aws-cpp-sdk-core/html/_a_w_s_auth_v4_signer_8h_source.html

#pragma once


#include "aws/core/auth/signer/AWSAuthSignerBase.h"


#include <aws/core/utils/Array.h>

#include <aws/core/utils/memory/stl/AWSSet.h>

#include <aws/core/utils/threading/ReaderWriterLock.h>

#include <aws/core/utils/crypto/Sha256.h>

#include <aws/core/utils/crypto/Sha256HMAC.h>

#include <aws/core/http/HttpRequest.h>

#include <aws/core/endpoint/internal/AWSEndpointAttribute.h>


#include <aws/crt/auth/Sigv4Signing.h>


#include <memory>


namespace smithy

{

    class AwsSigV4Signer;

}


namespace Aws

{

    namespace Http

    {

        class HttpRequest;

    } // namespace Http


    namespace Auth

    {

        class AWSCredentials;

        class AWSCredentialsProvider;

        class CredentialsResolutionContext;


        enum class AWSSigningAlgorithm

        {

            SIGV4 = static_cast<int>(Aws::Crt::Auth::SigningAlgorithm::SigV4),

            ASYMMETRIC_SIGV4 = static_cast<int>(Aws::Crt::Auth::SigningAlgorithm::SigV4A),

        };


        AWS_CORE_API extern const char SIGV4_SIGNER[];

        AWS_CORE_API extern const char ASYMMETRIC_SIGV4_SIGNER[];

    } // namespace Auth


    namespace Client

    {

        class AWS_CORE_API AWSAuthV4Signer : public AWSAuthSigner

        {


        public:

            enum class PayloadSigningPolicy

            {

                RequestDependent,

                Always,

                Never

            };

            AWSAuthV4Signer(const std::shared_ptr<Auth::AWSCredentialsProvider>& credentialsProvider,

                            const char* serviceName, const Aws::String& region, PayloadSigningPolicy signingPolicy = PayloadSigningPolicy::RequestDependent,

                            bool urlEscapePath = true, Aws::Auth::AWSSigningAlgorithm signingAlgorithm = Aws::Auth::AWSSigningAlgorithm::SIGV4);


            virtual ~AWSAuthV4Signer();


            const char* GetName() const override

            {

                if (m_signingAlgorithm == Aws::Auth::AWSSigningAlgorithm::ASYMMETRIC_SIGV4)

                {

                    return Aws::Auth::ASYMMETRIC_SIGV4_SIGNER;

                }

                else

                {

                    return Aws::Auth::SIGV4_SIGNER;

                }

            }


            bool SignRequest(Aws::Http::HttpRequest& request) const override

            {

                return SignRequest(request, m_region.c_str(), m_serviceName.c_str(), true/*signBody*/);

            }


            bool SignRequest(Aws::Http::HttpRequest& request, bool signBody) const override

            {

                return SignRequest(request, m_region.c_str(), m_serviceName.c_str(), signBody);

            }


            bool SignRequest(Aws::Http::HttpRequest& request, const char* region, bool signBody) const override

            {

                return SignRequest(request, region, m_serviceName.c_str(), signBody);

            }


            bool SignRequest(Aws::Http::HttpRequest& request, const char* region, const char* serviceName, bool signBody) const override;


            bool PresignRequest(Aws::Http::HttpRequest& request, long long expirationInSeconds = 0) const override;


            bool PresignRequest(Aws::Http::HttpRequest& request, const char* region, long long expirationInSeconds = 0) const override;


            bool PresignRequest(Aws::Http::HttpRequest& request, const char* region, const char* serviceName, long long expirationInSeconds = 0) const override;


            bool PresignRequest(Aws::Http::HttpRequest& request, const Aws::Auth::AWSCredentials& creds, const char* region, const char* serviceName, long long expirationInSeconds = 0) const;


            virtual Aws::Auth::AWSCredentials GetCredentials(const std::shared_ptr<Aws::Http::ServiceSpecificParameters> &serviceSpecificParameters) const;


