Esempio n. 1
0
 public function signRequest(RequestInterface $request, CredentialsInterface $credentials)
 {
     $timestamp = $this->getTimestamp();
     $longDate = gmdate(DateFormat::ISO8601, $timestamp);
     $shortDate = substr($longDate, 0, 8);
     // Remove any previously set Authorization headers so that retries work
     $request->removeHeader('Authorization');
     // Requires a x-amz-date header or Date
     if ($request->hasHeader('x-amz-date') || !$request->hasHeader('Date')) {
         $request->setHeader('x-amz-date', $longDate);
     } else {
         $request->setHeader('Date', gmdate(DateFormat::RFC1123, $timestamp));
     }
     // Add the security token if one is present
     if ($credentials->getSecurityToken()) {
         $request->setHeader('x-amz-security-token', $credentials->getSecurityToken());
     }
     // Parse the service and region or use one that is explicitly set
     $region = $this->regionName;
     $service = $this->serviceName;
     if (!$region || !$service) {
         $url = Url::factory($request->getUrl());
         $region = $region ?: HostNameUtils::parseRegionName($url);
         $service = $service ?: HostNameUtils::parseServiceName($url);
     }
     $credentialScope = $this->createScope($shortDate, $region, $service);
     $payload = $this->getPayload($request);
     $signingContext = $this->createSigningContext($request, $payload);
     $signingContext['string_to_sign'] = $this->createStringToSign($longDate, $credentialScope, $signingContext['canonical_request']);
     // Calculate the signing key using a series of derived keys
     $signingKey = $this->getSigningKey($shortDate, $region, $service, $credentials->getSecretKey());
     $signature = hash_hmac('sha256', $signingContext['string_to_sign'], $signingKey);
     $request->setHeader('Authorization', "AWS4-HMAC-SHA256 " . "Credential={$credentials->getAccessKeyId()}/{$credentialScope}, " . "SignedHeaders={$signingContext['signed_headers']}, Signature={$signature}");
     // Add debug information to the request
     $request->getParams()->set('aws.signature', $signingContext);
 }
Esempio n. 2
0
 public function signRequest(RequestInterface $request, CredentialsInterface $credentials)
 {
     $timestamp = $this->getTimestamp();
     $longDate = gmdate(DateFormat::ISO8601, $timestamp);
     $shortDate = substr($longDate, 0, 8);
     // Remove any previously set Authorization headers so that retries work
     $request->removeHeader('Authorization');
     // Requires a x-amz-date header or Date
     if ($request->hasHeader('x-amz-date') || !$request->hasHeader('Date')) {
         $request->setHeader('x-amz-date', $longDate);
     } else {
         $request->setHeader('Date', gmdate(DateFormat::RFC1123, $timestamp));
     }
     // Add the security token if one is present
     if ($credentials->getSecurityToken()) {
         $request->setHeader('x-amz-security-token', $credentials->getSecurityToken());
     }
     // Parse the service and region or use one that is explicitly set
     $region = $this->regionName;
     $service = $this->serviceName;
     if (!$region || !$service) {
         $url = Url::factory($request->getUrl());
         $region = $region ?: HostNameUtils::parseRegionName($url);
         $service = $service ?: HostNameUtils::parseServiceName($url);
     }
     $credentialScope = "{$shortDate}/{$region}/{$service}/aws4_request";
     // Calculate the request signature payload
     if ($request->hasHeader('x-amz-content-sha256')) {
         // Handle streaming operations (e.g. Glacier.UploadArchive)
         $payload = $request->getHeader('x-amz-content-sha256');
     } elseif ($request instanceof EntityEnclosingRequestInterface) {
         $payload = hash('sha256', $request->getMethod() == 'POST' && count($request->getPostFields()) ? (string) $request->getPostFields() : (string) $request->getBody());
     } else {
         // Use the default payload if there is no body
         $payload = self::DEFAULT_PAYLOAD;
     }
     $signingContext = $this->createSigningContext($request, $payload);
     $signingContext['string_to_sign'] = "AWS4-HMAC-SHA256\n{$longDate}\n{$credentialScope}\n" . hash('sha256', $signingContext['canonical_request']);
     // Calculate the signing key using a series of derived keys
     $signingKey = $this->getSigningKey($shortDate, $region, $service, $credentials->getSecretKey());
     $signature = hash_hmac('sha256', $signingContext['string_to_sign'], $signingKey);
     $request->setHeader('Authorization', "AWS4-HMAC-SHA256 " . "Credential={$credentials->getAccessKeyId()}/{$credentialScope}, " . "SignedHeaders={$signingContext['signed_headers']}, Signature={$signature}");
     // Add debug information to the request
     $request->getParams()->set('aws.signature', $signingContext);
 }
 /**
  * @covers Aws\Common\HostNameUtils::parseServiceName
  * @covers Aws\Common\HostNameUtils::parseRegionName
  * @dataProvider regionAndServiceProvider
  */
 public function testParsesRegionsAndServices($host, $service, $region)
 {
     $url = Url::factory('https://' . $host);
     $this->assertEquals($service, HostNameUtils::parseServiceName($url), 'Service name mismatch');
     $this->assertEquals($region, HostNameUtils::parseRegionName($url), 'Region mismatch');
 }
Esempio n. 4
0
 /**
  * {@inheritdoc}
  */
 public function signRequest(RequestInterface $request, CredentialsInterface $credentials)
 {
     // Refresh the cached timestamp
     $this->getTimestamp(true);
     $longDate = $this->getDateTime(DateFormat::ISO8601);
     $shortDate = $this->getDateTime(DateFormat::SHORT);
     // Remove any previously set Authorization headers so that
     // exponential backoff works correctly
     $request->removeHeader('Authorization');
     // Requires a x-amz-date header or Date
     if ($request->hasHeader('x-amz-date') || !$request->hasHeader('Date')) {
         $request->setHeader('x-amz-date', $longDate);
     } else {
         $request->setHeader('Date', $this->getDateTime(DateFormat::RFC1123));
     }
     // Add the security token if one is present
     if ($credentials->getSecurityToken()) {
         $request->setHeader('x-amz-security-token', $credentials->getSecurityToken());
     }
     // Parse the service and region or use one that is explicitly set
     $url = null;
     if (!$this->regionName || !$this->serviceName) {
         $url = Url::factory($request->getUrl());
     }
     if (!($region = $this->regionName)) {
         $region = HostNameUtils::parseRegionName($url);
     }
     if (!($service = $this->serviceName)) {
         $service = HostNameUtils::parseServiceName($url);
     }
     $credentialScope = "{$shortDate}/{$region}/{$service}/aws4_request";
     $signingContext = $this->createCanonicalRequest($request);
     $signingContext['string_to_sign'] = "AWS4-HMAC-SHA256\n{$longDate}\n{$credentialScope}\n" . hash('sha256', $signingContext['canonical_request']);
     // Calculate the signing key using a series of derived keys
     $signingKey = $this->getSigningKey($shortDate, $region, $service, $credentials->getSecretKey());
     $signature = hash_hmac('sha256', $signingContext['string_to_sign'], $signingKey);
     $request->setHeader('Authorization', "AWS4-HMAC-SHA256 " . "Credential={$credentials->getAccessKeyId()}/{$credentialScope}, " . "SignedHeaders={$signingContext['signed_headers']}, Signature={$signature}");
     // Add debug information to the request
     $request->getParams()->set('aws.signature', $signingContext);
 }