pax_global_header00006660000000000000000000000064135673236110014521gustar00rootroot0000000000000052 comment=28a518abda564bd26b930779054e712f1436190b aws4-1.9.0/000077500000000000000000000000001356732361100124065ustar00rootroot00000000000000aws4-1.9.0/.gitignore000066400000000000000000000001021356732361100143670ustar00rootroot00000000000000node_modules npm-debug.log coverage* .tern-port package-lock.json aws4-1.9.0/.npmignore000066400000000000000000000000411356732361100144000ustar00rootroot00000000000000test examples example.js browser aws4-1.9.0/.travis.yml000066400000000000000000000001331356732361100145140ustar00rootroot00000000000000language: node_js node_js: - "0.10" - "0.12" - "4" - "6" - "8" - "10" - "12" aws4-1.9.0/LICENSE000066400000000000000000000020701356732361100134120ustar00rootroot00000000000000Copyright 2013 Michael Hart (michael.hart.au@gmail.com) Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. aws4-1.9.0/README.md000066400000000000000000000411601356732361100136670ustar00rootroot00000000000000aws4 ---- [![Build Status](https://secure.travis-ci.org/mhart/aws4.png?branch=master)](http://travis-ci.org/mhart/aws4) A small utility to sign vanilla Node.js http(s) request options using Amazon's [AWS Signature Version 4](http://docs.amazonwebservices.com/general/latest/gr/signature-version-4.html). If you want to sign and send AWS requests in a modern browser, or an environment like [Cloudflare Workers](https://developers.cloudflare.com/workers/), then check out [aws4fetch](https://github.com/mhart/aws4fetch) – otherwise you can also bundle this library for use [in the browser](./browser). This signature is supported by nearly all Amazon services, including [S3](http://docs.aws.amazon.com/AmazonS3/latest/API/), [EC2](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/), [DynamoDB](http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/API.html), [Kinesis](http://docs.aws.amazon.com/kinesis/latest/APIReference/), [Lambda](http://docs.aws.amazon.com/lambda/latest/dg/API_Reference.html), [SQS](http://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/), [SNS](http://docs.aws.amazon.com/sns/latest/api/), [IAM](http://docs.aws.amazon.com/IAM/latest/APIReference/), [STS](http://docs.aws.amazon.com/STS/latest/APIReference/), [RDS](http://docs.aws.amazon.com/AmazonRDS/latest/APIReference/), [CloudWatch](http://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/), [CloudWatch Logs](http://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/), [CodeDeploy](http://docs.aws.amazon.com/codedeploy/latest/APIReference/), [CloudFront](http://docs.aws.amazon.com/AmazonCloudFront/latest/APIReference/), [CloudTrail](http://docs.aws.amazon.com/awscloudtrail/latest/APIReference/), [ElastiCache](http://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/), [EMR](http://docs.aws.amazon.com/ElasticMapReduce/latest/API/), [Glacier](http://docs.aws.amazon.com/amazonglacier/latest/dev/amazon-glacier-api.html), [CloudSearch](http://docs.aws.amazon.com/cloudsearch/latest/developerguide/APIReq.html), [Elastic Load Balancing](http://docs.aws.amazon.com/ElasticLoadBalancing/latest/APIReference/), [Elastic Transcoder](http://docs.aws.amazon.com/elastictranscoder/latest/developerguide/api-reference.html), [CloudFormation](http://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/), [Elastic Beanstalk](http://docs.aws.amazon.com/elasticbeanstalk/latest/api/), [Storage Gateway](http://docs.aws.amazon.com/storagegateway/latest/userguide/AWSStorageGatewayAPI.html), [Data Pipeline](http://docs.aws.amazon.com/datapipeline/latest/APIReference/), [Direct Connect](http://docs.aws.amazon.com/directconnect/latest/APIReference/), [Redshift](http://docs.aws.amazon.com/redshift/latest/APIReference/), [OpsWorks](http://docs.aws.amazon.com/opsworks/latest/APIReference/), [SES](http://docs.aws.amazon.com/ses/latest/APIReference/), [SWF](http://docs.aws.amazon.com/amazonswf/latest/apireference/), [AutoScaling](http://docs.aws.amazon.com/AutoScaling/latest/APIReference/), [Mobile Analytics](http://docs.aws.amazon.com/mobileanalytics/latest/ug/server-reference.html), [Cognito Identity](http://docs.aws.amazon.com/cognitoidentity/latest/APIReference/), [Cognito Sync](http://docs.aws.amazon.com/cognitosync/latest/APIReference/), [Container Service](http://docs.aws.amazon.com/AmazonECS/latest/APIReference/), [AppStream](http://docs.aws.amazon.com/appstream/latest/developerguide/appstream-api-rest.html), [Key Management Service](http://docs.aws.amazon.com/kms/latest/APIReference/), [Config](http://docs.aws.amazon.com/config/latest/APIReference/), [CloudHSM](http://docs.aws.amazon.com/cloudhsm/latest/dg/api-ref.html), [Route53](http://docs.aws.amazon.com/Route53/latest/APIReference/requests-rest.html) and [Route53 Domains](http://docs.aws.amazon.com/Route53/latest/APIReference/requests-rpc.html). Indeed, the only AWS services that *don't* support v4 as of 2014-12-30 are [Import/Export](http://docs.aws.amazon.com/AWSImportExport/latest/DG/api-reference.html) and [SimpleDB](http://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API.html) (they only support [AWS Signature Version 2](https://github.com/mhart/aws2)). It also provides defaults for a number of core AWS headers and request parameters, making it very easy to query AWS services, or build out a fully-featured AWS library. Example ------- ```javascript var http = require('http'), https = require('https'), aws4 = require('aws4') // given an options object you could pass to http.request var opts = {host: 'sqs.us-east-1.amazonaws.com', path: '/?Action=ListQueues'} // alternatively (as aws4 can infer the host): opts = {service: 'sqs', region: 'us-east-1', path: '/?Action=ListQueues'} // alternatively (as us-east-1 is default): opts = {service: 'sqs', path: '/?Action=ListQueues'} aws4.sign(opts) // assumes AWS credentials are available in process.env console.log(opts) /* { host: 'sqs.us-east-1.amazonaws.com', path: '/?Action=ListQueues', headers: { Host: 'sqs.us-east-1.amazonaws.com', 'X-Amz-Date': '20121226T061030Z', Authorization: 'AWS4-HMAC-SHA256 Credential=ABCDEF/20121226/us-east-1/sqs/aws4_request, ...' } } */ // we can now use this to query AWS using the standard node.js http API http.request(opts, function(res) { res.pipe(process.stdout) }).end() /* ... */ ``` More options ------------ ```javascript // you can also pass AWS credentials in explicitly (otherwise taken from process.env) aws4.sign(opts, {accessKeyId: '', secretAccessKey: ''}) // can also add the signature to query strings aws4.sign({service: 's3', path: '/my-bucket?X-Amz-Expires=12345', signQuery: true}) // create a utility function to pipe to stdout (with https this time) function request(o) { https.request(o, function(res) { res.pipe(process.stdout) }).end(o.body || '') } // aws4 can infer the HTTP method if a body is passed in // method will be POST and Content-Type: 'application/x-www-form-urlencoded; charset=utf-8' request(aws4.sign({service: 'iam', body: 'Action=ListGroups&Version=2010-05-08'})) /* ... */ // can specify any custom option or header as per usual request(aws4.sign({ service: 'dynamodb', region: 'ap-southeast-2', method: 'POST', path: '/', headers: { 'Content-Type': 'application/x-amz-json-1.0', 'X-Amz-Target': 'DynamoDB_20120810.ListTables' }, body: '{}' })) /* {"TableNames":[]} ... */ // works with all other services that support Signature Version 4 request(aws4.sign({service: 's3', path: '/', signQuery: true})) /* ... */ request(aws4.sign({service: 'ec2', path: '/?Action=DescribeRegions&Version=2014-06-15'})) /* ... */ request(aws4.sign({service: 'sns', path: '/?Action=ListTopics&Version=2010-03-31'})) /* ... */ request(aws4.sign({service: 'sts', path: '/?Action=GetSessionToken&Version=2011-06-15'})) /* ... */ request(aws4.sign({service: 'cloudsearch', path: '/?Action=ListDomainNames&Version=2013-01-01'})) /* ... */ request(aws4.sign({service: 'ses', path: '/?Action=ListIdentities&Version=2010-12-01'})) /* ... */ request(aws4.sign({service: 'autoscaling', path: '/?Action=DescribeAutoScalingInstances&Version=2011-01-01'})) /* ... */ request(aws4.sign({service: 'elasticloadbalancing', path: '/?Action=DescribeLoadBalancers&Version=2012-06-01'})) /* ... */ request(aws4.sign({service: 'cloudformation', path: '/?Action=ListStacks&Version=2010-05-15'})) /* ... */ request(aws4.sign({service: 'elasticbeanstalk', path: '/?Action=ListAvailableSolutionStacks&Version=2010-12-01'})) /* ... */ request(aws4.sign({service: 'rds', path: '/?Action=DescribeDBInstances&Version=2012-09-17'})) /* ... */ request(aws4.sign({service: 'monitoring', path: '/?Action=ListMetrics&Version=2010-08-01'})) /* ... */ request(aws4.sign({service: 'redshift', path: '/?Action=DescribeClusters&Version=2012-12-01'})) /* ... */ request(aws4.sign({service: 'cloudfront', path: '/2014-05-31/distribution'})) /* ... */ request(aws4.sign({service: 'elasticache', path: '/?Action=DescribeCacheClusters&Version=2014-07-15'})) /* ... */ request(aws4.sign({service: 'elasticmapreduce', path: '/?Action=DescribeJobFlows&Version=2009-03-31'})) /* ... */ request(aws4.sign({service: 'route53', path: '/2013-04-01/hostedzone'})) /* ... */ request(aws4.sign({service: 'appstream', path: '/applications'})) /* {"_links":{"curie":[{"href":"http://docs.aws.amazon.com/appstream/latest/... ... */ request(aws4.sign({service: 'cognito-sync', path: '/identitypools'})) /* {"Count":0,"IdentityPoolUsages":[],"MaxResults":16,"NextToken":null} ... */ request(aws4.sign({service: 'elastictranscoder', path: '/2012-09-25/pipelines'})) /* {"NextPageToken":null,"Pipelines":[]} ... */ request(aws4.sign({service: 'lambda', path: '/2014-11-13/functions/'})) /* {"Functions":[],"NextMarker":null} ... */ request(aws4.sign({service: 'ecs', path: '/?Action=ListClusters&Version=2014-11-13'})) /* ... */ request(aws4.sign({service: 'glacier', path: '/-/vaults', headers: {'X-Amz-Glacier-Version': '2012-06-01'}})) /* {"Marker":null,"VaultList":[]} ... */ request(aws4.sign({service: 'storagegateway', body: '{}', headers: { 'Content-Type': 'application/x-amz-json-1.1', 'X-Amz-Target': 'StorageGateway_20120630.ListGateways' }})) /* {"Gateways":[]} ... */ request(aws4.sign({service: 'datapipeline', body: '{}', headers: { 'Content-Type': 'application/x-amz-json-1.1', 'X-Amz-Target': 'DataPipeline.ListPipelines' }})) /* {"hasMoreResults":false,"pipelineIdList":[]} ... */ request(aws4.sign({service: 'opsworks', body: '{}', headers: { 'Content-Type': 'application/x-amz-json-1.1', 'X-Amz-Target': 'OpsWorks_20130218.DescribeStacks' }})) /* {"Stacks":[]} ... */ request(aws4.sign({service: 'route53domains', body: '{}', headers: { 'Content-Type': 'application/x-amz-json-1.1', 'X-Amz-Target': 'Route53Domains_v20140515.ListDomains' }})) /* {"Domains":[]} ... */ request(aws4.sign({service: 'kinesis', body: '{}', headers: { 'Content-Type': 'application/x-amz-json-1.1', 'X-Amz-Target': 'Kinesis_20131202.ListStreams' }})) /* {"HasMoreStreams":false,"StreamNames":[]} ... */ request(aws4.sign({service: 'cloudtrail', body: '{}', headers: { 'Content-Type': 'application/x-amz-json-1.1', 'X-Amz-Target': 'CloudTrail_20131101.DescribeTrails' }})) /* {"trailList":[]} ... */ request(aws4.sign({service: 'logs', body: '{}', headers: { 'Content-Type': 'application/x-amz-json-1.1', 'X-Amz-Target': 'Logs_20140328.DescribeLogGroups' }})) /* {"logGroups":[]} ... */ request(aws4.sign({service: 'codedeploy', body: '{}', headers: { 'Content-Type': 'application/x-amz-json-1.1', 'X-Amz-Target': 'CodeDeploy_20141006.ListApplications' }})) /* {"applications":[]} ... */ request(aws4.sign({service: 'directconnect', body: '{}', headers: { 'Content-Type': 'application/x-amz-json-1.1', 'X-Amz-Target': 'OvertureService.DescribeConnections' }})) /* {"connections":[]} ... */ request(aws4.sign({service: 'kms', body: '{}', headers: { 'Content-Type': 'application/x-amz-json-1.1', 'X-Amz-Target': 'TrentService.ListKeys' }})) /* {"Keys":[],"Truncated":false} ... */ request(aws4.sign({service: 'config', body: '{}', headers: { 'Content-Type': 'application/x-amz-json-1.1', 'X-Amz-Target': 'StarlingDoveService.DescribeDeliveryChannels' }})) /* {"DeliveryChannels":[]} ... */ request(aws4.sign({service: 'cloudhsm', body: '{}', headers: { 'Content-Type': 'application/x-amz-json-1.1', 'X-Amz-Target': 'CloudHsmFrontendService.ListAvailableZones' }})) /* {"AZList":["us-east-1a","us-east-1b","us-east-1c"]} ... */ request(aws4.sign({ service: 'swf', body: '{"registrationStatus":"REGISTERED"}', headers: { 'Content-Type': 'application/x-amz-json-1.0', 'X-Amz-Target': 'SimpleWorkflowService.ListDomains' } })) /* {"domainInfos":[]} ... */ request(aws4.sign({ service: 'cognito-identity', body: '{"MaxResults": 1}', headers: { 'Content-Type': 'application/x-amz-json-1.1', 'X-Amz-Target': 'AWSCognitoIdentityService.ListIdentityPools' } })) /* {"IdentityPools":[]} ... */ request(aws4.sign({ service: 'mobileanalytics', path: '/2014-06-05/events', body: JSON.stringify({events:[{ eventType: 'a', timestamp: new Date().toISOString(), session: {}, }]}), headers: { 'Content-Type': 'application/json', 'X-Amz-Client-Context': JSON.stringify({ client: {client_id: 'a', app_title: 'a'}, custom: {}, env: {platform: 'a'}, services: {}, }), } })) /* (HTTP 202, empty response) */ // Generate CodeCommit Git access password var signer = new aws4.RequestSigner({ service: 'codecommit', host: 'git-codecommit.us-east-1.amazonaws.com', method: 'GIT', path: '/v1/repos/MyAwesomeRepo', }) var password = signer.getDateTime() + 'Z' + signer.signature() ``` API --- ### aws4.sign(requestOptions, [credentials]) This calculates and populates the `Authorization` header of `requestOptions`, and any other necessary AWS headers and/or request options. Returns `requestOptions` as a convenience for chaining. `requestOptions` is an object holding the same options that the node.js [http.request](http://nodejs.org/docs/latest/api/http.html#http_http_request_options_callback) function takes. The following properties of `requestOptions` are used in the signing or populated if they don't already exist: - `hostname` or `host` (will be determined from `service` and `region` if not given) - `method` (will use `'GET'` if not given or `'POST'` if there is a `body`) - `path` (will use `'/'` if not given) - `body` (will use `''` if not given) - `service` (will be calculated from `hostname` or `host` if not given) - `region` (will be calculated from `hostname` or `host` or use `'us-east-1'` if not given) - `headers['Host']` (will use `hostname` or `host` or be calculated if not given) - `headers['Content-Type']` (will use `'application/x-www-form-urlencoded; charset=utf-8'` if not given and there is a `body`) - `headers['Date']` (used to calculate the signature date if given, otherwise `new Date` is used) Your AWS credentials (which can be found in your [AWS console](https://portal.aws.amazon.com/gp/aws/securityCredentials)) can be specified in one of two ways: - As the second argument, like this: ```javascript aws4.sign(requestOptions, { secretAccessKey: "", accessKeyId: "", sessionToken: "" }) ``` - From `process.env`, such as this: ``` export AWS_SECRET_ACCESS_KEY="" export AWS_ACCESS_KEY_ID="" export AWS_SESSION_TOKEN="" ``` (will also use `AWS_ACCESS_KEY` and `AWS_SECRET_KEY` if available) The `sessionToken` property and `AWS_SESSION_TOKEN` environment variable are optional for signing with [IAM STS temporary credentials](http://docs.aws.amazon.com/STS/latest/UsingSTS/using-temp-creds.html). Installation ------------ With [npm](http://npmjs.org/) do: ``` npm install aws4 ``` Can also be used [in the browser](./browser). Thanks ------ Thanks to [@jed](https://github.com/jed) for his [dynamo-client](https://github.com/jed/dynamo-client) lib where I first committed and subsequently extracted this code. Also thanks to the [official node.js AWS SDK](https://github.com/aws/aws-sdk-js) for giving me a start on implementing the v4 signature. aws4-1.9.0/aws4.js000066400000000000000000000256451356732361100136360ustar00rootroot00000000000000var aws4 = exports, url = require('url'), querystring = require('querystring'), crypto = require('crypto'), lru = require('./lru'), credentialsCache = lru(1000) // http://docs.amazonwebservices.com/general/latest/gr/signature-version-4.html function hmac(key, string, encoding) { return crypto.createHmac('sha256', key).update(string, 'utf8').digest(encoding) } function hash(string, encoding) { return crypto.createHash('sha256').update(string, 'utf8').digest(encoding) } // This function assumes the string has already been percent encoded function encodeRfc3986(urlEncodedString) { return urlEncodedString.replace(/[!'()*]/g, function(c) { return '%' + c.charCodeAt(0).toString(16).toUpperCase() }) } // request: { path | body, [host], [method], [headers], [service], [region] } // credentials: { accessKeyId, secretAccessKey, [sessionToken] } function RequestSigner(request, credentials) { if (typeof request === 'string') request = url.parse(request) var headers = request.headers = (request.headers || {}), hostParts = this.matchHost(request.hostname || request.host || headers.Host || headers.host) this.request = request this.credentials = credentials || this.defaultCredentials() this.service = request.service || hostParts[0] || '' this.region = request.region || hostParts[1] || 'us-east-1' // SES uses a different domain from the service name if (this.service === 'email') this.service = 'ses' if (!request.method && request.body) request.method = 'POST' if (!headers.Host && !headers.host) { headers.Host = request.hostname || request.host || this.createHost() // If a port is specified explicitly, use it as is if (request.port) headers.Host += ':' + request.port } if (!request.hostname && !request.host) request.hostname = headers.Host || headers.host this.isCodeCommitGit = this.service === 'codecommit' && request.method === 'GIT' } RequestSigner.prototype.matchHost = function(host) { var match = (host || '').match(/([^\.]+)\.(?:([^\.]*)\.)?amazonaws\.com(\.cn)?$/) var hostParts = (match || []).slice(1, 3) // ES's hostParts are sometimes the other way round, if the value that is expected // to be region equals ‘es’ switch them back // e.g. search-cluster-name-aaaa00aaaa0aaa0aaaaaaa0aaa.us-east-1.es.amazonaws.com if (hostParts[1] === 'es') hostParts = hostParts.reverse() return hostParts } // http://docs.aws.amazon.com/general/latest/gr/rande.html RequestSigner.prototype.isSingleRegion = function() { // Special case for S3 and SimpleDB in us-east-1 if (['s3', 'sdb'].indexOf(this.service) >= 0 && this.region === 'us-east-1') return true return ['cloudfront', 'ls', 'route53', 'iam', 'importexport', 'sts'] .indexOf(this.service) >= 0 } RequestSigner.prototype.createHost = function() { var region = this.isSingleRegion() ? '' : (this.service === 's3' && this.region !== 'us-east-1' ? '-' : '.') + this.region, service = this.service === 'ses' ? 'email' : this.service return service + region + '.amazonaws.com' } RequestSigner.prototype.prepareRequest = function() { this.parsePath() var request = this.request, headers = request.headers, query if (request.signQuery) { this.parsedPath.query = query = this.parsedPath.query || {} if (this.credentials.sessionToken) query['X-Amz-Security-Token'] = this.credentials.sessionToken if (this.service === 's3' && !query['X-Amz-Expires']) query['X-Amz-Expires'] = 86400 if (query['X-Amz-Date']) this.datetime = query['X-Amz-Date'] else query['X-Amz-Date'] = this.getDateTime() query['X-Amz-Algorithm'] = 'AWS4-HMAC-SHA256' query['X-Amz-Credential'] = this.credentials.accessKeyId + '/' + this.credentialString() query['X-Amz-SignedHeaders'] = this.signedHeaders() } else { if (!request.doNotModifyHeaders && !this.isCodeCommitGit) { if (request.body && !headers['Content-Type'] && !headers['content-type']) headers['Content-Type'] = 'application/x-www-form-urlencoded; charset=utf-8' if (request.body && !headers['Content-Length'] && !headers['content-length']) headers['Content-Length'] = Buffer.byteLength(request.body) if (this.credentials.sessionToken && !headers['X-Amz-Security-Token'] && !headers['x-amz-security-token']) headers['X-Amz-Security-Token'] = this.credentials.sessionToken if (this.service === 's3' && !headers['X-Amz-Content-Sha256'] && !headers['x-amz-content-sha256']) headers['X-Amz-Content-Sha256'] = hash(this.request.body || '', 'hex') if (headers['X-Amz-Date'] || headers['x-amz-date']) this.datetime = headers['X-Amz-Date'] || headers['x-amz-date'] else headers['X-Amz-Date'] = this.getDateTime() } delete headers.Authorization delete headers.authorization } } RequestSigner.prototype.sign = function() { if (!this.parsedPath) this.prepareRequest() if (this.request.signQuery) { this.parsedPath.query['X-Amz-Signature'] = this.signature() } else { this.request.headers.Authorization = this.authHeader() } this.request.path = this.formatPath() return this.request } RequestSigner.prototype.getDateTime = function() { if (!this.datetime) { var headers = this.request.headers, date = new Date(headers.Date || headers.date || new Date) this.datetime = date.toISOString().replace(/[:\-]|\.\d{3}/g, '') // Remove the trailing 'Z' on the timestamp string for CodeCommit git access if (this.isCodeCommitGit) this.datetime = this.datetime.slice(0, -1) } return this.datetime } RequestSigner.prototype.getDate = function() { return this.getDateTime().substr(0, 8) } RequestSigner.prototype.authHeader = function() { return [ 'AWS4-HMAC-SHA256 Credential=' + this.credentials.accessKeyId + '/' + this.credentialString(), 'SignedHeaders=' + this.signedHeaders(), 'Signature=' + this.signature(), ].join(', ') } RequestSigner.prototype.signature = function() { var date = this.getDate(), cacheKey = [this.credentials.secretAccessKey, date, this.region, this.service].join(), kDate, kRegion, kService, kCredentials = credentialsCache.get(cacheKey) if (!kCredentials) { kDate = hmac('AWS4' + this.credentials.secretAccessKey, date) kRegion = hmac(kDate, this.region) kService = hmac(kRegion, this.service) kCredentials = hmac(kService, 'aws4_request') credentialsCache.set(cacheKey, kCredentials) } return hmac(kCredentials, this.stringToSign(), 'hex') } RequestSigner.prototype.stringToSign = function() { return [ 'AWS4-HMAC-SHA256', this.getDateTime(), this.credentialString(), hash(this.canonicalString(), 'hex'), ].join('\n') } RequestSigner.prototype.canonicalString = function() { if (!this.parsedPath) this.prepareRequest() var pathStr = this.parsedPath.path, query = this.parsedPath.query, headers = this.request.headers, queryStr = '', normalizePath = this.service !== 's3', decodePath = this.service === 's3' || this.request.doNotEncodePath, decodeSlashesInPath = this.service === 's3', firstValOnly = this.service === 's3', bodyHash if (this.service === 's3' && this.request.signQuery) { bodyHash = 'UNSIGNED-PAYLOAD' } else if (this.isCodeCommitGit) { bodyHash = '' } else { bodyHash = headers['X-Amz-Content-Sha256'] || headers['x-amz-content-sha256'] || hash(this.request.body || '', 'hex') } if (query) { var reducedQuery = Object.keys(query).reduce(function(obj, key) { if (!key) return obj obj[key] = !Array.isArray(query[key]) ? query[key] : (firstValOnly ? query[key][0] : query[key].slice().sort()) return obj }, {}) var encodedQueryPieces = [] Object.keys(reducedQuery).forEach(function(key) { var encodedPrefix = encodeURIComponent(key) + '=' if (!Array.isArray(reducedQuery[key])) { encodedQueryPieces.push(encodeRfc3986(encodedPrefix + encodeURIComponent(reducedQuery[key]))) } else { reducedQuery[key].forEach(function(val) { encodedQueryPieces.push(encodeRfc3986(encodedPrefix + encodeURIComponent(val))) }) } }) queryStr = encodedQueryPieces.sort().join('&') } if (pathStr !== '/') { if (normalizePath) pathStr = pathStr.replace(/\/{2,}/g, '/') pathStr = pathStr.split('/').reduce(function(path, piece) { if (normalizePath && piece === '..') { path.pop() } else if (!normalizePath || piece !== '.') { if (decodePath) piece = decodeURIComponent(piece).replace(/\+/g, ' ') path.push(encodeRfc3986(encodeURIComponent(piece))) } return path }, []).join('/') if (pathStr[0] !== '/') pathStr = '/' + pathStr if (decodeSlashesInPath) pathStr = pathStr.replace(/%2F/g, '/') } return [ this.request.method || 'GET', pathStr, queryStr, this.canonicalHeaders() + '\n', this.signedHeaders(), bodyHash, ].join('\n') } RequestSigner.prototype.canonicalHeaders = function() { var headers = this.request.headers function trimAll(header) { return header.toString().trim().replace(/\s+/g, ' ') } return Object.keys(headers) .sort(function(a, b) { return a.toLowerCase() < b.toLowerCase() ? -1 : 1 }) .map(function(key) { return key.toLowerCase() + ':' + trimAll(headers[key]) }) .join('\n') } RequestSigner.prototype.signedHeaders = function() { return Object.keys(this.request.headers) .map(function(key) { return key.toLowerCase() }) .sort() .join(';') } RequestSigner.prototype.credentialString = function() { return [ this.getDate(), this.region, this.service, 'aws4_request', ].join('/') } RequestSigner.prototype.defaultCredentials = function() { var env = process.env return { accessKeyId: env.AWS_ACCESS_KEY_ID || env.AWS_ACCESS_KEY, secretAccessKey: env.AWS_SECRET_ACCESS_KEY || env.AWS_SECRET_KEY, sessionToken: env.AWS_SESSION_TOKEN, } } RequestSigner.prototype.parsePath = function() { var path = this.request.path || '/' // S3 doesn't always encode characters > 127 correctly and // all services don't encode characters > 255 correctly // So if there are non-reserved chars (and it's not already all % encoded), just encode them all if (/[^0-9A-Za-z;,/?:@&=+$\-_.!~*'()#%]/.test(path)) { path = encodeURI(decodeURI(path)) } var queryIx = path.indexOf('?'), query = null if (queryIx >= 0) { query = querystring.parse(path.slice(queryIx + 1)) path = path.slice(0, queryIx) } this.parsedPath = { path: path, query: query, } } RequestSigner.prototype.formatPath = function() { var path = this.parsedPath.path, query = this.parsedPath.query if (!query) return path // Services don't support empty query string keys if (query[''] != null) delete query[''] return path + '?' + encodeRfc3986(querystring.stringify(query)) } aws4.RequestSigner = RequestSigner aws4.sign = function(request, credentials) { return new RequestSigner(request, credentials).sign() } aws4-1.9.0/browser/000077500000000000000000000000001356732361100140715ustar00rootroot00000000000000aws4-1.9.0/browser/.gitignore000066400000000000000000000000121356732361100160520ustar00rootroot00000000000000bundle.js aws4-1.9.0/browser/README.md000066400000000000000000000016501356732361100153520ustar00rootroot00000000000000Browser aws4 example -------------------- This is one way to use `aws4` in the browser – using [browserify](http://browserify.org/). The example JS code that uses `aws4` is in `index.js`: ```js var aws4 = require('aws4') var CREDS = {accessKeyId: 'a', secretAccessKey: 'b'} var sigs = { sqs: aws4.sign('https://sqs.us-east-1.amazonaws.com', CREDS), s3: aws4.sign({service: 's3', path: '/../../whatever?X-Amz-Expires=1234', signQuery: true}, CREDS), codedeploy: aws4.sign({service: 'codedeploy', body: '{}', headers: { 'Content-Type': 'application/x-amz-json-1.1', 'X-Amz-Target': 'CodeDeploy_20141006.ListApplications', }}, CREDS), } document.getElementById('content').innerHTML = JSON.stringify(sigs, null, 2) ``` To compile this, checkout this directory and run: ```console $ npm install $ npm run build ``` Then open `index.html` where you should see the signed requests that were specified in `index.js` aws4-1.9.0/browser/index.html000066400000000000000000000001241356732361100160630ustar00rootroot00000000000000

