func TestResignRequestExpiredCreds(t *testing.T) { creds := credentials.NewStaticCredentials("AKID", "SECRET", "SESSION") r := aws.NewRequest( aws.NewService(&aws.Config{Credentials: creds}), &aws.Operation{ Name: "BatchGetItem", HTTPMethod: "POST", HTTPPath: "/", }, nil, nil, ) Sign(r) querySig := r.HTTPRequest.Header.Get("Authorization") creds.Expire() Sign(r) assert.NotEqual(t, querySig, r.HTTPRequest.Header.Get("Authorization")) }
func TestIgnoreResignRequestWithValidCreds(t *testing.T) { r := aws.NewRequest( aws.NewService(&aws.Config{ Credentials: credentials.NewStaticCredentials("AKID", "SECRET", "SESSION"), Region: aws.String("us-west-2"), }), &aws.Operation{ Name: "BatchGetItem", HTTPMethod: "POST", HTTPPath: "/", }, nil, nil, ) Sign(r) sig := r.HTTPRequest.Header.Get("Authorization") Sign(r) assert.Equal(t, sig, r.HTTPRequest.Header.Get("Authorization")) }
func TestAnonymousCredentials(t *testing.T) { r := aws.NewRequest( aws.NewService(&aws.Config{Credentials: credentials.AnonymousCredentials}), &aws.Operation{ Name: "BatchGetItem", HTTPMethod: "POST", HTTPPath: "/", }, nil, nil, ) Sign(r) urlQ := r.HTTPRequest.URL.Query() assert.Empty(t, urlQ.Get("X-Amz-Signature")) assert.Empty(t, urlQ.Get("X-Amz-Credential")) assert.Empty(t, urlQ.Get("X-Amz-SignedHeaders")) assert.Empty(t, urlQ.Get("X-Amz-Date")) hQ := r.HTTPRequest.Header assert.Empty(t, hQ.Get("Authorization")) assert.Empty(t, hQ.Get("X-Amz-Date")) }
func TestPreResignRequestExpiredCreds(t *testing.T) { provider := &credentials.StaticProvider{credentials.Value{"AKID", "SECRET", "SESSION"}} creds := credentials.NewCredentials(provider) r := aws.NewRequest( aws.NewService(&aws.Config{Credentials: creds}), &aws.Operation{ Name: "BatchGetItem", HTTPMethod: "POST", HTTPPath: "/", }, nil, nil, ) r.ExpireTime = time.Minute * 10 Sign(r) querySig := r.HTTPRequest.URL.Query().Get("X-Amz-Signature") creds.Expire() r.Time = time.Now().Add(time.Hour * 48) Sign(r) assert.NotEqual(t, querySig, r.HTTPRequest.URL.Query().Get("X-Amz-Signature")) }