            Aws::String GetServiceName() const { return m_serviceName; }

            Aws::String GetRegion() const { return m_region; }

            Aws::String GenerateSignature(const Aws::Auth::AWSCredentials& credentials,

                    const Aws::String& stringToSign, const Aws::String& simpleDate) const;

            bool ShouldSignHeader(const Aws::String& header) const;


        protected:

            virtual bool ServiceRequireUnsignedPayload(const Aws::String& serviceName) const;

            void UpdateUserAgentWithCredentialFeatures(Aws::Http::HttpRequest& request, const Aws::Auth::CredentialsResolutionContext& context) const;

            bool m_includeSha256HashHeader;


        private:

            Aws::String GenerateSignature(const Aws::Auth::AWSCredentials& credentials,

                    const Aws::String& stringToSign, const Aws::String& simpleDate, const Aws::String& region,

                    const Aws::String& serviceName) const;


            Aws::String GenerateSignature(const Aws::String& stringToSign, const Aws::Utils::ByteBuffer& key) const;

            Aws::String ComputePayloadHash(Aws::Http::HttpRequest&) const;

            Aws::String GenerateStringToSign(const Aws::String& dateValue, const Aws::String& simpleDate,

                    const Aws::String& canonicalRequestHash, const Aws::String& region,

                    const Aws::String& serviceName) const;

            Aws::Utils::ByteBuffer ComputeHash(const Aws::String& secretKey,

                    const Aws::String& simpleDate, const Aws::String& region, const Aws::String& serviceName) const;

            bool SignRequestWithSigV4a(Aws::Http::HttpRequest& request, const char* region, const char* serviceName,

                    bool signBody, long long expirationTimeInSeconds, Aws::Crt::Auth::SignatureType signatureType) const;


            friend class smithy::AwsSigV4Signer;

            bool SignRequestWithCreds(Aws::Http::HttpRequest& request, const Auth::AWSCredentials& credentials,

                                      const char* region, const char* serviceName, bool signBody) const;


            Aws::Auth::AWSSigningAlgorithm m_signingAlgorithm;

            std::shared_ptr<Auth::AWSCredentialsProvider> m_credentialsProvider;

            const Aws::String m_serviceName;

            const Aws::String m_region;


            Aws::Set<Aws::String> m_unsignedHeaders;


            //these next four fields are ONLY for caching purposes and do not change

            //the logical state of the signer. They are marked mutable so the

            //interface can remain const.

            mutable Aws::Utils::ByteBuffer m_partialSignature;

            mutable Aws::String m_currentDateStr;

            mutable Aws::String m_currentSecretKey;

            mutable Utils::Threading::ReaderWriterLock m_partialSignatureLock;

            PayloadSigningPolicy m_payloadSigningPolicy;

            bool m_urlEscapePath;

            mutable Aws::Crt::Auth::Sigv4HttpRequestSigner m_crtSigner{};

        };

    } // namespace Client

} // namespace Aws


Aws::Auth::AWSCredentials
Definition AWSCredentials.h:50

Aws::Auth::CredentialsResolutionContext
Definition AWSCredentials.h:21

Aws::Client::AWSAuthSigner
Definition AWSAuthSignerBase.h:36

Aws::Client::AWSAuthV4Signer
Definition AWSAuthV4Signer.h:58

Aws::Client::AWSAuthV4Signer::AWSAuthV4Signer
AWSAuthV4Signer(const std::shared_ptr< Auth::AWSCredentialsProvider > &credentialsProvider, const char *serviceName, const Aws::String &region, PayloadSigningPolicy signingPolicy=PayloadSigningPolicy::RequestDependent, bool urlEscapePath=true, Aws::Auth::AWSSigningAlgorithm signingAlgorithm=Aws::Auth::AWSSigningAlgorithm::SIGV4)

Aws::Client::AWSAuthV4Signer::GenerateSignature
Aws::String GenerateSignature(const Aws::Auth::AWSCredentials &credentials, const Aws::String &stringToSign, const Aws::String &simpleDate) const

Aws::Client::AWSAuthV4Signer::PayloadSigningPolicy
PayloadSigningPolicy
Definition AWSAuthV4Signer.h:65

Aws::Client::AWSAuthV4Signer::PresignRequest
bool PresignRequest(Aws::Http::HttpRequest &request, const char *region, long long expirationInSeconds=0) const override

