTTP API calls using an exponential backoff algorithm...
callSummary.HttpResponse, callSummary.Attempts, callSummary.Error = httpbackoff.Retry(httpCall)
if callSummary.Error != nil {
return result, callSummary
}
// now read response into memory, so that we can return the body
var body []byte
body, callSummary.Error = ioutil.ReadAll(callSummary.HttpResponse.Body)
if callSummary.Error != nil {
return result, callSummary
}
callSummary.HttpResponseBody = string(body)
// if result is passed in as nil, it means the API defines no response body
// json
if reflect.ValueOf(result).IsValid() && !reflect.ValueOf(result).IsNil() {
callSummary.Error = json.Unmarshal([]byte(callSummary.HttpResponseBody), &result)
if callSummary.Error != nil {
// technically not needed since returned outside if, but more comprehensible
return result, callSummary
}
}
// Return result and callSummary
return result, callSummary
}
