support extra (required) S3 pre-signed headers

Automattic / knox

S3 Lib

MIT License

1.74k stars 285 forks source link

support extra (required) S3 pre-signed headers #240

Closed dweinstein closed 10 years ago

dweinstein commented 10 years ago

This adds initial support for extra signed headers that can be used in a pre-signed PUT URL. The extra headers are supplied by the client at upload time.

domenic commented 10 years ago

Test?

dweinstein commented 10 years ago

Check the PR again I added a test shortly after.

dweinstein commented 10 years ago

Any problem with this PR? Happy to make any adjustments...

dweinstein commented 10 years ago

According to the S3 REST authentication spec, the signature of the headers works like:

base64(hmac-sha1(VERB + "\n" 
                              + CONTENT-MD5 + "\n" 
                + CONTENT-TYPE + "\n" 
                + DATE + "\n" 
                + CanonicalizedAmzHeaders + "\n" 
                + CanonicalizedResource))

Therefore if you look at Line 139 of the queryStringToSign in master that it is missing the CanonicalizedAmzHeaders which is what my extraHeaders is.

domenic commented 10 years ago

Merged as 4cf0a81ecce14830ffcc2c9caea2bf687205163a, thanks.