43 lines
1.4 KiB
Ruby
43 lines
1.4 KiB
Ruby
require 'base64'
|
|
require 'openssl'
|
|
|
|
module Cellar
|
|
class AmazonV2RequestSigner
|
|
def initialize(access_key_id, secret_access_key, bucket)
|
|
@access_key_id = access_key_id
|
|
@secret_access_key = secret_access_key
|
|
@bucket = bucket
|
|
end
|
|
|
|
def sign(request, key)
|
|
date = Time.zone.now.httpdate
|
|
sig = signature(
|
|
method: request.method,
|
|
key: key,
|
|
date: date,
|
|
checksum: request['Content-MD5'] || '',
|
|
content_type: request.content_type || ''
|
|
)
|
|
request['date'] = date
|
|
request['authorization'] = "AWS #{@access_key_id}:#{sig}"
|
|
end
|
|
|
|
def url_signature_params(method:, key:, expires_in:, content_type: '', checksum: '')
|
|
expires = expires_in.from_now.to_i
|
|
|
|
{
|
|
AWSAccessKeyId: @access_key_id,
|
|
Expires: expires,
|
|
Signature: signature(method: method, key: key, expires: expires, content_type: content_type, checksum: checksum)
|
|
}
|
|
end
|
|
|
|
def signature(method:, key:, expires: '', date: '', content_type: '', checksum: '')
|
|
canonicalized_amz_headers = ""
|
|
canonicalized_resource = "/#{@bucket}/#{key}"
|
|
string_to_sign = "#{method}\n#{checksum}\n#{content_type}\n#{expires}#{date}\n" +
|
|
"#{canonicalized_amz_headers}#{canonicalized_resource}"
|
|
Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha1'), @secret_access_key, string_to_sign)).strip
|
|
end
|
|
end
|
|
end
|