/** * @param string $key AWS IAM User Key * @param string $secret AWS IAM User Secret * @param string $region AWS Region * @param array $multiParams Parameters to pass to CURL * @param array $singleParams Parmaters to pass to CURL * * @return ClientBuilder */ public function setAwsHandler($key, $secret, $region = 'us-east-1', $multiParams = [], $singleParams = []) { $future = null; if (extension_loaded('curl')) { $config = array_merge(['mh' => curl_multi_init()], $multiParams); if (function_exists('curl_reset')) { $default = new CurlHandler($singleParams); $future = new CurlMultiHandler($config); } else { $default = new CurlMultiHandler($config); } } else { throw new \RuntimeException('Elasticsearch-PHP requires cURL, or a custom HTTP handler.'); } $curlHandler = $future ? Middleware::wrapFuture($default, $future) : $default; $awsSignedHandler = function (array $request) use($curlHandler, $region, $key, $secret) { $signer = new SignatureV4('es', $region); $credentials = new Credentials($key, $secret); $psr7Request = new Request($request['http_method'], $request['uri'], $request['headers'], $request['body']); $signedRequest = $signer->signRequest($psr7Request, $credentials); $request['headers'] = $signedRequest->getHeaders(); return $curlHandler($request); }; $this->setHandler($awsSignedHandler); return $this; }
/** * Always add a x-amz-content-sha-256 for data integrity. */ public function signRequest(RequestInterface $request, CredentialsInterface $credentials) { if (!$request->hasHeader('x-amz-content-sha256')) { $request->setHeader('X-Amz-Content-Sha256', $this->getPayload($request)); } parent::signRequest($request, $credentials); }
private function getSigningMiddleware() { $region = $this->getConnection()->hasParam('aws_region') ? $this->getConnection()->getParam('aws_region') : getenv('AWS_REGION'); $signer = new SignatureV4('es', $region); $credProvider = $this->getCredentialProvider(); return Middleware::mapRequest(function (RequestInterface $req) use($signer, $credProvider) { return $signer->signRequest($req, $credProvider()->wait()); }); }
private function invokeSignedRequest($httpMethod, $endpointURL, $reqPath, $headers = array(), $params = array(), $jsonEntity = null) { if (empty($this->accessKey)) { trigger_error("Blank access key: " . $httpMethod . " " . $reqPath, E_USER_WARNING); return null; } $doSign = $this->tokenKey == null; if (empty($this->secretKey) && empty($this->tokenKey)) { if ($headers == null) { $headers = array(); } $headers["Authorization"] = "Anonymous " . $this->accessKey; $doSign = false; } $headers = $headers == null ? array() : $headers; $query = array(); if ($params != null) { foreach ($params as $key => $value) { if (is_array($value) && !empty($value)) { // no spec on this case, so choose first param in array $query[$key] = $value[0]; } else { $query[$key] = $value; } } } if ($this->tokenKey != null) { // make sure you don't create an infinite loop! if (!($httpMethod == "GET" && $reqPath == self::JWT_PATH)) { $this->refreshToken(); } $headers["Authorization"] = "Bearer " . $this->tokenKey; } // only sign some of the query parameters $queryString = empty($query) ? "" : "?" . \GuzzleHttp\Psr7\build_query($query); $req = new Request($httpMethod, $endpointURL . $reqPath . $queryString, $headers, $jsonEntity); if ($doSign) { $sig = new SignatureV4("para", "us-east-1"); $req = $sig->signRequest($req, new Credentials($this->accessKey, $this->secretKey)); } // send all query parameters to the server $queryString = $params == null ? "" : \GuzzleHttp\Psr7\build_query($params); try { return $this->apiClient->send($req, array(RequestOptions::QUERY => $queryString)); } catch (\Exception $ex) { error_log($ex->getMessage(), 0); } return null; }
/** * Get events by event name * * @param null $event_name * @return array * @throws Exception */ public function getEvents($event_name = null) { if (empty($event_name)) { throw new BusAPIException('Event name not specified.'); } $signer = new SignatureV4('execute-api', 'us-west-2'); $client = new GuzzleClient(['base_uri' => "https://{$this->host}", 'timeout' => 30, 'curl' => [CURLOPT_SSL_VERIFYPEER => false]]); $request = new Request('GET', $this->endpoint, ['Host' => $this->host]); if ($this->private_key && $this->public_key) { $credentials = new Credentials($this->public_key, $this->private_key); } else { $credentials = call_user_func(CredentialProvider::defaultProvider())->wait(); } $request = $signer->signRequest($request, $credentials); $response = $client->send($request); return ['response' => $response, 'results' => json_decode($response->getBody())]; }
<?php // collect_eggs.php include __DIR__ . '/vendor/autoload.php'; use GuzzleHttp\Client; use GuzzleHttp\Psr7\Request; use Aws\Credentials\Credentials; use Aws\Signature\SignatureV4; $apikey = ''; $accesskeyid = ''; $secretaccesskey = ''; $baseuri = ''; $client = new Client(['base_uri' => $baseuri]); $headers = ['X-Api-Key' => $apikey]; $request = new Request('GET', '/', $headers); $awscredentials = new Credentials($accesskeyid, $secretaccesskey); $awssignature = new SignatureV4('apigateway', 'us-east-1'); $request = $awssignature->signRequest($request, $awscredentials); $response = $client->send($request, ['debug' => true]); echo $response->getBody(); echo "\n\n";
/** * Sign request using AWS Signature Version 4 * * @param Request $request * @return Request */ private function signRequest(Request $request) { return $this->signature->signRequest($request, $this->credentials); }