Skip to Content Skip to Search

S3URISigner implements AWS SigV4 for S3 Source to avoid a dependency on the aws-sdk-* gems More on AWS SigV4: docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html

Namespace
Methods
N
S

Constants

BASE64_URI_TRANSLATE = { "+" => "%2B", "/" => "%2F", "=" => "%3D", "\n" => "" }.freeze
 
EC2_IAM_INFO = "http://169.254.169.254/latest/meta-data/iam/info"
 
EC2_IAM_SECURITY_CREDENTIALS = "http://169.254.169.254/latest/meta-data/iam/security-credentials/"
 
S3Config = Struct.new :access_key_id, :secret_access_key, :security_token, :region
 

Attributes

[RW] uri

Class Public methods

new(uri)

Source: show | on GitHub 

# File ruby/lib/rubygems/s3_uri_signer.rb, line 31
def initialize(uri)
  @uri = uri
end

Instance Public methods

sign(expiration = 86_400)

Signs S3 URI using query-params according to the reference: docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html

Source: show | on GitHub 

# File ruby/lib/rubygems/s3_uri_signer.rb, line 37
def sign(expiration = 86_400)
  s3_config = fetch_s3_config

  current_time = Time.now.utc
  date_time = current_time.strftime("%Y%m%dT%H%m%SZ")
  date = date_time[0,8]

  credential_info = "#{date}/#{s3_config.region}/s3/aws4_request"
  canonical_host = "#{uri.host}.s3.#{s3_config.region}.amazonaws.com"

  query_params = generate_canonical_query_params(s3_config, date_time, credential_info, expiration)
  canonical_request = generate_canonical_request(canonical_host, query_params)
  string_to_sign = generate_string_to_sign(date_time, credential_info, canonical_request)
  signature = generate_signature(s3_config, date, string_to_sign)

  Gem::URI.parse("https://#{canonical_host}#{uri.path}?#{query_params}&X-Amz-Signature=#{signature}")
end