aws4 Signature Examples


aws4-1.9.0/browser/index.js000066400000000000000000000010301356732361100155300ustar00rootroot00000000000000var aws4 = require('aws4')

var CREDS = {accessKeyId: 'a', secretAccessKey: 'b'}

var sigs = {
  sqs: aws4.sign('https://sqs.us-east-1.amazonaws.com', CREDS),
  s3: aws4.sign({service: 's3', path: '/../../whatever?X-Amz-Expires=1234', signQuery: true}, CREDS),
  codedeploy: aws4.sign({service: 'codedeploy', body: '{}', headers: {
    'Content-Type': 'application/x-amz-json-1.1',
    'X-Amz-Target': 'CodeDeploy_20141006.ListApplications',
  }}, CREDS),
}

document.getElementById('content').innerHTML = JSON.stringify(sigs, null, 2)
aws4-1.9.0/browser/package.json000066400000000000000000000006501356732361100163600ustar00rootroot00000000000000{
  "name": "aws4-browser-example",
  "version": "1.0.0",
  "description": "Example project for how to use aws4 in the browser",
  "main": "index.js",
  "author": "Michael Hart  (http://github.com/mhart)",
  "license": "ISC",
  "scripts": {
    "build": "browserify -o bundle.js index.js"
  },
  "dependencies": {
    "aws4": "^1.7.0"
  },
  "devDependencies": {
    "browserify": "^16.1.1"
  }
}
aws4-1.9.0/example.js000066400000000000000000000233121356732361100144000ustar00rootroot00000000000000var http  = require('http'),
    https = require('https'),
    aws4  = require('aws4')

