// SignedURL creates a signed URL using the given ConnectionData, where route // is the url path relative to the BaseURL stored in the ConnectionData, query // is the set of query string parameters, if any, and duration is the amount of // time that the signed URL should remain valid for. func (connectionData *ConnectionData) SignedURL(route string, query url.Values, duration time.Duration) (u *url.URL, err error) { u, err = setURL(connectionData, route, query) if err != nil { return } credentials := &hawk.Credentials{ ID: connectionData.Credentials.ClientID, Key: connectionData.Credentials.AccessToken, Hash: sha256.New, } reqAuth, err := hawk.NewURLAuth(u.String(), credentials, duration) if err != nil { return } reqAuth.Ext, err = getExtHeader(connectionData.Credentials) if err != nil { return } bewitSignature := reqAuth.Bewit() if query == nil { query = url.Values{} } query.Set("bewit", bewitSignature) u.RawQuery = query.Encode() return }
func Bewit(clientId string, accessToken string, uri string) (string, error) { credentials := &hawk.Credentials{ ID: clientId, Key: accessToken, Hash: sha256.New, } auth, err := hawk.NewURLAuth(uri, credentials, BEWIT_EXPIRES) if err != nil { return "", err } bewit := auth.Bewit() return fmt.Sprintf("%s?bewit=%s", uri, bewit), nil }