Class: Aws::Sigv2::Signer Deprecated

Inherits:

Object

• Object
• Aws::Sigv2::Signer

Defined in:

gems/aws-sigv2/lib/aws-sigv2/signer.rb

Overview

Deprecated.

This signer is deprecated. You should use the aws-sigv4 gem instead.

Instance Attribute Summary

• #credentials_provider ⇒ #credentials readonly

  Returns an object that responds to #credentials returning a Credentials object.

Instance Method Summary

• #initialize(options = {}) ⇒ Signer constructor

  A new instance of Signer.

• #sign_request(request) ⇒ Hash

  Computes a version 2 signature.

Constructor Details

#initialize(access_key_id: , secret_access_key: , session_token: nil) ⇒ Signer #initialize(credentials: ) ⇒ Signer #initialize(credentials_provider: ) ⇒ Signer

Returns a new instance of Signer.

Overloads:

• #initialize(access_key_id: , secret_access_key: , session_token: nil) ⇒ Signer

  Parameters:

  • :access_key_id (String)
  • :secret_access_key (String)
  • :session_token (String) —

    (nil)

• #initialize(credentials: ) ⇒ Signer

  Parameters:

  • :credentials (Credentials)
• #initialize(credentials_provider: ) ⇒ Signer

  Parameters:

  • :credentials_provider (#credentials) —

    An object that responds to #credentials, returning an object that responds to:

    • #access_key_id
    • #secret_access_key
    • #session_token

# File 'gems/aws-sigv2/lib/aws-sigv2/signer.rb', line 30

def initialize(options = {})
  @credentials_provider = extract_credentials_provider(options)
end

Instance Attribute Details

#credentials_provider ⇒ #credentials (readonly)

Returns an object that responds to #credentials returning a Credentials object.

Returns:

• (#credentials) —

  Returns an object that responds to #credentials returning a Credentials object.

# File 'gems/aws-sigv2/lib/aws-sigv2/signer.rb', line 36

def credentials_provider
  @credentials_provider
end

Instance Method Details

#sign_request(request) ⇒ Hash

Computes a version 2 signature. The signature is returned as a hash of request parameters that should be applied to the HTTP request. The given request will not be modified.

signature = signer.sign_request(
  http_method: 'POST',
  url: 'https://domain.com',
  params: {
    'Param.Name' => 'Param.Value',
  }
)

# Returns a hash with the following keys:
signature['AWSAccessKeyId']
signature['SecurityToken'] # when using session credentials
signature['Timestamp']
signature['SignatureVersion']
signature['SignatureMethod']
signature['Signature']

Parameters:

• request (Hash)

Options Hash (request):

• :http_method (required, String) —

  One of 'GET', 'HEAD', 'PUT', 'POST', 'PATCH', or 'DELETE'

• :url (required, String, URI::HTTPS, URI::HTTP) —

  The request URI. Must be a valid HTTP or HTTPS URI.

• :params (optional, Hash) — default: {} —

  Request parameters to sign. This should be a hash with un-escaped parameter names and values. For "GET" style requests, this should be the querystring parameters. For "POST" style requests, this should be the form-url-encoded query parameters.

Returns:

• (Hash) —

  Returns a hash of un-escaped signature parameters. These must be applied to the HTTP request. If the request is a "GET" request, they should be applied to the querystring. If the request is "POST" then they should be added to the form-url-encoded HTTP request body.

# File 'gems/aws-sigv2/lib/aws-sigv2/signer.rb', line 79

def sign_request(request)

  creds = @credentials_provider.credentials

  http_method = extract_http_method(request)
  url = extract_url(request)
  params = request[:params] || {}

  timestamp = params['Timestamp']
  timestamp ||= Time.now.utc.strftime('%Y-%m-%dT%H:%M:%SZ')

  auth_params = {}
  auth_params['AWSAccessKeyId'] = creds.access_key_id
  auth_params['SecurityToken'] = creds.session_token if creds.session_token
  auth_params['Timestamp'] = timestamp
  auth_params['SignatureVersion'] = '2'
  auth_params['SignatureMethod'] = 'HmacSHA256'

  sts = string_to_sign(http_method, url, params.merge(auth_params))

  auth_params['Signature'] = signature(sts, creds.secret_access_key)
  auth_params
end