// given an options object you could pass to http.request
var opts = {host: 'sqs.us-east-1.amazonaws.com', path: '/?Action=ListQueues'}

// alternatively (as aws4 can infer the host):
opts = {service: 'sqs', region: 'us-east-1', path: '/?Action=ListQueues'}

// alternatively (as us-east-1 is default):
opts = {service: 'sqs', path: '/?Action=ListQueues'}

aws4.sign(opts) // assumes AWS credentials are available in process.env

console.log(opts)
/*
{
  host: 'sqs.us-east-1.amazonaws.com',
  path: '/?Action=ListQueues',
  headers: {
    Host: 'sqs.us-east-1.amazonaws.com',
    'X-Amz-Date': '20121226T061030Z',
    Authorization: 'AWS4-HMAC-SHA256 Credential=ABCDEF/20121226/us-east-1/sqs/aws4_request, ...'
  }
}
*/

// we can now use this to query AWS using the standard node.js http API
http.request(opts, function(res) { res.pipe(process.stdout) }).end()
/*


...
*/

// you can also pass AWS credentials in explicitly (otherwise taken from process.env)
aws4.sign(opts, {accessKeyId: '', secretAccessKey: ''})

// can also add the signature to query strings
aws4.sign({service: 's3', path: '/my-bucket?X-Amz-Expires=12345', signQuery: true})

// create a utility function to pipe to stdout (with https this time)
function request(o) { https.request(o, function(res) { res.pipe(process.stdout) }).end(o.body || '') }

// aws4 can infer the HTTP method if a body is passed in
// method will be POST and Content-Type: 'application/x-www-form-urlencoded; charset=utf-8'
request(aws4.sign({service: 'iam', body: 'Action=ListGroups&Version=2010-05-08'}))
/*

...
*/

// can specify any custom option or header as per usual
request(aws4.sign({
  service: 'dynamodb',
  region: 'ap-southeast-2',
  method: 'POST',
  path: '/',
  headers: {
    'Content-Type': 'application/x-amz-json-1.0',
    'X-Amz-Target': 'DynamoDB_20120810.ListTables'
  },
  body: '{}'
}))
/*
{"TableNames":[]}
...
*/

// works with all other services that support Signature Version 4

request(aws4.sign({service: 's3', path: '/', signQuery: true}))
/*

...
*/

request(aws4.sign({service: 'ec2', path: '/?Action=DescribeRegions&Version=2014-06-15'}))
/*

...
*/

request(aws4.sign({service: 'sns', path: '/?Action=ListTopics&Version=2010-03-31'}))
/*

...
*/

request(aws4.sign({service: 'sts', path: '/?Action=GetSessionToken&Version=2011-06-15'}))
/*

...
*/

request(aws4.sign({service: 'cloudsearch', path: '/?Action=ListDomainNames&Version=2013-01-01'}))
/*

...
*/

request(aws4.sign({service: 'ses', path: '/?Action=ListIdentities&Version=2010-12-01'}))
/*

...
*/

request(aws4.sign({service: 'autoscaling', path: '/?Action=DescribeAutoScalingInstances&Version=2011-01-01'}))
/*

...
*/

request(aws4.sign({service: 'elasticloadbalancing', path: '/?Action=DescribeLoadBalancers&Version=2012-06-01'}))
/*

...
*/

request(aws4.sign({service: 'cloudformation', path: '/?Action=ListStacks&Version=2010-05-15'}))
/*

...
*/

request(aws4.sign({service: 'elasticbeanstalk', path: '/?Action=ListAvailableSolutionStacks&Version=2010-12-01'}))
/*

...
*/

request(aws4.sign({service: 'rds', path: '/?Action=DescribeDBInstances&Version=2012-09-17'}))
/*

...
*/

request(aws4.sign({service: 'monitoring', path: '/?Action=ListMetrics&Version=2010-08-01'}))
/*

...
*/

request(aws4.sign({service: 'redshift', path: '/?Action=DescribeClusters&Version=2012-12-01'}))
/*

...
*/

request(aws4.sign({service: 'cloudfront', path: '/2014-05-31/distribution'}))
/*

...
*/

request(aws4.sign({service: 'elasticache', path: '/?Action=DescribeCacheClusters&Version=2014-07-15'}))
/*

...
*/

request(aws4.sign({service: 'elasticmapreduce', path: '/?Action=DescribeJobFlows&Version=2009-03-31'}))
/*

...
*/

request(aws4.sign({service: 'route53', path: '/2013-04-01/hostedzone'}))
/*

...
*/

request(aws4.sign({service: 'appstream', path: '/applications'}))
/*
{"_links":{"curie":[{"href":"http://docs.aws.amazon.com/appstream/latest/...
...
*/

request(aws4.sign({service: 'cognito-sync', path: '/identitypools'}))
/*
{"Count":0,"IdentityPoolUsages":[],"MaxResults":16,"NextToken":null}
...
*/

request(aws4.sign({service: 'elastictranscoder', path: '/2012-09-25/pipelines'}))
/*
{"NextPageToken":null,"Pipelines":[]}
...
*/

request(aws4.sign({service: 'lambda', path: '/2014-11-13/functions/'}))
/*
{"Functions":[],"NextMarker":null}
...
*/

request(aws4.sign({service: 'ecs', path: '/?Action=ListClusters&Version=2014-11-13'}))
/*

...
*/

request(aws4.sign({service: 'glacier', path: '/-/vaults', headers: {'X-Amz-Glacier-Version': '2012-06-01'}}))
/*
{"Marker":null,"VaultList":[]}
...
*/

request(aws4.sign({service: 'storagegateway', body: '{}', headers: {
  'Content-Type': 'application/x-amz-json-1.1',
  'X-Amz-Target': 'StorageGateway_20120630.ListGateways'
}}))
/*
{"Gateways":[]}
...
*/

request(aws4.sign({service: 'datapipeline', body: '{}', headers: {
  'Content-Type': 'application/x-amz-json-1.1',
  'X-Amz-Target': 'DataPipeline.ListPipelines'
}}))
/*
{"hasMoreResults":false,"pipelineIdList":[]}
...
*/

request(aws4.sign({service: 'opsworks', body: '{}', headers: {
  'Content-Type': 'application/x-amz-json-1.1',
  'X-Amz-Target': 'OpsWorks_20130218.DescribeStacks'
}}))
/*
{"Stacks":[]}
...
*/

request(aws4.sign({service: 'route53domains', body: '{}', headers: {
  'Content-Type': 'application/x-amz-json-1.1',
  'X-Amz-Target': 'Route53Domains_v20140515.ListDomains'
}}))
/*
{"Domains":[]}
...
*/

request(aws4.sign({service: 'kinesis', body: '{}', headers: {
  'Content-Type': 'application/x-amz-json-1.1',
  'X-Amz-Target': 'Kinesis_20131202.ListStreams'
}}))
/*
{"HasMoreStreams":false,"StreamNames":[]}
...
*/

request(aws4.sign({service: 'cloudtrail', body: '{}', headers: {
  'Content-Type': 'application/x-amz-json-1.1',
  'X-Amz-Target': 'CloudTrail_20131101.DescribeTrails'
}}))
/*
{"trailList":[]}
...
*/

request(aws4.sign({service: 'logs', body: '{}', headers: {
  'Content-Type': 'application/x-amz-json-1.1',
  'X-Amz-Target': 'Logs_20140328.DescribeLogGroups'
}}))
/*
{"logGroups":[]}
...
*/

request(aws4.sign({service: 'codedeploy', body: '{}', headers: {
  'Content-Type': 'application/x-amz-json-1.1',
  'X-Amz-Target': 'CodeDeploy_20141006.ListApplications'
}}))
/*
{"applications":[]}
...
*/

request(aws4.sign({service: 'directconnect', body: '{}', headers: {
  'Content-Type': 'application/x-amz-json-1.1',
  'X-Amz-Target': 'OvertureService.DescribeConnections'
}}))
/*
{"connections":[]}
...
*/

request(aws4.sign({service: 'kms', body: '{}', headers: {
  'Content-Type': 'application/x-amz-json-1.1',
  'X-Amz-Target': 'TrentService.ListKeys'
}}))
/*
{"Keys":[],"Truncated":false}
...
*/

request(aws4.sign({service: 'config', body: '{}', headers: {
  'Content-Type': 'application/x-amz-json-1.1',
  'X-Amz-Target': 'StarlingDoveService.DescribeDeliveryChannels'
}}))
/*
{"DeliveryChannels":[]}
...
*/

request(aws4.sign({service: 'cloudhsm', body: '{}', headers: {
  'Content-Type': 'application/x-amz-json-1.1',
  'X-Amz-Target': 'CloudHsmFrontendService.ListAvailableZones'
}}))
/*
{"AZList":["us-east-1a","us-east-1b","us-east-1c"]}
...
*/

request(aws4.sign({
  service: 'swf',
  body: '{"registrationStatus":"REGISTERED"}',
  headers: {
    'Content-Type': 'application/x-amz-json-1.0',
    'X-Amz-Target': 'SimpleWorkflowService.ListDomains'
  }
}))
/*
{"domainInfos":[]}
...
*/

request(aws4.sign({
  service: 'cognito-identity',
  body: '{"MaxResults": 1}',
  headers: {
    'Content-Type': 'application/x-amz-json-1.1',
    'X-Amz-Target': 'AWSCognitoIdentityService.ListIdentityPools'
  }
}))
/*
{"IdentityPools":[]}
...
*/

request(aws4.sign({
  service: 'mobileanalytics',
  path: '/2014-06-05/events',
  body: JSON.stringify({events:[{
    eventType: 'a',
    timestamp: new Date().toISOString(),
    session: {},
  }]}),
  headers: {
    'Content-Type': 'application/json',
    'X-Amz-Client-Context': JSON.stringify({
      client: {client_id: 'a', app_title: 'a'},
      custom: {},
      env: {platform: 'a'},
      services: {},
    }),
  }
}))
/*
(HTTP 202, empty response)
*/

// Still not updated to v4...

//request(aws4.sign({service: 'importexport', path: '/?Action=ListJobs&Version=2010-06-01'}))

//request(aws4.sign({service: 'sdb', path: '/?Action=ListDomains&Version=2009-04-15'}))

aws4-1.9.0/lru.js000066400000000000000000000035721356732361100135550ustar00rootroot00000000000000module.exports = function(size) {
  return new LruCache(size)
}

function LruCache(size) {
  this.capacity = size | 0
  this.map = Object.create(null)
  this.list = new DoublyLinkedList()
}

LruCache.prototype.get = function(key) {
  var node = this.map[key]
  if (node == null) return undefined
  this.used(node)
  return node.val
}

LruCache.prototype.set = function(key, val) {
  var node = this.map[key]
  if (node != null) {
    node.val = val
  } else {
    if (!this.capacity) this.prune()
    if (!this.capacity) return false
    node = new DoublyLinkedNode(key, val)
    this.map[key] = node
    this.capacity--
  }
  this.used(node)
  return true
}

LruCache.prototype.used = function(node) {
  this.list.moveToFront(node)
}

LruCache.prototype.prune = function() {
  var node = this.list.pop()
  if (node != null) {
    delete this.map[node.key]
    this.capacity++
  }
}


function DoublyLinkedList() {
  this.firstNode = null
  this.lastNode = null
}

DoublyLinkedList.prototype.moveToFront = function(node) {
  if (this.firstNode == node) return

  this.remove(node)

  if (this.firstNode == null) {
    this.firstNode = node
    this.lastNode = node
    node.prev = null
    node.next = null
  } else {
    node.prev = null
    node.next = this.firstNode
    node.next.prev = node
    this.firstNode = node
  }
}

DoublyLinkedList.prototype.pop = function() {
  var lastNode = this.lastNode
  if (lastNode != null) {
    this.remove(lastNode)
  }
  return lastNode
}