Aws::Client::AWSAuthV4Signer::SignRequest
bool SignRequest(Aws::Http::HttpRequest &request, bool signBody) const override
Definition AWSAuthV4Signer.h:124

Aws::Client::AWSAuthV4Signer::GetName
const char * GetName() const override
Definition AWSAuthV4Signer.h:98

Aws::Client::AWSAuthV4Signer::~AWSAuthV4Signer
virtual ~AWSAuthV4Signer()

Aws::Client::AWSAuthV4Signer::GetRegion
Aws::String GetRegion() const
Definition AWSAuthV4Signer.h:188

Aws::Client::AWSAuthV4Signer::UpdateUserAgentWithCredentialFeatures
void UpdateUserAgentWithCredentialFeatures(Aws::Http::HttpRequest &request, const Aws::Auth::CredentialsResolutionContext &context) const

Aws::Client::AWSAuthV4Signer::ShouldSignHeader
bool ShouldSignHeader(const Aws::String &header) const

Aws::Client::AWSAuthV4Signer::PresignRequest
bool PresignRequest(Aws::Http::HttpRequest &request, const char *region, const char *serviceName, long long expirationInSeconds=0) const override

Aws::Client::AWSAuthV4Signer::m_includeSha256HashHeader
bool m_includeSha256HashHeader
Definition AWSAuthV4Signer.h:196

Aws::Client::AWSAuthV4Signer::SignRequest
bool SignRequest(Aws::Http::HttpRequest &request, const char *region, const char *serviceName, bool signBody) const override

Aws::Client::AWSAuthV4Signer::SignRequest
bool SignRequest(Aws::Http::HttpRequest &request, const char *region, bool signBody) const override
Definition AWSAuthV4Signer.h:134

Aws::Client::AWSAuthV4Signer::SignRequest
bool SignRequest(Aws::Http::HttpRequest &request) const override
Definition AWSAuthV4Signer.h:114

Aws::Client::AWSAuthV4Signer::GetCredentials
virtual Aws::Auth::AWSCredentials GetCredentials(const std::shared_ptr< Aws::Http::ServiceSpecificParameters > &serviceSpecificParameters) const

Aws::Client::AWSAuthV4Signer::GetServiceName
Aws::String GetServiceName() const
Definition AWSAuthV4Signer.h:187

Aws::Client::AWSAuthV4Signer::PresignRequest
bool PresignRequest(Aws::Http::HttpRequest &request, long long expirationInSeconds=0) const override

Aws::Client::AWSAuthV4Signer::PresignRequest
bool PresignRequest(Aws::Http::HttpRequest &request, const Aws::Auth::AWSCredentials &creds, const char *region, const char *serviceName, long long expirationInSeconds=0) const

Aws::Client::AWSAuthV4Signer::ServiceRequireUnsignedPayload
virtual bool ServiceRequireUnsignedPayload(const Aws::String &serviceName) const

Aws::Http::HttpRequest
Definition HttpRequest.h:101

Aws::Utils::Array< unsigned char >

Aws::Utils::Threading::ReaderWriterLock
Definition ReaderWriterLock.h:26

smithy::AwsSigV4Signer
Definition SigV4Signer.h:22

Aws::Auth::SIGV4_SIGNER
AWS_CORE_API const char SIGV4_SIGNER[]
Definition AWSClient.h:57

Aws::Auth::AWSSigningAlgorithm
AWSSigningAlgorithm
Definition AWSAuthV4Signer.h:42

Aws::Auth::AWSSigningAlgorithm::SIGV4
@ SIGV4

Aws::Auth::AWSSigningAlgorithm::ASYMMETRIC_SIGV4
@ ASYMMETRIC_SIGV4

Aws::Auth::ASYMMETRIC_SIGV4_SIGNER
AWS_CORE_API const char ASYMMETRIC_SIGV4_SIGNER[]

Aws
Definition AmazonSerializableWebServiceRequest.h:16

Aws::String
std::basic_string< char, std::char_traits< char >, Aws::Allocator< char > > String
Definition AWSString.h:97

Aws::Set
std::set< T, std::less< T >, Aws::Allocator< T > > Set
Definition AWSSet.h:18

smithy
Definition AWSAuthV4Signer.h:24