/** * Always add a x-amz-content-sha-256 for data integrity. */ public function signRequest(RequestInterface $request, CredentialsInterface $credentials) { if (!$request->hasHeader('x-amz-content-sha256')) { $request->setHeader('x-amz-content-sha256', $this->getPayload($request)); } parent::signRequest($request, $credentials); }
public function signRequest(RequestInterface $request, CredentialsInterface $credentials) { if ($request instanceof EntityEnclosingRequestInterface && $request->getBody()) { $request->setHeader('X-Amz-Content-Sha256', EntityBody::getHash($request->getBody(), 'sha256')); } else { $request->setHeader('X-Amz-Content-Sha256', hash('sha256', '')); } parent::signRequest($request, $credentials); }
/** * Override used to allow pre-signed URLs to be created for an * in-determinate request payload. */ protected function getPresignedPayload(RequestInterface $request) { $result = parent::getPresignedPayload($request); // If the body is empty, then sign with 'UNSIGNED-PAYLOAD' if ($result === self::DEFAULT_PAYLOAD) { $result = 'UNSIGNED-PAYLOAD'; } return $result; }
private function createPresignedUrl(AwsClientInterface $client, CommandInterface $command) { // Create a temporary client used to generate the presigned URL $newClient = Ec2Client::factory(array('region' => $command['SourceRegion'], 'signature' => 'v4', 'credentials' => $client->getCredentials())); $preCommand = $newClient->getCommand('CopySnapshot', $command->toArray()); $preCommand['__internal'] = true; /** @var \Guzzle\Http\Message\EntityEnclosingRequest $preRequest */ $preRequest = $preCommand->prepare(); return $newClient->getSignature()->createPresignedUrl(SignatureV4::convertPostToGet($preRequest), $newClient->getCredentials(), '+1 hour'); }
/** * Return an appropriate signature object for a a client based on a description * * @param ServiceDescription $description Description that holds a signature option * @param Collection $config Configuration options * * @return SignatureInterface * @throws InvalidArgumentException */ protected function getSignature(ServiceDescription $description, Collection $config) { if (!($signature = $config->get(Options::SIGNATURE))) { switch ($description->getData('signatureVersion')) { case 'v2': $signature = new SignatureV2(); break; case 'v3': $signature = new SignatureV3(); break; case 'v3https': $signature = new SignatureV3Https(); break; case 'v4': $signature = new SignatureV4(); break; default: throw new InvalidArgumentException('Service description does not specify a valid signatureVersion'); } } // Allow a custom service name or region value to be provided if ($signature instanceof EndpointSignatureInterface) { // Determine the service name to use when signing if (!($service = $config->get(Options::SIGNATURE_SERVICE))) { if (!($service = $description->getData('signingName'))) { $service = $description->getData('endpointPrefix'); } } $signature->setServiceName($service); // Determine the region to use when signing requests if (!($region = $config->get(Options::SIGNATURE_REGION))) { $region = $config->get(Options::REGION); } $signature->setRegionName($region); } return $signature; }
/** * @expectedException \InvalidArgumentException */ public function testEnsuresMethodIsPost() { $request = new EntityEnclosingRequest('PUT', 'http://foo.com'); SignatureV4::convertPostToGet($request); }
/** * Return an appropriate signature object for a a client based on a description * * @param ServiceDescription $description Description that holds a signature option * @param Collection $config Configuration options * * @throws InvalidArgumentException */ protected function addSignature(ServiceDescription $description, Collection $config) { if (!($signature = $config->get(Options::SIGNATURE))) { if (!$description->getData('signatureVersion')) { throw new InvalidArgumentException('The service description does not specify a signatureVersion'); } switch ($description->getData('signatureVersion')) { case 'v2': $signature = new SignatureV2(); break; case 'v3': $signature = new SignatureV3(); break; case 'v3https': $signature = new SignatureV3Https(); break; case 'v4': $signature = new SignatureV4(); break; } } // Allow a custom service name or region value to be provided if ($signature instanceof EndpointSignatureInterface) { $signature->setServiceName($config->get(Options::SIGNATURE_SERVICE) ?: $description->getData('signingName')); $signature->setRegionName($config->get(Options::SIGNATURE_REGION)); } $config->set(Options::SIGNATURE, $signature); }
public function testSetRegionUpdatesBaseUrlAndSignature() { // Setup client $endpointProvider = new XmlEndpointProvider(); $signature = new SignatureV4(); $signature->setRegionName(Region::US_EAST_1); $credentials = new Credentials('test', '123'); $config = new Collection(array(Options::SERVICE => 's3', Options::SCHEME => 'https', Options::BASE_URL => $endpointProvider->getEndpoint('s3', Region::US_EAST_1)->getBaseUrl('https'), Options::ENDPOINT_PROVIDER => $endpointProvider)); /** @var $client AbstractClient */ $client = $this->getMockBuilder('Aws\\Common\\Client\\AbstractClient')->setConstructorArgs(array($credentials, $signature, $config))->getMockForAbstractClass(); // Get the original values $baseUrl1 = $client->getBaseUrl(); $regionName1 = $this->readAttribute($signature, 'regionName'); $this->assertNotEmpty($baseUrl1); $this->assertNotEmpty($regionName1); // Change the region, get the new values, and compare with old $client->setRegion(Region::US_WEST_1); $baseUrl2 = $client->getBaseUrl(); $regionName2 = $this->readAttribute($signature, 'regionName'); $this->assertNotEmpty($baseUrl2); $this->assertNotEmpty($regionName2); $this->assertNotEquals($baseUrl1, $baseUrl2); $this->assertNotEquals($regionName1, $regionName2); }
public function testSignSpecificHeaders() { $sig = new SignatureV4('foo', 'bar'); $creds = new Credentials('a', 'b'); $req = new Request('PUT', 'http://foo.com', array('date' => 'today', 'host' => 'foo.com', 'x-amz-foo' => '123', 'content-md5' => 'bogus')); $sig->signRequest($req, $creds); $creq = $req->getParams()->getPath('aws.signature/canonical_request'); $this->assertContains('content-md5;date;host;x-amz-foo', $creq); }