DoublyLinkedList.prototype.remove = function(node) {
  if (this.firstNode == node) {
    this.firstNode = node.next
  } else if (node.prev != null) {
    node.prev.next = node.next
  }
  if (this.lastNode == node) {
    this.lastNode = node.prev
  } else if (node.next != null) {
    node.next.prev = node.prev
  }
}


function DoublyLinkedNode(key, val) {
  this.key = key
  this.val = val
  this.prev = null
  this.next = null
}
aws4-1.9.0/package.json000066400000000000000000000024721356732361100147010ustar00rootroot00000000000000{
  "name": "aws4",
  "version": "1.9.0",
  "description": "Signs and prepares requests using AWS Signature Version 4",
  "author": "Michael Hart  (http://github.com/mhart)",
  "main": "aws4.js",
  "keywords": [
    "amazon",
    "aws",
    "signature",
    "s3",
    "ec2",
    "autoscaling",
    "cloudformation",
    "elasticloadbalancing",
    "elb",
    "elasticbeanstalk",
    "cloudsearch",
    "dynamodb",
    "kinesis",
    "lambda",
    "glacier",
    "sqs",
    "sns",
    "iam",
    "sts",
    "ses",
    "swf",
    "storagegateway",
    "datapipeline",
    "directconnect",
    "redshift",
    "opsworks",
    "rds",
    "monitoring",
    "cloudtrail",
    "cloudfront",
    "codedeploy",
    "elasticache",
    "elasticmapreduce",
    "elastictranscoder",
    "emr",
    "cloudwatch",
    "mobileanalytics",
    "cognitoidentity",
    "cognitosync",
    "cognito",
    "containerservice",
    "ecs",
    "appstream",
    "keymanagementservice",
    "kms",
    "config",
    "cloudhsm",
    "route53",
    "route53domains",
    "logs"
  ],
  "repository": {
    "type": "git",
    "url": "https://github.com/mhart/aws4.git"
  },
  "license": "MIT",
  "devDependencies": {
    "mocha": "^2.4.5",
    "should": "^8.2.2"
  },
  "scripts": {
    "test": "mocha ./test/fast.js -b -t 100s -R list"
  }
}
aws4-1.9.0/test/000077500000000000000000000000001356732361100133655ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/000077500000000000000000000000001356732361100173725ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-key-duplicate/000077500000000000000000000000001356732361100241355ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-key-duplicate/get-header-key-duplicate.authz000066400000000000000000000003051356732361100317530ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;my-header1;x-amz-date, Signature=c9d5ea9f3f72853aea855b47ea873832890dbdd183b4468f858259531a5138eaaws4-1.9.0/test/aws-sig-v4-test-suite/get-header-key-duplicate/get-header-key-duplicate.creq000066400000000000000000000002721356732361100315550ustar00rootroot00000000000000GET
/

host:example.amazonaws.com
my-header1:value2,value2,value1
x-amz-date:20150830T123600Z

host;my-header1;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-key-duplicate/get-header-key-duplicate.req000066400000000000000000000001731356732361100314120ustar00rootroot00000000000000GET / HTTP/1.1
Host:example.amazonaws.com
My-Header1:value2
My-Header1:value2
My-Header1:value1
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/get-header-key-duplicate/get-header-key-duplicate.sreq000066400000000000000000000005201356732361100315710ustar00rootroot00000000000000GET / HTTP/1.1
Host:example.amazonaws.com
My-Header1:value2
My-Header1:value2
My-Header1:value1
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;my-header1;x-amz-date, Signature=c9d5ea9f3f72853aea855b47ea873832890dbdd183b4468f858259531a5138eaaws4-1.9.0/test/aws-sig-v4-test-suite/get-header-key-duplicate/get-header-key-duplicate.sts000066400000000000000000000002121356732361100314260ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
dc7f04a3abfde8d472b0ab1a418b741b7c67174dad1551b4117b15527fbe966caws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-multiline/000077500000000000000000000000001356732361100245115ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-multiline/get-header-value-multiline.authz000066400000000000000000000003051356732361100327030ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;my-header1;x-amz-date, Signature=ba17b383a53190154eb5fa66a1b836cc297cc0a3d70a5d00705980573d8ff790aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-multiline/get-header-value-multiline.creq000066400000000000000000000002721356732361100325050ustar00rootroot00000000000000GET
/

host:example.amazonaws.com
my-header1:value1,value2,value3
x-amz-date:20150830T123600Z

host;my-header1;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-multiline/get-header-value-multiline.req000066400000000000000000000001541356732361100323410ustar00rootroot00000000000000GET / HTTP/1.1
Host:example.amazonaws.com
My-Header1:value1
  value2
     value3
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-multiline/get-header-value-multiline.sreq000066400000000000000000000005011356732361100325200ustar00rootroot00000000000000GET / HTTP/1.1
Host:example.amazonaws.com
My-Header1:value1
  value2
     value3
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;my-header1;x-amz-date, Signature=ba17b383a53190154eb5fa66a1b836cc297cc0a3d70a5d00705980573d8ff790aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-multiline/get-header-value-multiline.sts000066400000000000000000000002121356732361100323560ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
b7b6cbfd8a0430b78891e986784da2630c8a135a8595cec25b26ea94f926ee55aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-order/000077500000000000000000000000001356732361100236225ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-order/get-header-value-order.authz000066400000000000000000000003051356732361100311250ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;my-header1;x-amz-date, Signature=08c7e5a9acfcfeb3ab6b2185e75ce8b1deb5e634ec47601a50643f830c755c01aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-order/get-header-value-order.creq000066400000000000000000000003011356732361100307200ustar00rootroot00000000000000GET
/

host:example.amazonaws.com
my-header1:value4,value1,value3,value2
x-amz-date:20150830T123600Z

host;my-header1;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-order/get-header-value-order.req000066400000000000000000000002151356732361100305610ustar00rootroot00000000000000GET / HTTP/1.1
Host:example.amazonaws.com
My-Header1:value4
My-Header1:value1
My-Header1:value3
My-Header1:value2
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-order/get-header-value-order.sreq000066400000000000000000000005421356732361100307470ustar00rootroot00000000000000GET / HTTP/1.1
Host:example.amazonaws.com
My-Header1:value4
My-Header1:value1
My-Header1:value3
My-Header1:value2
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;my-header1;x-amz-date, Signature=08c7e5a9acfcfeb3ab6b2185e75ce8b1deb5e634ec47601a50643f830c755c01aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-order/get-header-value-order.sts000066400000000000000000000002121356732361100306000ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
31ce73cd3f3d9f66977ad3dd957dc47af14df92fcd8509f59b349e9137c58b86aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-trim/000077500000000000000000000000001356732361100234625ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-trim/get-header-value-trim.authz000066400000000000000000000003201356732361100306220ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;my-header1;my-header2;x-amz-date, Signature=acc3ed3afb60bb290fc8d2dd0098b9911fcaa05412b367055dee359757a9c736aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-trim/get-header-value-trim.creq000066400000000000000000000003121356732361100304220ustar00rootroot00000000000000GET
/

host:example.amazonaws.com
my-header1:value1
my-header2:"a b c"
x-amz-date:20150830T123600Z

host;my-header1;my-header2;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-trim/get-header-value-trim.req000066400000000000000000000001601356732361100302600ustar00rootroot00000000000000GET / HTTP/1.1
Host:example.amazonaws.com
My-Header1: value1
My-Header2: "a   b   c"
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-trim/get-header-value-trim.sreq000066400000000000000000000005201356732361100304430ustar00rootroot00000000000000GET / HTTP/1.1
Host:example.amazonaws.com
My-Header1: value1
My-Header2: "a   b   c"
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;my-header1;my-header2;x-amz-date, Signature=acc3ed3afb60bb290fc8d2dd0098b9911fcaa05412b367055dee359757a9c736aws4-1.9.0/test/aws-sig-v4-test-suite/get-header-value-trim/get-header-value-trim.sts000066400000000000000000000002121356732361100303000ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
a726db9b0df21c14f559d0a978e563112acb1b9e05476f0a6a1c7d68f28605c7aws4-1.9.0/test/aws-sig-v4-test-suite/get-unreserved/000077500000000000000000000000001356732361100223315ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-unreserved/get-unreserved.authz000066400000000000000000000002721356732361100263460ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=07ef7494c76fa4850883e2b006601f940f8a34d404d0cfa977f52a65bbf5f24faws4-1.9.0/test/aws-sig-v4-test-suite/get-unreserved/get-unreserved.creq000066400000000000000000000003211356732361100261400ustar00rootroot00000000000000GET
/-._~0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz

host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/get-unreserved/get-unreserved.req000066400000000000000000000002071356732361100260000ustar00rootroot00000000000000GET /-._~0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/get-unreserved/get-unreserved.sreq000066400000000000000000000005211356732361100261620ustar00rootroot00000000000000GET /-._~0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=07ef7494c76fa4850883e2b006601f940f8a34d404d0cfa977f52a65bbf5f24faws4-1.9.0/test/aws-sig-v4-test-suite/get-unreserved/get-unreserved.sts000066400000000000000000000002121356732361100260160ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
6a968768eefaa713e2a6b16b589a8ea192661f098f37349f4e2c0082757446f9aws4-1.9.0/test/aws-sig-v4-test-suite/get-utf8/000077500000000000000000000000001356732361100210355ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-utf8/get-utf8.authz000066400000000000000000000002721356732361100235560ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=8318018e0b0f223aa2bbf98705b62bb787dc9c0e678f255a891fd03141be5d85aws4-1.9.0/test/aws-sig-v4-test-suite/get-utf8/get-utf8.creq000066400000000000000000000002301356732361100233470ustar00rootroot00000000000000GET
/%E1%88%B4

host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/get-utf8/get-utf8.req000066400000000000000000000001101356732361100232010ustar00rootroot00000000000000GET /ሴ HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/get-utf8/get-utf8.sreq000066400000000000000000000004221356732361100233720ustar00rootroot00000000000000GET /ሴ HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=8318018e0b0f223aa2bbf98705b62bb787dc9c0e678f255a891fd03141be5d85aws4-1.9.0/test/aws-sig-v4-test-suite/get-utf8/get-utf8.sts000066400000000000000000000002121356732361100232260ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
2a0a97d02205e45ce2e994789806b19270cfbbb0921b278ccf58f5249ac42102aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-empty-query-key/000077500000000000000000000000001356732361100246625ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-empty-query-key/get-vanilla-empty-query-key.authz000066400000000000000000000002721356732361100332300ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=a67d582fa61cc504c4bae71f336f98b97f1ea3c7a6bfe1b6e45aec72011b9aebaws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-empty-query-key/get-vanilla-empty-query-key.creq000066400000000000000000000002341356732361100330250ustar00rootroot00000000000000GET
/
Param1=value1
host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-empty-query-key/get-vanilla-empty-query-key.req000066400000000000000000000001231356732361100326570ustar00rootroot00000000000000GET /?Param1=value1 HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-empty-query-key/get-vanilla-empty-query-key.sreq000066400000000000000000000004351356732361100330500ustar00rootroot00000000000000GET /?Param1=value1 HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=a67d582fa61cc504c4bae71f336f98b97f1ea3c7a6bfe1b6e45aec72011b9aebaws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-empty-query-key/get-vanilla-empty-query-key.sts000066400000000000000000000002121356732361100327000ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
1e24db194ed7d0eec2de28d7369675a243488e08526e8c1c73571282f7c517abaws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-key-case/000077500000000000000000000000001356732361100255505ustar00rootroot00000000000000get-vanilla-query-order-key-case.authz000066400000000000000000000002721356732361100347250ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-key-caseAWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=b97d918cfa904a5beff61c982a1b6f458b799221646efd99d3219ec94cdf2500get-vanilla-query-order-key-case.creq000066400000000000000000000002521356732361100345220ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-key-caseGET
/
Param1=value1&Param2=value2
host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855get-vanilla-query-order-key-case.req000066400000000000000000000001411356732361100343540ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-key-caseGET /?Param2=value2&Param1=value1 HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zget-vanilla-query-order-key-case.sreq000066400000000000000000000004531356732361100345450ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-key-caseGET /?Param2=value2&Param1=value1 HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=b97d918cfa904a5beff61c982a1b6f458b799221646efd99d3219ec94cdf2500get-vanilla-query-order-key-case.sts000066400000000000000000000002121356732361100343750ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-key-caseAWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
816cd5b414d056048ba4f7c5386d6e0533120fb1fcfa93762cf0fc39e2cf19e0aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-key/000077500000000000000000000000001356732361100246375ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-key/get-vanilla-query-order-key.authz000066400000000000000000000002721356732361100331620ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=eedbc4e291e521cf13422ffca22be7d2eb8146eecf653089df300a15b2382bd1aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-key/get-vanilla-query-order-key.creq000066400000000000000000000002521356732361100327570ustar00rootroot00000000000000GET
/
Param1=Value1&Param1=value2
host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-key/get-vanilla-query-order-key.req000066400000000000000000000001411356732361100326110ustar00rootroot00000000000000GET /?Param1=value2&Param1=Value1 HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-key/get-vanilla-query-order-key.sreq000066400000000000000000000004531356732361100330020ustar00rootroot00000000000000GET /?Param1=value2&Param1=Value1 HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=eedbc4e291e521cf13422ffca22be7d2eb8146eecf653089df300a15b2382bd1aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-key/get-vanilla-query-order-key.sts000066400000000000000000000002121356732361100326320ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
704b4cef673542d84cdff252633f065e8daeba5f168b77116f8b1bcaf3d38f89aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-value/000077500000000000000000000000001356732361100251635ustar00rootroot00000000000000get-vanilla-query-order-value.authz000066400000000000000000000002721356732361100337530ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-valueAWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5772eed61e12b33fae39ee5e7012498b51d56abc0abb7c60486157bd471c4694get-vanilla-query-order-value.creq000066400000000000000000000002521356732361100335500ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-valueGET
/
Param1=value1&Param1=value2
host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855get-vanilla-query-order-value.req000066400000000000000000000001411356732361100334020ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-valueGET /?Param1=value2&Param1=value1 HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zget-vanilla-query-order-value.sreq000066400000000000000000000004531356732361100335730ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-valueGET /?Param1=value2&Param1=value1 HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5772eed61e12b33fae39ee5e7012498b51d56abc0abb7c60486157bd471c4694get-vanilla-query-order-value.sts000066400000000000000000000002121356732361100334230ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-order-valueAWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
c968629d70850097a2d8781c9bf7edcb988b04cac14cca9be4acc3595f884606aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-unreserved/000077500000000000000000000000001356732361100251205ustar00rootroot00000000000000get-vanilla-query-unreserved.authz000066400000000000000000000002721356732361100336450ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-unreservedAWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=9c3e54bfcdf0b19771a7f523ee5669cdf59bc7cc0884027167c21bb143a40197aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-unreserved/get-vanilla-query-unreserved.creq000066400000000000000000000004241356732361100335220ustar00rootroot00000000000000GET
/
-._~0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz=-._~0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-unreserved/get-vanilla-query-unreserved.req000066400000000000000000000003131356732361100333540ustar00rootroot00000000000000GET /?-._~0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz=-._~0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-unreserved/get-vanilla-query-unreserved.sreq000066400000000000000000000006251356732361100335450ustar00rootroot00000000000000GET /?-._~0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz=-._~0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=9c3e54bfcdf0b19771a7f523ee5669cdf59bc7cc0884027167c21bb143a40197aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query-unreserved/get-vanilla-query-unreserved.sts000066400000000000000000000002121356732361100333740ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
c30d4703d9f799439be92736156d47ccfb2d879ddf56f5befa6d1d6aab979177aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query/000077500000000000000000000000001356732361100227405ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query/get-vanilla-query.authz000066400000000000000000000002721356732361100273640ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5fa00fa31553b73ebf1942676e86291e8372ff2a2260956d9b8aae1d763fbf31aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query/get-vanilla-query.creq000066400000000000000000000002171356732361100271620ustar00rootroot00000000000000GET
/

