Example #1
1
 public function signRequest(RequestInterface $request, CredentialsInterface $credentials)
 {
     $params = Psr7\parse_query($request->getBody());
     $params['Timestamp'] = gmdate('c');
     $params['SignatureVersion'] = '2';
     $params['SignatureMethod'] = 'HmacSHA256';
     $params['AWSAccessKeyId'] = $credentials->getAccessKeyId();
     if ($token = $credentials->getSecurityToken()) {
         $params['SecurityToken'] = $token;
     }
     // build string to sign
     $sign = $request->getMethod() . "\n" . $request->getHeaderLine('Host') . "\n" . '/' . "\n" . $this->getCanonicalizedParameterString($params);
     $params['Signature'] = base64_encode(hash_hmac('sha256', $sign, $credentials->getSecretKey(), true));
     return $request->withBody(Psr7\stream_for(http_build_query($params)));
 }
Example #2
0
 public function signRequest(RequestInterface $request, CredentialsInterface $credentials)
 {
     $params = Psr7\parse_query($request->getBody()->__toString());
     $params['SignatureVersion'] = '2';
     $params['SignatureMethod'] = 'HmacSHA256';
     $params['AWSAccessKeyId'] = $credentials->getAccessKeyId();
     if ($credentials->getSecurityToken()) {
         $params['MWSAuthToken'] = $credentials->getSecurityToken();
     }
     $params['Timestamp'] = gmdate(self::ISO8601_BASIC);
     ksort($params);
     $canonicalizedQueryString = $this->getCanonicalizedQuery($params);
     $stringToSign = implode("\n", [$request->getMethod(), $request->getUri()->getHost(), $request->getUri()->getPath(), $canonicalizedQueryString]);
     // calculate HMAC with SHA256 and base64-encoding
     $signature = base64_encode(hash_hmac('sha256', $stringToSign, $credentials->getSecretKey(), TRUE));
     // encode the signature for the request
     $signature = str_replace('%7E', '~', rawurlencode($signature));
     $signature = str_replace('+', '%20', $signature);
     $signature = str_replace('*', '%2A', $signature);
     $queryString = $canonicalizedQueryString . "&Signature=" . $signature;
     if ($request->getMethod() === 'POST') {
         return new Request('POST', $request->getUri(), ['Content-Length' => strlen($queryString), 'Content-Type' => 'application/x-www-form-urlencoded'], $queryString);
     } else {
         return new Request('GET', $request->getUri()->withQuery($queryString));
     }
 }
Example #3
0
 public function createPresignedUrl(RequestInterface $request, CredentialsInterface $credentials, $expires)
 {
     // Operate on a clone of the request, so the original is not altered.
     $request = clone $request;
     // URL encoding already occurs in the URI template expansion. Undo that
     // and encode using the same encoding as GET object, PUT object, etc.
     $path = S3Client::encodeKey(rawurldecode($request->getPath()));
     $request->setPath($path);
     // Make sure to handle temporary credentials
     if ($token = $credentials->getSecurityToken()) {
         $request->setHeader('X-Amz-Security-Token', $token);
         $request->getQuery()->set('X-Amz-Security-Token', $token);
     }
     if ($expires instanceof \DateTime) {
         $expires = $expires->getTimestamp();
     } elseif (!is_numeric($expires)) {
         $expires = strtotime($expires);
     }
     // Set query params required for pre-signed URLs
     $query = $request->getQuery();
     $query['AWSAccessKeyId'] = $credentials->getAccessKeyId();
     $query['Expires'] = $expires;
     $query['Signature'] = $this->signString($this->createCanonicalizedString($request, $expires), $credentials);
     // Move X-Amz-* headers to the query string
     foreach ($request->getHeaders() as $name => $header) {
         $name = strtolower($name);
         if (strpos($name, 'x-amz-') === 0) {
             $request->getQuery()->set($name, implode(',', $header));
             $request->removeHeader($name);
         }
     }
     return $request->getUrl();
 }
Example #4
0
 public function signRequest(RequestInterface $request, CredentialsInterface $credentials)
 {
     /** @var PostBodyInterface $body */
     $body = $request->getBody();
     $body->setField('Timestamp', gmdate('c'));
     $body->setField('SignatureVersion', '2');
     $body->setField('SignatureMethod', 'HmacSHA256');
     $body->setField('AWSAccessKeyId', $credentials->getAccessKeyId());
     if ($token = $credentials->getSecurityToken()) {
         $body->setField('SecurityToken', $token);
     }
     // build string to sign
     $sign = $request->getMethod() . "\n" . $request->getHost() . "\n" . '/' . "\n" . $this->getCanonicalizedParameterString($body);
     $request->getConfig()->set('aws.signature', $sign);
     $body->setField('Signature', base64_encode(hash_hmac('sha256', $sign, $credentials->getSecretKey(), true)));
 }
Example #5
0
 private function createPresignedRequest(RequestInterface $request, CredentialsInterface $credentials)
 {
     $parsedRequest = $this->parseRequest($request);
     // Make sure to handle temporary credentials
     if ($token = $credentials->getSecurityToken()) {
         $parsedRequest['headers']['X-Amz-Security-Token'] = [$token];
     }
     return $this->moveHeadersToQuery($parsedRequest);
 }
Example #6
0
 private function createPresignedRequest(RequestInterface $request, CredentialsInterface $credentials)
 {
     $sr = clone $request;
     // Make sure to handle temporary credentials
     if ($token = $credentials->getSecurityToken()) {
         $sr->setHeader('X-Amz-Security-Token', $token);
         $sr->getQuery()->set('X-Amz-Security-Token', $token);
     }
     $this->moveHeadersToQuery($sr);
     return $sr;
 }