class GrapeAPISignature::AWSSigner

Attributes

access_key[RW]
digester[RW]
region[RW]
request[RW]
secret_key[RW]

Public Class Methods

new(config) click to toggle source
# File lib/grape_api_signature/aws_signer.rb, line 12
def initialize(config)
  self.access_key = config[:access_key]
  self.secret_key = config[:secret_key]
  self.region = config[:region]
  self.digester = config[:digester] || AWSDigester
end

Public Instance Methods

authorization(headers) click to toggle source
# File lib/grape_api_signature/aws_signer.rb, line 36
def authorization(headers)
  AWSAuthorization.new(access_key, credential_string, signed_headers(headers), signature).to_s
end
credential_string() click to toggle source
# File lib/grape_api_signature/aws_signer.rb, line 67
def credential_string
  [
    request.date,
    region,
    request.service,
    'aws4_request'
  ].join('/')
end
derived_key() click to toggle source
# File lib/grape_api_signature/aws_signer.rb, line 50
def derived_key
  k_date = digester.hmac('AWS4' + secret_key, request.date)
  k_region = digester.hmac(k_date, region)
  k_service = digester.hmac(k_region, request.service)

  digester.hmac(k_service, 'aws4_request')
end
setup_aws_request(method, uri, headers, body) click to toggle source
# File lib/grape_api_signature/aws_signer.rb, line 19
def setup_aws_request(method, uri, headers, body)
  self.request = AWSRequest.new(method, uri, headers, body, digester)
end
sign(method, uri, headers, body) click to toggle source
# File lib/grape_api_signature/aws_signer.rb, line 23
def sign(method, uri, headers, body)
  setup_aws_request(method, uri, headers, body)

  signed = headers.dup
  signed['Authorization'] = authorization(headers)
  signed
end
signature() click to toggle source
# File lib/grape_api_signature/aws_signer.rb, line 46
def signature
  digester.hexhmac(derived_key, string_to_sign)
end
signature_only(method, uri, headers, body) click to toggle source
# File lib/grape_api_signature/aws_signer.rb, line 31
def signature_only(method, uri, headers, body)
  setup_aws_request(method, uri, headers, body)
  signature
end
signed_headers(headers) click to toggle source
# File lib/grape_api_signature/aws_signer.rb, line 40
def signed_headers(headers)
  to_sign = headers.keys.map(&:to_s).map(&:downcase)
  to_sign.delete('authorization')
  to_sign
end
string_to_sign() click to toggle source
# File lib/grape_api_signature/aws_signer.rb, line 58
def string_to_sign
  [
    'AWS4-HMAC-SHA256',
    request.datetime,
    credential_string,
    digester.hexdigest(request.canonical_request)
  ].join("\n")
end