host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query/get-vanilla-query.req000066400000000000000000000001051356732361100270130ustar00rootroot00000000000000GET / HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query/get-vanilla-query.sreq000066400000000000000000000004171356732361100272040ustar00rootroot00000000000000GET / HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5fa00fa31553b73ebf1942676e86291e8372ff2a2260956d9b8aae1d763fbf31aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-query/get-vanilla-query.sts000066400000000000000000000002121356732361100270340ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
bb579772317eb040ac9ed261061d46c1f17a8133879d6129b6e1c25292927e63aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-utf8-query/000077500000000000000000000000001356732361100236245ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-utf8-query/get-vanilla-utf8-query.authz000066400000000000000000000002721356732361100311340ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=2cdec8eed098649ff3a119c94853b13c643bcf08f8b0a1d91e12c9027818dd04aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-utf8-query/get-vanilla-utf8-query.creq000066400000000000000000000002341356732361100307310ustar00rootroot00000000000000GET
/
%E1%88%B4=bar
host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-utf8-query/get-vanilla-utf8-query.req000066400000000000000000000001151356732361100305640ustar00rootroot00000000000000GET /?ሴ=bar HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-utf8-query/get-vanilla-utf8-query.sreq000066400000000000000000000004271356732361100307550ustar00rootroot00000000000000GET /?ሴ=bar HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=2cdec8eed098649ff3a119c94853b13c643bcf08f8b0a1d91e12c9027818dd04aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla-utf8-query/get-vanilla-utf8-query.sts000066400000000000000000000002121356732361100306040ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
eb30c5bed55734080471a834cc727ae56beb50e5f39d1bff6d0d38cb192a7073aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla/000077500000000000000000000000001356732361100215755ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla/get-vanilla.authz000066400000000000000000000002721356732361100250560ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5fa00fa31553b73ebf1942676e86291e8372ff2a2260956d9b8aae1d763fbf31aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla/get-vanilla.creq000066400000000000000000000002171356732361100246540ustar00rootroot00000000000000GET
/

host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla/get-vanilla.req000066400000000000000000000001051356732361100245050ustar00rootroot00000000000000GET / HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla/get-vanilla.sreq000066400000000000000000000004171356732361100246760ustar00rootroot00000000000000GET / HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5fa00fa31553b73ebf1942676e86291e8372ff2a2260956d9b8aae1d763fbf31aws4-1.9.0/test/aws-sig-v4-test-suite/get-vanilla/get-vanilla.sts000066400000000000000000000002121356732361100245260ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
bb579772317eb040ac9ed261061d46c1f17a8133879d6129b6e1c25292927e63aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/000077500000000000000000000000001356732361100223245ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-relative-relative/000077500000000000000000000000001356732361100265255ustar00rootroot00000000000000get-relative-relative.authz000066400000000000000000000002721356732361100337250ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-relative-relativeAWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5fa00fa31553b73ebf1942676e86291e8372ff2a2260956d9b8aae1d763fbf31get-relative-relative.creq000066400000000000000000000002171356732361100335230ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-relative-relativeGET
/

host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-relative-relative/get-relative-relative.req000066400000000000000000000001341356732361100334350ustar00rootroot00000000000000GET /example1/example2/../.. HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zget-relative-relative.sreq000066400000000000000000000004461356732361100335470ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-relative-relativeGET /example1/example2/../.. HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5fa00fa31553b73ebf1942676e86291e8372ff2a2260956d9b8aae1d763fbf31aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-relative-relative/get-relative-relative.sts000066400000000000000000000002121356732361100334540ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
bb579772317eb040ac9ed261061d46c1f17a8133879d6129b6e1c25292927e63aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-relative/000077500000000000000000000000001356732361100247145ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-relative/get-relative.authz000066400000000000000000000002721356732361100303620ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5fa00fa31553b73ebf1942676e86291e8372ff2a2260956d9b8aae1d763fbf31aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-relative/get-relative.creq000066400000000000000000000002171356732361100301600ustar00rootroot00000000000000GET
/

host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-relative/get-relative.req000066400000000000000000000001171356732361100300140ustar00rootroot00000000000000GET /example/.. HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-relative/get-relative.sreq000066400000000000000000000004311356732361100301760ustar00rootroot00000000000000GET /example/.. HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5fa00fa31553b73ebf1942676e86291e8372ff2a2260956d9b8aae1d763fbf31aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-relative/get-relative.sts000066400000000000000000000002121356732361100300320ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
bb579772317eb040ac9ed261061d46c1f17a8133879d6129b6e1c25292927e63aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash-dot-slash/000077500000000000000000000000001356732361100261075ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash-dot-slash/get-slash-dot-slash.authz000066400000000000000000000002721356732361100327500ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5fa00fa31553b73ebf1942676e86291e8372ff2a2260956d9b8aae1d763fbf31aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash-dot-slash/get-slash-dot-slash.creq000066400000000000000000000002171356732361100325460ustar00rootroot00000000000000GET
/

host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash-dot-slash/get-slash-dot-slash.req000066400000000000000000000001071356732361100324010ustar00rootroot00000000000000GET /./ HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash-dot-slash/get-slash-dot-slash.sreq000066400000000000000000000004211356732361100325630ustar00rootroot00000000000000GET /./ HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5fa00fa31553b73ebf1942676e86291e8372ff2a2260956d9b8aae1d763fbf31aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash-dot-slash/get-slash-dot-slash.sts000066400000000000000000000002121356732361100324200ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
bb579772317eb040ac9ed261061d46c1f17a8133879d6129b6e1c25292927e63aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash-pointless-dot/000077500000000000000000000000001356732361100270155ustar00rootroot00000000000000get-slash-pointless-dot.authz000066400000000000000000000002721356732361100345050ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash-pointless-dotAWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=ef75d96142cf21edca26f06005da7988e4f8dc83a165a80865db7089db637ec5get-slash-pointless-dot.creq000066400000000000000000000002261356732361100343030ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash-pointless-dotGET
/example

host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855get-slash-pointless-dot.req000066400000000000000000000001161356732361100341360ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash-pointless-dotGET /./example HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zget-slash-pointless-dot.sreq000066400000000000000000000004301356732361100343200ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash-pointless-dotGET /./example HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=ef75d96142cf21edca26f06005da7988e4f8dc83a165a80865db7089db637ec5get-slash-pointless-dot.sts000066400000000000000000000002121356732361100341550ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash-pointless-dotAWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
214d50c111a8edc4819da6a636336472c916b5240f51e9a51b5c3305180cf702aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash/000077500000000000000000000000001356732361100242135ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash/get-slash.authz000066400000000000000000000002721356732361100271600ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5fa00fa31553b73ebf1942676e86291e8372ff2a2260956d9b8aae1d763fbf31aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash/get-slash.creq000066400000000000000000000002171356732361100267560ustar00rootroot00000000000000GET
/

host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash/get-slash.req000066400000000000000000000001061356732361100266100ustar00rootroot00000000000000GET // HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash/get-slash.sreq000066400000000000000000000004201356732361100267720ustar00rootroot00000000000000GET // HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5fa00fa31553b73ebf1942676e86291e8372ff2a2260956d9b8aae1d763fbf31aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slash/get-slash.sts000066400000000000000000000002121356732361100266300ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
bb579772317eb040ac9ed261061d46c1f17a8133879d6129b6e1c25292927e63aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slashes/000077500000000000000000000000001356732361100245435ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slashes/get-slashes.authz000066400000000000000000000002721356732361100300400ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=9a624bd73a37c9a373b5312afbebe7a714a789de108f0bdfe846570885f57e84aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slashes/get-slashes.creq000066400000000000000000000002271356732361100276370ustar00rootroot00000000000000GET
/example/

host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slashes/get-slashes.req000066400000000000000000000001171356732361100274720ustar00rootroot00000000000000GET //example// HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slashes/get-slashes.sreq000066400000000000000000000004311356732361100276540ustar00rootroot00000000000000GET //example// HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=9a624bd73a37c9a373b5312afbebe7a714a789de108f0bdfe846570885f57e84aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-slashes/get-slashes.sts000066400000000000000000000002121356732361100275100ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
cb96b4ac96d501f7c5c15bc6d67b3035061cfced4af6585ad927f7e6c985c015aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-space/000077500000000000000000000000001356732361100241745ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-space/get-space.authz000066400000000000000000000002721356732361100271220ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=652487583200325589f1fba4c7e578f72c47cb61beeca81406b39ddec1366741aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-space/get-space.creq000066400000000000000000000002371356732361100267220ustar00rootroot00000000000000GET
/example%20space/

host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-space/get-space.req000066400000000000000000000001231356732361100265510ustar00rootroot00000000000000GET /example space/ HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-space/get-space.sreq000066400000000000000000000004351356732361100267420ustar00rootroot00000000000000GET /example space/ HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=652487583200325589f1fba4c7e578f72c47cb61beeca81406b39ddec1366741aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/get-space/get-space.sts000066400000000000000000000002121356732361100265720ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
63ee75631ed7234ae61b5f736dfc7754cdccfedbff4b5128a915706ee9390d86aws4-1.9.0/test/aws-sig-v4-test-suite/normalize-path/normalize-path.txt000066400000000000000000000010111356732361100260100ustar00rootroot00000000000000A note about signing requests to Amazon S3:

In exception to this, you do not normalize URI paths for requests to Amazon S3. For example, if you have a bucket with an object named my-object//example//photo.user, use that path. Normalizing the path to my-object/example/photo.user will cause the request to fail. For more information, see Task 1: Create a Canonical Request in the Amazon Simple Storage Service API Reference: http://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html#canonical-requestaws4-1.9.0/test/aws-sig-v4-test-suite/post-header-key-case/000077500000000000000000000000001356732361100233045ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-header-key-case/post-header-key-case.authz000066400000000000000000000002721356732361100302740ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5da7c1a2acd57cee7505fc6676e4e544621c30862966e37dddb68e92efbe5d6baws4-1.9.0/test/aws-sig-v4-test-suite/post-header-key-case/post-header-key-case.creq000066400000000000000000000002201356732361100300640ustar00rootroot00000000000000POST
/

host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/post-header-key-case/post-header-key-case.req000066400000000000000000000001061356732361100277240ustar00rootroot00000000000000POST / HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/post-header-key-case/post-header-key-case.sreq000066400000000000000000000004201356732361100301060ustar00rootroot00000000000000POST / HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5da7c1a2acd57cee7505fc6676e4e544621c30862966e37dddb68e92efbe5d6baws4-1.9.0/test/aws-sig-v4-test-suite/post-header-key-case/post-header-key-case.sts000066400000000000000000000002121356732361100277440ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
553f88c9e4d10fc9e109e2aeb65f030801b70c2f6468faca261d401ae622fc87aws4-1.9.0/test/aws-sig-v4-test-suite/post-header-key-sort/000077500000000000000000000000001356732361100233605ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-header-key-sort/post-header-key-sort.authz000066400000000000000000000003051356732361100304210ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;my-header1;x-amz-date, Signature=c5410059b04c1ee005303aed430f6e6645f61f4dc9e1461ec8f8916fdf18852caws4-1.9.0/test/aws-sig-v4-test-suite/post-header-key-sort/post-header-key-sort.creq000066400000000000000000000002551356732361100302240ustar00rootroot00000000000000POST
/

host:example.amazonaws.com
my-header1:value1
x-amz-date:20150830T123600Z

host;my-header1;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/post-header-key-sort/post-header-key-sort.req000066400000000000000000000001301356732361100300510ustar00rootroot00000000000000POST / HTTP/1.1
Host:example.amazonaws.com
My-Header1:value1
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/post-header-key-sort/post-header-key-sort.sreq000066400000000000000000000004551356732361100302460ustar00rootroot00000000000000POST / HTTP/1.1
Host:example.amazonaws.com
My-Header1:value1
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;my-header1;x-amz-date, Signature=c5410059b04c1ee005303aed430f6e6645f61f4dc9e1461ec8f8916fdf18852caws4-1.9.0/test/aws-sig-v4-test-suite/post-header-key-sort/post-header-key-sort.sts000066400000000000000000000002121356732361100300740ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
9368318c2967cf6de74404b30c65a91e8f6253e0a8659d6d5319f1a812f87d65aws4-1.9.0/test/aws-sig-v4-test-suite/post-header-value-case/000077500000000000000000000000001356732361100236305ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-header-value-case/post-header-value-case.authz000066400000000000000000000003051356732361100311410ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;my-header1;x-amz-date, Signature=cdbc9802e29d2942e5e10b5bccfdd67c5f22c7c4e8ae67b53629efa58b974b7daws4-1.9.0/test/aws-sig-v4-test-suite/post-header-value-case/post-header-value-case.creq000066400000000000000000000002551356732361100307440ustar00rootroot00000000000000POST
/

host:example.amazonaws.com
my-header1:VALUE1
x-amz-date:20150830T123600Z

host;my-header1;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/post-header-value-case/post-header-value-case.req000066400000000000000000000001301356732361100305710ustar00rootroot00000000000000POST / HTTP/1.1
Host:example.amazonaws.com
My-Header1:VALUE1
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/post-header-value-case/post-header-value-case.sreq000066400000000000000000000004551356732361100307660ustar00rootroot00000000000000POST / HTTP/1.1
Host:example.amazonaws.com
My-Header1:VALUE1
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;my-header1;x-amz-date, Signature=cdbc9802e29d2942e5e10b5bccfdd67c5f22c7c4e8ae67b53629efa58b974b7daws4-1.9.0/test/aws-sig-v4-test-suite/post-header-value-case/post-header-value-case.sts000066400000000000000000000002121356732361100306140ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
d51ced243e649e3de6ef63afbbdcbca03131a21a7103a1583706a64618606a93aws4-1.9.0/test/aws-sig-v4-test-suite/post-sts-token/000077500000000000000000000000001356732361100223045ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-sts-token/post-sts-header-after/000077500000000000000000000000001356732361100264255ustar00rootroot00000000000000post-sts-header-after.authz000066400000000000000000000002721356732361100335450ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-sts-token/post-sts-header-afterAWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5da7c1a2acd57cee7505fc6676e4e544621c30862966e37dddb68e92efbe5d6bpost-sts-header-after.creq000066400000000000000000000002201356732361100333350ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-sts-token/post-sts-header-afterPOST
/

