PreSignV4 presign the request, in accordance with http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html.
(req http.Request, accessKeyID, secretAccessKey, sessionToken, location string, expires int64)
| 208 | // PreSignV4 presign the request, in accordance with |
| 209 | // http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html. |
| 210 | func PreSignV4(req http.Request, accessKeyID, secretAccessKey, sessionToken, location string, expires int64) *http.Request { |
| 211 | // Presign is not needed for anonymous credentials. |
| 212 | if accessKeyID == "" || secretAccessKey == "" { |
| 213 | return &req |
| 214 | } |
| 215 | |
| 216 | // Initial time. |
| 217 | t := time.Now().UTC() |
| 218 | |
| 219 | // Get credential string. |
| 220 | credential := GetCredential(accessKeyID, location, t, ServiceTypeS3) |
| 221 | |
| 222 | // Get all signed headers. |
| 223 | signedHeaders := getSignedHeaders(req, v4IgnoredHeaders) |
| 224 | |
| 225 | // Set URL query. |
| 226 | query := req.URL.Query() |
| 227 | query.Set("X-Amz-Algorithm", signV4Algorithm) |
| 228 | query.Set("X-Amz-Date", t.Format(iso8601DateFormat)) |
| 229 | query.Set("X-Amz-Expires", strconv.FormatInt(expires, 10)) |
| 230 | query.Set("X-Amz-SignedHeaders", signedHeaders) |
| 231 | query.Set("X-Amz-Credential", credential) |
| 232 | // Set session token if available. |
| 233 | if sessionToken != "" { |
| 234 | if v := req.Header.Get("x-amz-s3session-token"); v != "" { |
| 235 | query.Set("X-Amz-S3session-Token", sessionToken) |
| 236 | } else { |
| 237 | query.Set("X-Amz-Security-Token", sessionToken) |
| 238 | } |
| 239 | } |
| 240 | req.URL.RawQuery = query.Encode() |
| 241 | |
| 242 | // Get canonical request. |
| 243 | canonicalRequest := getCanonicalRequest(req, v4IgnoredHeaders, getHashedPayload(req)) |
| 244 | |
| 245 | // Get string to sign from canonical request. |
| 246 | stringToSign := getStringToSignV4(t, location, canonicalRequest, ServiceTypeS3) |
| 247 | |
| 248 | // Gext hmac signing key. |
| 249 | signingKey := getSigningKey(secretAccessKey, location, t, ServiceTypeS3) |
| 250 | |
| 251 | // Calculate signature. |
| 252 | signature := getSignature(signingKey, stringToSign) |
| 253 | |
| 254 | // Add signature header to RawQuery. |
| 255 | req.URL.RawQuery += "&X-Amz-Signature=" + signature |
| 256 | |
| 257 | return &req |
| 258 | } |
| 259 | |
| 260 | // PreSignV4Outposts presign the request for S3 on Outposts (service name s3-outposts). |
| 261 | func PreSignV4Outposts(req http.Request, accessKeyID, secretAccessKey, sessionToken, location string, expires int64) *http.Request { |