Authorization = "AWS" + " " + AWSAccessKeyId + ":" + Signature; Signature = Base64( HMAC-SHA1( YourSecretAccessKeyID, UTF-8-Encoding-Of( StringToSign ) ) ); StringToSign = HTTP-Verb + "\n" + Content-Md5 + "\n" + Content-Type + "\n" + Date + "\n" + CanonicalizedProtocolHeaders + CanonicalizedRe
(req http.Request, accessKeyID, secretAccessKey string, virtualHost bool)
| 128 | |
| 129 | // SignV2 sign the request before Do() (AWS Signature Version 2). |
| 130 | func SignV2(req http.Request, accessKeyID, secretAccessKey string, virtualHost bool) *http.Request { |
| 131 | // Signature calculation is not needed for anonymous credentials. |
| 132 | if accessKeyID == "" || secretAccessKey == "" { |
| 133 | return &req |
| 134 | } |
| 135 | |
| 136 | // Initial time. |
| 137 | d := time.Now().UTC() |
| 138 | |
| 139 | // Add date if not present. |
| 140 | if date := req.Header.Get("Date"); date == "" { |
| 141 | req.Header.Set("Date", d.Format(http.TimeFormat)) |
| 142 | } |
| 143 | |
| 144 | // Calculate HMAC for secretAccessKey. |
| 145 | stringToSign := stringToSignV2(req, virtualHost) |
| 146 | hm := hmac.New(sha1.New, []byte(secretAccessKey)) |
| 147 | hm.Write([]byte(stringToSign)) |
| 148 | |
| 149 | // Prepare auth header. |
| 150 | authHeader := new(bytes.Buffer) |
| 151 | fmt.Fprintf(authHeader, "%s %s:", signV2Algorithm, accessKeyID) |
| 152 | encoder := base64.NewEncoder(base64.StdEncoding, authHeader) |
| 153 | encoder.Write(hm.Sum(nil)) |
| 154 | encoder.Close() |
| 155 | |
| 156 | // Set Authorization header. |
| 157 | req.Header.Set("Authorization", authHeader.String()) |
| 158 | |
| 159 | return &req |
| 160 | } |
| 161 | |
| 162 | // From the Amazon docs: |
| 163 | // |