host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/post-sts-token/post-sts-header-after/post-sts-header-after.req000066400000000000000000000001061356732361100332540ustar00rootroot00000000000000POST / HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zpost-sts-header-after.sreq000066400000000000000000000011661356732361100333670ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-sts-token/post-sts-header-afterPOST / HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
X-Amz-Security-Token:AQoDYXdzEPT//////////wEXAMPLEtc764bNrC9SAPBSM22wDOk4x4HIZ8j4FZTwdQWLWsKWHGBuFqwAeMicRXmxfpSPfIeoIYRqTflfKD8YUuwthAx7mSEI/qkPpKPi/kMcGdQrmGdeehM4IC1NtBmUpp2wUE8phUZampKsburEDy0KPkyQDYwT7WZ0wq5VSXDvp75YU9HFvlRd8Tx6q6fE8YQcHNVXAkiY9q6d+xo0rKwT38xVqr7ZD0u0iPPkUL64lIZbqBAz+scqKmlzm8FDrypNC9Yjc8fPOLn9FX9KSYvKTr4rvx3iSIlTJabIQwj2ICCR/oLxBA==
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5da7c1a2acd57cee7505fc6676e4e544621c30862966e37dddb68e92efbe5d6baws4-1.9.0/test/aws-sig-v4-test-suite/post-sts-token/post-sts-header-after/post-sts-header-after.sts000066400000000000000000000002121356732361100332740ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
553f88c9e4d10fc9e109e2aeb65f030801b70c2f6468faca261d401ae622fc87aws4-1.9.0/test/aws-sig-v4-test-suite/post-sts-token/post-sts-header-before/000077500000000000000000000000001356732361100265665ustar00rootroot00000000000000post-sts-header-before.authz000066400000000000000000000003171356732361100340470ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-sts-token/post-sts-header-beforeAWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=85d96828115b5dc0cfc3bd16ad9e210dd772bbebba041836c64533a82be05eadpost-sts-header-before.creq000066400000000000000000000010131356732361100336400ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-sts-token/post-sts-header-beforePOST
/

host:example.amazonaws.com
x-amz-date:20150830T123600Z
x-amz-security-token:AQoDYXdzEPT//////////wEXAMPLEtc764bNrC9SAPBSM22wDOk4x4HIZ8j4FZTwdQWLWsKWHGBuFqwAeMicRXmxfpSPfIeoIYRqTflfKD8YUuwthAx7mSEI/qkPpKPi/kMcGdQrmGdeehM4IC1NtBmUpp2wUE8phUZampKsburEDy0KPkyQDYwT7WZ0wq5VSXDvp75YU9HFvlRd8Tx6q6fE8YQcHNVXAkiY9q6d+xo0rKwT38xVqr7ZD0u0iPPkUL64lIZbqBAz+scqKmlzm8FDrypNC9Yjc8fPOLn9FX9KSYvKTr4rvx3iSIlTJabIQwj2ICCR/oLxBA==

host;x-amz-date;x-amz-security-token
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855post-sts-header-before.req000066400000000000000000000006541356732361100335070ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-sts-token/post-sts-header-beforePOST / HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
X-Amz-Security-Token:AQoDYXdzEPT//////////wEXAMPLEtc764bNrC9SAPBSM22wDOk4x4HIZ8j4FZTwdQWLWsKWHGBuFqwAeMicRXmxfpSPfIeoIYRqTflfKD8YUuwthAx7mSEI/qkPpKPi/kMcGdQrmGdeehM4IC1NtBmUpp2wUE8phUZampKsburEDy0KPkyQDYwT7WZ0wq5VSXDvp75YU9HFvlRd8Tx6q6fE8YQcHNVXAkiY9q6d+xo0rKwT38xVqr7ZD0u0iPPkUL64lIZbqBAz+scqKmlzm8FDrypNC9Yjc8fPOLn9FX9KSYvKTr4rvx3iSIlTJabIQwj2ICCR/oLxBA==post-sts-header-before.sreq000066400000000000000000000012131356732361100336620ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-sts-token/post-sts-header-beforePOST / HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
X-Amz-Security-Token:AQoDYXdzEPT//////////wEXAMPLEtc764bNrC9SAPBSM22wDOk4x4HIZ8j4FZTwdQWLWsKWHGBuFqwAeMicRXmxfpSPfIeoIYRqTflfKD8YUuwthAx7mSEI/qkPpKPi/kMcGdQrmGdeehM4IC1NtBmUpp2wUE8phUZampKsburEDy0KPkyQDYwT7WZ0wq5VSXDvp75YU9HFvlRd8Tx6q6fE8YQcHNVXAkiY9q6d+xo0rKwT38xVqr7ZD0u0iPPkUL64lIZbqBAz+scqKmlzm8FDrypNC9Yjc8fPOLn9FX9KSYvKTr4rvx3iSIlTJabIQwj2ICCR/oLxBA==
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=85d96828115b5dc0cfc3bd16ad9e210dd772bbebba041836c64533a82be05eadpost-sts-header-before.sts000066400000000000000000000002121356732361100335170ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-sts-token/post-sts-header-beforeAWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
c237e1b440d4c63c32ca95b5b99481081cb7b13c7e40434868e71567c1a882f6aws4-1.9.0/test/aws-sig-v4-test-suite/post-sts-token/readme.txt000066400000000000000000000026541356732361100243110ustar00rootroot00000000000000A note about using temporary security credentials:

You can use temporary security credentials provided by the AWS Security Token Service (AWS STS) to sign a request. The process is the same as using long-term credentials but requires an additional HTTP header or query string parameter for the security token. The name of the header or query string parameter is X-Amz-Security-Token, and the value is the session token (the string that you received from AWS STS when you obtained temporary security credentials).

When you add X-Amz-Security-Token, some services require that you include this parameter in the canonical (signed) request. For other services, you add this parameter at the end, after you calculate the signature. For details see the API reference documentation for that service.

The test suite has 2 examples:

post-sts-header-before - The X-Amz-Security-Token header is part of the canonical request.

post-sts-header-after - The X-Amz-Security-Token header is added to the request after you calculate the signature.

The test suite uses this example value for X-Amz-Security-Token:

AQoDYXdzEPT//////////wEXAMPLEtc764bNrC9SAPBSM22wDOk4x4HIZ8j4FZTwdQWLWsKWHGBuFqwAeMicRXmxfpSPfIeoIYRqTflfKD8YUuwthAx7mSEI/qkPpKPi/kMcGdQrmGdeehM4IC1NtBmUpp2wUE8phUZampKsburEDy0KPkyQDYwT7WZ0wq5VSXDvp75YU9HFvlRd8Tx6q6fE8YQcHNVXAkiY9q6d+xo0rKwT38xVqr7ZD0u0iPPkUL64lIZbqBAz+scqKmlzm8FDrypNC9Yjc8fPOLn9FX9KSYvKTr4rvx3iSIlTJabIQwj2ICCR/oLxBA==aws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla-empty-query-value/000077500000000000000000000000001356732361100254145ustar00rootroot00000000000000post-vanilla-empty-query-value.authz000066400000000000000000000002721356732361100344350ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla-empty-query-valueAWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=28038455d6de14eafc1f9222cf5aa6f1a96197d7deb8263271d420d138af7f11post-vanilla-empty-query-value.creq000066400000000000000000000002351356732361100342330ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla-empty-query-valuePOST
/
Param1=value1
host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855post-vanilla-empty-query-value.req000066400000000000000000000001241356732361100340650ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla-empty-query-valuePOST /?Param1=value1 HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zpost-vanilla-empty-query-value.sreq000066400000000000000000000004361356732361100342560ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla-empty-query-valuePOST /?Param1=value1 HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=28038455d6de14eafc1f9222cf5aa6f1a96197d7deb8263271d420d138af7f11post-vanilla-empty-query-value.sts000066400000000000000000000002121356732361100341050ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla-empty-query-valueAWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
9d659678c1756bb3113e2ce898845a0a79dbbc57b740555917687f1b3340fbbdaws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla-query/000077500000000000000000000000001356732361100231465ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla-query/post-vanilla-query.authz000066400000000000000000000002721356732361100300000ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=28038455d6de14eafc1f9222cf5aa6f1a96197d7deb8263271d420d138af7f11aws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla-query/post-vanilla-query.creq000066400000000000000000000002351356732361100275760ustar00rootroot00000000000000POST
/
Param1=value1
host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla-query/post-vanilla-query.req000066400000000000000000000001241356732361100274300ustar00rootroot00000000000000POST /?Param1=value1 HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla-query/post-vanilla-query.sreq000066400000000000000000000004361356732361100276210ustar00rootroot00000000000000POST /?Param1=value1 HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=28038455d6de14eafc1f9222cf5aa6f1a96197d7deb8263271d420d138af7f11aws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla-query/post-vanilla-query.sts000066400000000000000000000002121356732361100274500ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
9d659678c1756bb3113e2ce898845a0a79dbbc57b740555917687f1b3340fbbdaws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla/000077500000000000000000000000001356732361100220035ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla/post-vanilla.authz000066400000000000000000000002721356732361100254720ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5da7c1a2acd57cee7505fc6676e4e544621c30862966e37dddb68e92efbe5d6baws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla/post-vanilla.creq000066400000000000000000000002201356732361100252620ustar00rootroot00000000000000POST
/

host:example.amazonaws.com
x-amz-date:20150830T123600Z

host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855aws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla/post-vanilla.req000066400000000000000000000001061356732361100251220ustar00rootroot00000000000000POST / HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Zaws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla/post-vanilla.sreq000066400000000000000000000004201356732361100253040ustar00rootroot00000000000000POST / HTTP/1.1
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=5da7c1a2acd57cee7505fc6676e4e544621c30862966e37dddb68e92efbe5d6baws4-1.9.0/test/aws-sig-v4-test-suite/post-vanilla/post-vanilla.sts000066400000000000000000000002121356732361100251420ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
553f88c9e4d10fc9e109e2aeb65f030801b70c2f6468faca261d401ae622fc87aws4-1.9.0/test/aws-sig-v4-test-suite/post-x-www-form-urlencoded-parameters/000077500000000000000000000000001356732361100266725ustar00rootroot00000000000000post-x-www-form-urlencoded-parameters.authz000066400000000000000000000003071356732361100371700ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-x-www-form-urlencoded-parametersAWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=1a72ec8f64bd914b0e42e42607c7fbce7fb2c7465f63e3092b3b0d39fa77a6fepost-x-www-form-urlencoded-parameters.creq000066400000000000000000000003321356732361100367650ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-x-www-form-urlencoded-parametersPOST
/

content-type:application/x-www-form-urlencoded; charset=utf8
host:example.amazonaws.com
x-amz-date:20150830T123600Z

content-type;host;x-amz-date
9095672bbd1f56dfc5b65f3e153adc8731a4a654192329106275f4c7b24d0b6epost-x-www-form-urlencoded-parameters.req000066400000000000000000000002221356732361100366200ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-x-www-form-urlencoded-parametersPOST / HTTP/1.1
Content-Type:application/x-www-form-urlencoded; charset=utf8
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z

Param1=value1post-x-www-form-urlencoded-parameters.sreq000066400000000000000000000005511356732361100370100ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-x-www-form-urlencoded-parametersPOST / HTTP/1.1
Content-Type:application/x-www-form-urlencoded; charset=utf8
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=1a72ec8f64bd914b0e42e42607c7fbce7fb2c7465f63e3092b3b0d39fa77a6fe

Param1=value1post-x-www-form-urlencoded-parameters.sts000066400000000000000000000002121356732361100366410ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-x-www-form-urlencoded-parametersAWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
2e1cf7ed91881a30569e46552437e4156c823447bf1781b921b5d486c568dd1caws4-1.9.0/test/aws-sig-v4-test-suite/post-x-www-form-urlencoded/000077500000000000000000000000001356732361100245315ustar00rootroot00000000000000aws4-1.9.0/test/aws-sig-v4-test-suite/post-x-www-form-urlencoded/post-x-www-form-urlencoded.authz000066400000000000000000000003071356732361100327450ustar00rootroot00000000000000AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=ff11897932ad3f4e8b18135d722051e5ac45fc38421b1da7b9d196a0fe09473aaws4-1.9.0/test/aws-sig-v4-test-suite/post-x-www-form-urlencoded/post-x-www-form-urlencoded.creq000066400000000000000000000003141356732361100325420ustar00rootroot00000000000000POST
/

content-type:application/x-www-form-urlencoded
host:example.amazonaws.com
x-amz-date:20150830T123600Z

content-type;host;x-amz-date
9095672bbd1f56dfc5b65f3e153adc8731a4a654192329106275f4c7b24d0b6eaws4-1.9.0/test/aws-sig-v4-test-suite/post-x-www-form-urlencoded/post-x-www-form-urlencoded.req000066400000000000000000000002041356732361100323750ustar00rootroot00000000000000POST / HTTP/1.1
Content-Type:application/x-www-form-urlencoded
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z

Param1=value1aws4-1.9.0/test/aws-sig-v4-test-suite/post-x-www-form-urlencoded/post-x-www-form-urlencoded.sreq000066400000000000000000000005331356732361100325650ustar00rootroot00000000000000POST / HTTP/1.1
Content-Type:application/x-www-form-urlencoded
Host:example.amazonaws.com
X-Amz-Date:20150830T123600Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=ff11897932ad3f4e8b18135d722051e5ac45fc38421b1da7b9d196a0fe09473a

