Closed jonatanklosko closed 3 years ago
jadeallenx
commented
3 years ago sorry late to the party here - is the intention to make this library a dependency of the other packages? Or I suppose maybe there is a desire for a standalone signature library without all of the other code generator-y bits...
jadeallenx
commented
3 years ago Also if the other libraries are wrong shouldn't we fix them too? Or maybe they're getting ripped/replaced? It isn't clear anyway. Thanks.
jonatanklosko
commented
3 years ago @mrallen1 the idea is to use this package as a dependency for the generated packages, so that there is no duplication :)
jadeallenx
commented
3 years ago Super - this is fantastic btw <3 thank you
Adds the signing algorithm described here.
The implementation is based on aws-erlang/src/aws_request.erl - sign_request/10 and aws-elixir/lib/aws/signature.ex - sign_v4/5, with no dependencies and some fixes.
Primary differences from the aforementioned functions:
the function doesn't add
X-Amz-Security-Tokento the headers, if a security token is to be used, it must be added to the list of headers before invoking the signing function (it's just a regular optional header, not relevant to the signing process)when requesting a path like
/path%20tothe canonical path is computed by URI-encoding the segments, in this case/path%2520to. This behaviour is required for all services except for S3, for S3 the canonical path is just/path%20to. Currently, both packages double-escape URIs for all services, so requests for S3 keys likespecial&name+noicefail. To address this, the signing function accepts auri_encode_path: true | falseoption that controls whether the path gets URI-encoded and it should be set tofalsefor S3. There is a similar:uri_escape_pathoption in the official Ruby package