You are viewing documentation for version 3 of the AWS SDK for Ruby. Version 2 documentation can be found here.

Class: Aws::Sigv2::Signer Deprecated

Inherits:
Object
  • Object
show all
Defined in:
gems/aws-sigv2/lib/aws-sigv2/signer.rb

Overview

Deprecated.

This signer is deprecated. You should use the aws-sigv4 gem instead.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(access_key_id: , secret_access_key: , session_token: nil) ⇒ Signer #initialize(credentials: ) ⇒ Signer #initialize(credentials_provider: ) ⇒ Signer

Returns a new instance of Signer

Overloads:

  • #initialize(access_key_id: , secret_access_key: , session_token: nil) ⇒ Signer

    Parameters:

    • :access_key_id (String)
    • :secret_access_key (String)
    • :session_token (String)

      (nil)

  • #initialize(credentials: ) ⇒ Signer

    Parameters:

  • #initialize(credentials_provider: ) ⇒ Signer

    Parameters:

    • :credentials_provider (#credentials)

      An object that responds to #credentials, returning an object that responds to:

      • #access_key_id
      • #secret_access_key
      • #session_token


28
29
30
# File 'gems/aws-sigv2/lib/aws-sigv2/signer.rb', line 28

def initialize(options = {})
  @credentials_provider = extract_credentials_provider(options)
end

Instance Attribute Details

#credentials_provider#credentials (readonly)

Returns an object that responds to #credentials returning a Credentials object.

Returns:

  • (#credentials)

    Returns an object that responds to #credentials returning a Credentials object.



34
35
36
# File 'gems/aws-sigv2/lib/aws-sigv2/signer.rb', line 34

def credentials_provider
  @credentials_provider
end

Instance Method Details

#sign_request(request) ⇒ Hash

Computes a version 2 signature. The signature is returned as a hash of request parameters that should be applied to the HTTP request. The given request will not be modified.

signature = signer.sign_request(
  http_method: 'POST',
  url: 'https://domain.com',
  params: {
    'Param.Name' => 'Param.Value',
  }
)

# Returns a hash with the following keys:
signature['AWSAccessKeyId']
signature['SecurityToken'] # when using session credentials
signature['Timestamp']
signature['SignatureVersion']
signature['SignatureMethod']
signature['Signature']

Parameters:

  • request (Hash)

Options Hash (request):

  • :http_method (required, String)

    One of 'GET', 'HEAD', 'PUT', 'POST', 'PATCH', or 'DELETE'

  • :url (required, String, URI::HTTPS, URI::HTTP)

    The request URI. Must be a valid HTTP or HTTPS URI.

  • :params (optional, Hash) — default: {}

    Request parameters to sign. This should be a hash with un-escaped parameter names and values. For "GET" style requests, this should be the querystring parameters. For "POST" style requests, this should be the form-url-encoded query parameters.

Returns:

  • (Hash)

    Returns a hash of un-escaped signature parameters. These must be applied to the HTTP request. If the request is a "GET" request, they should be applied to the querystring. If the request is "POST" then they should be added to the form-url-encoded HTTP request body.



77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# File 'gems/aws-sigv2/lib/aws-sigv2/signer.rb', line 77

def sign_request(request)

  creds = @credentials_provider.credentials

  http_method = extract_http_method(request)
  url = extract_url(request)
  params = request[:params] || {}

  timestamp = params['Timestamp']
  timestamp ||= Time.now.utc.strftime('%Y-%m-%dT%H:%M:%SZ')

  auth_params = {}
  auth_params['AWSAccessKeyId'] = creds.access_key_id
  auth_params['SecurityToken'] = creds.session_token if creds.session_token
  auth_params['Timestamp'] = timestamp
  auth_params['SignatureVersion'] = '2'
  auth_params['SignatureMethod'] = 'HmacSHA256'

  sts = string_to_sign(http_method, url, params.merge(auth_params))

  auth_params['Signature'] = signature(sts, creds.secret_access_key)
  auth_params
end