Param1=value1aws4-1.9.0/test/aws-sig-v4-test-suite/post-x-www-form-urlencoded/post-x-www-form-urlencoded.sts000066400000000000000000000002121356732361100324160ustar00rootroot00000000000000AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
42a5e5bb34198acb3e84da4f085bb7927f2bc277ca766e6d19c73c2154021281aws4-1.9.0/test/fast.js000066400000000000000000000726631356732361100146760ustar00rootroot00000000000000var fs = require('fs'),
    path = require('path'),
    should = require('should'),
    aws4 = require('../'),
    lru = require('../lru'),
    RequestSigner = aws4.RequestSigner,
    cred = {accessKeyId: 'ABCDEF', secretAccessKey: 'abcdef1234567890'},
    date = 'Wed, 26 Dec 2012 06:10:30 GMT',
    iso = '20121226T061030Z',
    auth = 'AWS4-HMAC-SHA256 Credential=ABCDEF/20121226/us-east-1/sqs/aws4_request, ' +
           'SignedHeaders=date;host;x-amz-date, ' +
           'Signature=d847efb54cd60f0a256174848f26e43af4b5168dbec3118dc9fd84e942285791'

describe('aws4', function() {

  before(function() {
    process.env.AWS_ACCESS_KEY_ID = cred.accessKeyId
    process.env.AWS_SECRET_ACCESS_KEY = cred.secretAccessKey
    delete process.env.AWS_SESSION_TOKEN
  })

  describe('#sign() when constructed with string url', function() {
    it('should parse into request correctly', function() {
      var signer = new RequestSigner('http://sqs.us-east-1.amazonaws.com/')
      signer.request.headers.Date = date
      signer.sign().headers.Authorization.should.equal(auth)
    })

    it('should also support elastic search', function() {
      var signer = new RequestSigner('https://search-cluster-name-aaaaaa0aa00aa0aaaaaaa00aaa.eu-west-1.es.amazonaws.com')
      signer.request.headers.Date = date
      signer.sign().headers.Authorization.should.equal('AWS4-HMAC-SHA256 Credential=ABCDEF/20121226/eu-west-1/es/aws4_request, SignedHeaders=date;host;x-amz-date, Signature=2dba21885bd7ccb0c5775c578c18a5c81fd30db84d4a2911933152df01de5260')
    })
  })

  describe('RequestSigner', function() {
    it('should correctly recognise ses', function() {
      var signer = new RequestSigner('https://email.us-west-2.amazonaws.com')
      signer.service.should.equal('ses')
      signer.region.should.equal('us-west-2')
    })

    it('should correctly recognise es when interacting directly with the es api', function() {
      var signer = new RequestSigner('https://search-cluster-name-aaaaaa0aa00aa0aaaaaaa00aaa.eu-west-1.es.amazonaws.com')
      signer.service.should.equal('es')
      signer.region.should.equal('eu-west-1')
    })

    it('should correctly recognise es when interacting directly with aws\'s es configuration api', function() {
      var signer = new RequestSigner('https://es.us-west-2.amazonaws.com')
      signer.service.should.equal('es')
      signer.region.should.equal('us-west-2')
    })

    it('should correctly recognise sns', function() {
      var signer = new RequestSigner('https://sns.us-west-2.amazonaws.com')
      signer.service.should.equal('sns')
      signer.region.should.equal('us-west-2')
    })

    it('should know global endpoint is us-east-1 for sdb', function() {
      var signer = new RequestSigner('https://sdb.amazonaws.com')
      signer.service.should.equal('sdb')
      signer.region.should.equal('us-east-1')
    })

    it('should not set extra headers for CodeCommit Git access', function() {
      var signer = new RequestSigner({service: 'codecommit', method: 'GIT', host: 'example.com'})
      signer.prepareRequest()
      signer.request.headers.should.deepEqual({Host: 'example.com'})
    })

    it('should not have a "Z" at end of timestamp for CodeCommit Git access', function() {
      var signer = new RequestSigner({service: 'codecommit', method: 'GIT', host: 'example.com'})
      signer.getDateTime().should.not.match(/Z$/)
    })

    it('should not have a body hash in the canonical string for CodeCommit Git access', function() {
      var signer = new RequestSigner({service: 'codecommit', method: 'GIT', host: 'example.com'})
      signer.canonicalString().should.match(/\n$/)
    })
  })

  describe('#sign() with no credentials', function() {
    it('should use process.env values', function() {
      var opts = aws4.sign({service: 'sqs', headers: {Date: date}})
      opts.headers.Authorization.should.equal(auth)
    })
  })

  describe('#sign() with credentials', function() {
    it('should use passed in values', function() {
      var cred = {accessKeyId: 'A', secretAccessKey: 'B'},
          opts = aws4.sign({service: 'sqs', headers: {Date: date}}, cred)
      opts.headers.Authorization.should.equal(
        'AWS4-HMAC-SHA256 Credential=A/20121226/us-east-1/sqs/aws4_request, ' +
        'SignedHeaders=date;host;x-amz-date, ' +
        'Signature=5d8d587b6e3011935837d670e682646012977960d8a8d992503d852726af71b9')
    })
  })

  describe('#sign() with no host or region', function() {
    it('should add hostname and default region', function() {
      var opts = aws4.sign({service: 'sqs'})
      opts.hostname.should.equal('sqs.us-east-1.amazonaws.com')
      opts.headers.Host.should.equal('sqs.us-east-1.amazonaws.com')
    })
    it('should add hostname and no region if service is regionless', function() {
      var opts = aws4.sign({service: 'iam'})
      opts.hostname.should.equal('iam.amazonaws.com')
      opts.headers.Host.should.equal('iam.amazonaws.com')
    })
    it('should add hostname and no region if s3 and us-east-1', function() {
      var opts = aws4.sign({service: 's3'})
      opts.hostname.should.equal('s3.amazonaws.com')
      opts.headers.Host.should.equal('s3.amazonaws.com')
    })
    it('should add hostname and no region if sdb and us-east-1', function() {
      var opts = aws4.sign({service: 'sdb'})
      opts.hostname.should.equal('sdb.amazonaws.com')
      opts.headers.Host.should.equal('sdb.amazonaws.com')
    })
    it('should populate AWS headers correctly', function() {
      var opts = aws4.sign({service: 'sqs', headers: {Date: date}})
      opts.headers['X-Amz-Date'].should.equal(iso)
      opts.headers.Authorization.should.equal(auth)
    })
  })

  describe('#sign() with no host, but with region', function() {
    it('should add correct hostname for regular services', function() {
      var opts = aws4.sign({service: 'glacier', region: 'us-west-1'})
      opts.hostname.should.equal('glacier.us-west-1.amazonaws.com')
      opts.headers.Host.should.equal('glacier.us-west-1.amazonaws.com')
    })
    it('should add correct hostname for s3', function() {
      var opts = aws4.sign({service: 's3', region: 'us-west-1'})
      opts.hostname.should.equal('s3-us-west-1.amazonaws.com')
      opts.headers.Host.should.equal('s3-us-west-1.amazonaws.com')
    })
    it('should add correct hostname for ses', function() {
      var opts = aws4.sign({service: 'ses', region: 'us-west-1'})
      opts.hostname.should.equal('email.us-west-1.amazonaws.com')
      opts.headers.Host.should.equal('email.us-west-1.amazonaws.com')
    })
  })

  describe('#sign() with hostname', function() {
    it('should populate AWS headers correctly', function() {
      var opts = aws4.sign({hostname: 'sqs.us-east-1.amazonaws.com', headers: {Date: date}})
      opts.headers['X-Amz-Date'].should.equal(iso)
      opts.headers.Authorization.should.equal(auth)
    })
    it('should use custom port correctly', function() {
      var opts = aws4.sign({hostname: 'localhost', port: '9000', service: 's3', headers: {Date: date}})
      opts.headers['X-Amz-Date'].should.equal(iso)
      opts.headers.Authorization.should.equal(
        'AWS4-HMAC-SHA256 Credential=ABCDEF/20121226/us-east-1/s3/aws4_request, ' +
        'SignedHeaders=date;host;x-amz-content-sha256;x-amz-date, ' +
        'Signature=6fda8a58c01edfcb6773c15ad5a276a893ce52978a8f5cd1705fae14df78cfd4')
    })
  })

  describe('#sign() with host', function() {
    it('should populate AWS headers correctly', function() {
      var opts = aws4.sign({host: 'sqs.us-east-1.amazonaws.com', headers: {Date: date}})
      opts.headers['X-Amz-Date'].should.equal(iso)
      opts.headers.Authorization.should.equal(auth)
    })
    it('should use custom port correctly', function() {
      var opts = aws4.sign({host: 'localhost', port: '9000', service: 's3', headers: {Date: date}})
      opts.headers['X-Amz-Date'].should.equal(iso)
      opts.headers.Authorization.should.equal(
        'AWS4-HMAC-SHA256 Credential=ABCDEF/20121226/us-east-1/s3/aws4_request, ' +
        'SignedHeaders=date;host;x-amz-content-sha256;x-amz-date, ' +
        'Signature=6fda8a58c01edfcb6773c15ad5a276a893ce52978a8f5cd1705fae14df78cfd4')
    })
  })

  describe('#sign() with body', function() {
    it('should use POST', function() {
      var opts = aws4.sign({body: 'SomeAction'})
      opts.method.should.equal('POST')
    })
    it('should set Content-Type', function() {
      var opts = aws4.sign({body: 'SomeAction'})
      opts.headers['Content-Type'].should.equal('application/x-www-form-urlencoded; charset=utf-8')
    })
  })

  describe('#sign() with many different options', function() {
    it('should populate AWS headers correctly', function() {
      var opts = aws4.sign({
        service: 'dynamodb',
        region: 'ap-southeast-2',
        method: 'DELETE',
        path: '/Some/Path?param=key¶m=otherKey',
        body: 'SomeAction=SomeThing&Whatever=SomeThingElse',
        headers: {
          Date: date,
          'Content-Type': 'application/x-amz-json-1.0',
          'X-Amz-Target': 'DynamoDB_20111205.ListTables',
        },
      })
      opts.headers['X-Amz-Date'].should.equal(iso)
      opts.headers.Authorization.should.equal(
        'AWS4-HMAC-SHA256 Credential=ABCDEF/20121226/ap-southeast-2/dynamodb/aws4_request, ' +
        'SignedHeaders=content-length;content-type;date;host;x-amz-date;x-amz-target, ' +
        'Signature=f9a00417d284dfe2cfdef809652c1d54add4e159835a0c69ac8cbdaa227a5000')
    })
  })

  describe('#sign() with signQuery', function() {
    it('should work with standard services', function() {
      var opts = aws4.sign({
        service: 'dynamodb',
        path: '/?X-Amz-Date=' + iso,
        headers: {
          'Content-Type': 'application/x-amz-json-1.0',
          'X-Amz-Target': 'DynamoDB_20120810.ListTables',
        },
        body: '{}',
        signQuery: true,
      })
      opts.path.should.equal(
        '/?X-Amz-Date=20121226T061030Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&' +
        'X-Amz-Credential=ABCDEF%2F20121226%2Fus-east-1%2Fdynamodb%2Faws4_request&' +
        'X-Amz-SignedHeaders=content-type%3Bhost%3Bx-amz-target&' +
        'X-Amz-Signature=3529a3f866ef85935692c2f2f6e8edb67de2ec91ce79ba5f1dbe28fc66cb154e')
    })
    it('should work with s3', function() {
      var opts = aws4.sign({
        service: 's3',
        path: '/some-bucket?X-Amz-Date=' + iso,
        signQuery: true,
      })
      opts.path.should.equal(
        '/some-bucket?X-Amz-Date=20121226T061030Z&X-Amz-Expires=86400&X-Amz-Algorithm=AWS4-HMAC-SHA256&' +
        'X-Amz-Credential=ABCDEF%2F20121226%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&' +
        'X-Amz-Signature=1acb058aaf5ce6ea6125f03231ab2b64acc9ce05fd70e4c7f087515adc41814a')
    })
    it('should adhere to RFC-3986', function() {
      var opts = aws4.sign({
        service: 's3',
        path: '/some-bucket?a=!\'&b=()*&X-Amz-Date=' + iso,
        signQuery: true,
      })
      opts.path.should.equal(
        '/some-bucket?a=%21%27&b=%28%29%2A&X-Amz-Date=20121226T061030Z&X-Amz-Expires=86400&X-Amz-Algorithm=AWS4-HMAC-SHA256&' +
        'X-Amz-Credential=ABCDEF%2F20121226%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&' +
        'X-Amz-Signature=5f3e8e3406e27471183900f8ee891a6ae40e959c05394b4271a2b5b543d5a14a')
    })
  })

  describe('#sign() with X-Amz-Content-Sha256 header', function() {
    it('should preserve given header', function() {
      var opts = aws4.sign({
        service: 's3',
        method: 'PUT',
        path: '/some-bucket/file.txt',
        body: 'Test Body',
        headers: {
          'X-Amz-Content-Sha256': 'My-Generated-Body-Hash',
        },
      })
      opts.headers['X-Amz-Content-Sha256'].should.equal('My-Generated-Body-Hash')
    })

    it('should use given header in signature calculation', function() {
      var opts = aws4.sign({
        service: 's3',
        method: 'PUT',
        path: '/some-bucket/file.txt',
        body: 'Test Body',
        headers: {
          Date: date,
          'X-Amz-Content-Sha256': 'My-Generated-Body-Hash',
        },
      })
      opts.headers.Authorization.should.equal(
        'AWS4-HMAC-SHA256 Credential=ABCDEF/20121226/us-east-1/s3/aws4_request, ' +
        'SignedHeaders=content-length;content-type;date;host;x-amz-content-sha256;x-amz-date, ' +
        'Signature=afa4074a64185317be81ed18953c6df9ee3a63507e6711ad79a7534f4c0b0c54')
    })

    it('should use given lowercase header in signature calculation', function() {
      var opts = aws4.sign({
        service: 's3',
        method: 'PUT',
        path: '/some-bucket/file.txt',
        body: 'Test Body',
        headers: {
          Date: date,
          'x-amz-content-sha256': 'My-Generated-Body-Hash',
        },
      })
      opts.headers.Authorization.should.equal(
        'AWS4-HMAC-SHA256 Credential=ABCDEF/20121226/us-east-1/s3/aws4_request, ' +
        'SignedHeaders=content-length;content-type;date;host;x-amz-content-sha256;x-amz-date, ' +
        'Signature=afa4074a64185317be81ed18953c6df9ee3a63507e6711ad79a7534f4c0b0c54')
    })
  })

  describe('#signature() with CodeCommit Git access', function() {
    it('should generate signature correctly', function() {
      var signer = new RequestSigner({
        service: 'codecommit',
        host: 'git-codecommit.us-east-1.amazonaws.com',
        method: 'GIT',
        path: '/v1/repos/MyAwesomeRepo',
      })
      signer.request.headers.Date = date
      signer.getDateTime().should.equal('20121226T061030')
      delete signer.request.headers.Date
      signer.signature().should.equal('2a9a182eb6afc3859ee590af942564b53b0c4e5beac2893052515401d06af92a')
    })
  })

  describe('#canonicalString()', function() {
    it('should work with chars > 127 and < 255 with s3', function() {
      var signer = new RequestSigner({service: 's3', path: '/ü'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%C3%BC')
      canonical[2].should.equal('')
      signer.sign().path.should.equal('/%C3%BC')
    })

    it('should work with chars > 127 and < 255 with non-s3', function() {
      var signer = new RequestSigner({service: 'es', path: '/ü'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%25C3%25BC')
      canonical[2].should.equal('')
      signer.sign().path.should.equal('/%C3%BC')
    })

    it('should work with chars > 255 with s3', function() {
      var signer = new RequestSigner({service: 's3', path: '/€'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%E2%82%AC')
      canonical[2].should.equal('')
      signer.sign().path.should.equal('/%E2%82%AC')
    })

    it('should work with chars > 255 with non-s3', function() {
      var signer = new RequestSigner({service: 'es', path: '/€'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%25E2%2582%25AC')
      canonical[2].should.equal('')
      signer.sign().path.should.equal('/%E2%82%AC')
    })

    it('should work with chars > 255 with s3 and signQuery', function() {
      var signer = new RequestSigner({service: 's3', path: '/€', signQuery: true})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%E2%82%AC')
      canonical[2].should.match(new RegExp('^X-Amz-Algorithm=AWS4-HMAC-SHA256&' +
        'X-Amz-Credential=ABCDEF%2F\\d{8}%2Fus-east-1%2Fs3%2Faws4_request&' +
        'X-Amz-Date=\\d{8}T\\d{6}Z&X-Amz-Expires=86400&X-Amz-SignedHeaders=host$'))
    })

    it('should work with chars > 255 with non-s3 and signQuery', function() {
      var signer = new RequestSigner({service: 'es', path: '/€', signQuery: true})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%25E2%2582%25AC')
      canonical[2].should.match(new RegExp('^X-Amz-Algorithm=AWS4-HMAC-SHA256&' +
        'X-Amz-Credential=ABCDEF%2F\\d{8}%2Fus-east-1%2Fes%2Faws4_request&' +
        'X-Amz-Date=\\d{8}T\\d{6}Z&X-Amz-SignedHeaders=host$'))
    })

    it('should work with reserved chars with s3', function() {
      var signer = new RequestSigner({service: 's3', path: '/%41'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/A')
      canonical[2].should.equal('')
      signer.sign().path.should.equal('/%41')
    })

    it('should work with reserved chars with non-s3', function() {
      var signer = new RequestSigner({service: 'es', path: '/%41'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%2541')
      canonical[2].should.equal('')
      signer.sign().path.should.equal('/%41')
    })

    it('should work with RFC-3986 chars with s3', function() {
      var signer = new RequestSigner({service: 's3', path: '/!\'()*@%21%27%28%29%2A?a=A&*=a&@=b'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%21%27%28%29%2A%40%21%27%28%29%2A')
      canonical[2].should.equal('%2A=a&%40=b&a=A')
      signer.sign().path.should.equal('/!\'()*@%21%27%28%29%2A?a=A&%2A=a&%40=b')
    })

    it('should work with RFC-3986 chars with non-s3', function() {
      var signer = new RequestSigner({service: 'es', path: '/!\'()*@%21%27%28%29%2A?a=A&*=a&@=b'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%21%27%28%29%2A%40%2521%2527%2528%2529%252A')
      canonical[2].should.equal('%2A=a&%40=b&a=A')
      signer.sign().path.should.equal('/!\'()*@%21%27%28%29%2A?a=A&%2A=a&%40=b')
    })

    it('should normalize casing on percent encoding with s3', function() {
      var signer = new RequestSigner({service: 's3', path: '/%2a'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%2A')
      canonical[2].should.equal('')
      signer.sign().path.should.equal('/%2a')
    })

    it('should just escape percent encoding on non-s3', function() {
      var signer = new RequestSigner({service: 'es', path: '/%2a'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%252a')
      canonical[2].should.equal('')
      signer.sign().path.should.equal('/%2a')
    })

    it('should decode %2F with s3', function() {
      var signer = new RequestSigner({service: 's3', path: '/%2f%2f'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('///')
      canonical[2].should.equal('')
      signer.sign().path.should.equal('/%2f%2f')
    })

    it('should just escape %2F on non-s3', function() {
      var signer = new RequestSigner({service: 'es', path: '/%2f%2f'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%252f%252f')
      canonical[2].should.equal('')
      signer.sign().path.should.equal('/%2f%2f')
    })

    it('should work with mixed chars > 127 and < 255 and percent encoding with s3', function() {
      var signer = new RequestSigner({service: 's3', path: '/ü%41'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%C3%BCA')
      canonical[2].should.equal('')
      signer.sign().path.should.equal('/%C3%BCA')
    })

    it('should work with mixed chars > 127 and < 255 percent encoding with non-s3', function() {
      var signer = new RequestSigner({service: 'es', path: '/ü%41'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%25C3%25BCA')
      canonical[2].should.equal('')
      signer.sign().path.should.equal('/%C3%BCA')
    })

    it('should work with mixed chars > 127 and < 255 and percent encoding and query params with s3', function() {
      var signer = new RequestSigner({service: 's3', path: '/ü%41?a=%41ü'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%C3%BCA')
      canonical[2].should.equal('a=A%C3%BC')
      signer.sign().path.should.equal('/%C3%BCA?a=A%C3%BC')
    })

    it('should work with mixed chars > 127 and < 255 percent encoding and query params with non-s3', function() {
      var signer = new RequestSigner({service: 'es', path: '/ü%41?a=%41ü'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%25C3%25BCA')
      canonical[2].should.equal('a=A%C3%BC')
      signer.sign().path.should.equal('/%C3%BCA?a=A%C3%BC')
    })

    it('should work with mixed chars > 255 and percent encoding and query params with s3', function() {
      var signer = new RequestSigner({service: 's3', path: '/۟%41?۟=%41۟'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%E2%82%AC%C3%BCA')
      canonical[2].should.equal('%E2%82%AC%C3%BC=A%E2%82%AC%C3%BC')
      signer.sign().path.should.equal('/%E2%82%AC%C3%BCA?%E2%82%AC%C3%BC=A%E2%82%AC%C3%BC')
    })

    it('should work with mixed chars > 255 percent encoding and query params with non-s3', function() {
      var signer = new RequestSigner({service: 'es', path: '/۟%41?۟=%41۟'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%25E2%2582%25AC%25C3%25BCA')
      canonical[2].should.equal('%E2%82%AC%C3%BC=A%E2%82%AC%C3%BC')
      signer.sign().path.should.equal('/%E2%82%AC%C3%BCA?%E2%82%AC%C3%BC=A%E2%82%AC%C3%BC')
    })

    it('should work with %2F in query params with s3', function() {
      var signer = new RequestSigner({service: 's3', path: '/%2f?a=/&/=%2f'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('//')
      canonical[2].should.equal('%2F=%2F&a=%2F')
      signer.sign().path.should.equal('/%2f?a=%2F&%2F=%2F')
    })

    it('should work with %2F in query params with non-s3', function() {
      var signer = new RequestSigner({service: 'es', path: '/%2f?a=/&/=%2f'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/%252f')
      canonical[2].should.equal('%2F=%2F&a=%2F')
      signer.sign().path.should.equal('/%2f?a=%2F&%2F=%2F')
    })

    it('should work with query param order in s3', function() {
      var signer = new RequestSigner({service: 's3', path: '/?a=b&a=B&a=b&a=c'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/')
      canonical[2].should.equal('a=b')
      signer.sign().path.should.equal('/?a=b&a=B&a=b&a=c')
    })

    it('should work with query param order in non-s3', function() {
      var signer = new RequestSigner({service: 'es', path: '/?a=b&a=B&a=b&a=c'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/')
      canonical[2].should.equal('a=B&a=b&a=b&a=c')
      signer.sign().path.should.equal('/?a=b&a=B&a=b&a=c')
    })

    it('should not normalize path in s3', function() {
      var signer = new RequestSigner({service: 's3', path: '//a/b/..//c/.?a=b'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('//a/b/..//c/.')
      canonical[2].should.equal('a=b')
      signer.sign().path.should.equal('//a/b/..//c/.?a=b')
    })

    it('should normalize path in non-s3', function() {
      var signer = new RequestSigner({service: 'es', path: '//a/b/..//c/.?a=b'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/a/c')
      canonical[2].should.equal('a=b')
      signer.sign().path.should.equal('//a/b/..//c/.?a=b')
    })

    it('should normalize path in non-s3 with slash on the end', function() {
      var signer = new RequestSigner({service: 'es', path: '//a/b/..//c/./?a=b'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/a/c/')
      canonical[2].should.equal('a=b')
      signer.sign().path.should.equal('//a/b/..//c/./?a=b')
    })

    it('should deal with complex query params in s3', function() {
      var signer = new RequestSigner({service: 's3', path: '/?&a=&&=&%41&'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/')
      canonical[2].should.equal('A=&a=')
      signer.sign().path.should.equal('/?a=&A=')
    })

    it('should deal with complex query params in non-s3', function() {
      var signer = new RequestSigner({service: 'es', path: '/?&a=&&=&%41&'})
      var canonical = signer.canonicalString().split('\n')

      canonical[1].should.equal('/')
      canonical[2].should.equal('A=&a=')
      signer.sign().path.should.equal('/?a=&A=')
    })

  })

  describe('with AWS test suite', function() {
    var CREDENTIALS = {
      accessKeyId: 'AKIDEXAMPLE',
      secretAccessKey: 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY',
    }
    var SERVICE = 'service'
    var DATETIME = '20150830T123600Z'

    awsFixtures().forEach(function(test) {

      it('should pass ' + test.test, function() {
        var signer = new RequestSigner({
          service: SERVICE,
          method: test.method,
          host: test.host,
          path: test.pathname,
          headers: headerArrayToObject(test.headers),
          body: test.body,
          doNotModifyHeaders: true,
          doNotEncodePath: true,
        }, CREDENTIALS)

        if (signer.datetime == null) {
          signer.datetime = DATETIME
        }

        signer.canonicalString().should.equal(test.canonicalString)
        signer.stringToSign().should.equal(test.stringToSign)
        signer.sign().headers.Authorization.should.equal(test.authHeader)
      })

    })
  })
})


describe('lru', function() {

  it('should return nothing if does not exist yet', function() {
    var cache = lru(5)
    should.not.exist(cache.get('a'))
  })

  it('should return value from single set', function() {
    var cache = lru(5)
    cache.set('a', 'A')
    cache.get('a').should.equal('A')
  })

  it('should return value if just at capacity', function() {
    var cache = lru(5)
    cache.set('a', 'A')
    cache.set('b', 'B')
    cache.set('c', 'C')
    cache.set('d', 'D')
    cache.set('e', 'E')
    cache.get('e').should.equal('E')
    cache.get('d').should.equal('D')
    cache.get('c').should.equal('C')
    cache.get('b').should.equal('B')
    cache.get('a').should.equal('A')
  })

  it('should not return value just over capacity', function() {
    var cache = lru(5)
    cache.set('a', 'A')
    cache.set('b', 'B')
    cache.set('c', 'C')
    cache.set('d', 'D')
    cache.set('e', 'E')
    cache.set('f', 'F')
    cache.get('f').should.equal('F')
    cache.get('e').should.equal('E')
    cache.get('d').should.equal('D')
    cache.get('c').should.equal('C')
    cache.get('b').should.equal('B')
    should.not.exist(cache.get('a'))
  })

  it('should return value if get recently', function() {
    var cache = lru(5)
    cache.set('a', 'A')
    cache.set('b', 'B')
    cache.set('c', 'C')
    cache.set('d', 'D')
    cache.set('e', 'E')
    cache.get('a').should.equal('A')
    cache.set('f', 'F')
    cache.get('f').should.equal('F')
    cache.get('e').should.equal('E')
    cache.get('d').should.equal('D')
    cache.get('c').should.equal('C')
    cache.get('a').should.equal('A')
    should.not.exist(cache.get('b'))
  })

  it('should return value if set recently', function() {
    var cache = lru(5)
    cache.set('a', 'A')
    cache.set('b', 'B')
    cache.set('c', 'C')
    cache.set('d', 'D')
    cache.set('e', 'E')
    cache.set('a', 'AA')
    cache.set('f', 'F')
    cache.get('f').should.equal('F')
    cache.get('e').should.equal('E')
    cache.get('d').should.equal('D')
    cache.get('c').should.equal('C')
    cache.get('a').should.equal('AA')
    should.not.exist(cache.get('b'))
  })

})


function awsFixtures() {
  return matchingFiles(path.join(__dirname, 'aws-sig-v4-test-suite'), /\.req$/).map(function(file) {
    var test = file.split('/').pop().split('.')[0]
    var filePieces = fs.readFileSync(file, 'utf8').trim().split('\n\n')
    var preamble = filePieces[0]
    var body = filePieces[1]
    var lines = (preamble + '\n').split('\n')
    var methodPath = lines[0].split(' ')
    var method = methodPath[0]
    var pathname = methodPath.slice(1, -1).join(' ')
    var headerLines = lines.slice(1).join('\n').split(':')
    var headers = []
    var url = ''
    var host = ''
    for (var i = 0; i < headerLines.length - 1; i++) {
      var name = headerLines[i]
      var newlineIx = headerLines[i + 1].lastIndexOf('\n')
      var value = headerLines[i + 1].slice(0, newlineIx)
      headerLines[i + 1] = headerLines[i + 1].slice(newlineIx + 1)
      if (name.toLowerCase() === 'host') {
        host = value
        url = 'https://' + value + pathname
      } else {
        value.split('\n').forEach(function(v) { headers.push([name, v]) })
      }
    }
    var canonicalString = fs.readFileSync(file.replace(/\.req$/, '.creq'), 'utf8').trim()
    var stringToSign = fs.readFileSync(file.replace(/\.req$/, '.sts'), 'utf8').trim()
    var authHeader = fs.readFileSync(file.replace(/\.req$/, '.authz'), 'utf8').trim()

    return {
      test: test,
      method: method,
      url: url,
      host: host,
      pathname: pathname,
      headers: headers,
      body: body,
      canonicalString: canonicalString,
      stringToSign: stringToSign,
      authHeader: authHeader,
    }
  })
}

function matchingFiles(dir, regex) {
  var ls = fs.readdirSync(dir).map(function(file) { return path.join(dir, file) })
  var dirs = ls.filter(function(file) { return fs.lstatSync(file).isDirectory() })
  var files = ls.filter(regex.test.bind(regex))
  dirs.forEach(function(dir) { files = files.concat(matchingFiles(dir, regex)) })
  return files
}

function headerArrayToObject(headersList) {
  var headers = Object.create(null)
  headersList.forEach(function(headerEntry) {
    var headerName = headerEntry[0]
    var headerValue = headerEntry[1].trim()
    if (headers[headerName] != null) {
      headers[headerName] += ',' + headerValue
    } else {
      headers[headerName] = headerValue
    }
  })
  return headers
}
aws4-1.9.0/test/slow.js000066400000000000000000000301301356732361100147040ustar00rootroot00000000000000const https = require('https')
const { RequestSigner } = require('../')

https.globalAgent.maxSockets = 10

void (async() => {
  let paths = [
    '/ü',
    '/€',
    '/%41',
    '/!\'()*@%21%27%28%29%2A',
    '/%2a',
    '/%2f%2f',
    '/ü%41',
    '/ü%41?a=%41ü',
    '/۟%41?۟=%41۟',
    '/%2f?a=/&/=%2f',
    '/?a=b&a=B&a=b&a=c',
    '//a/b/..//c/.?a=b',
    '//a/b/..//c/./?a=b',
    '/?&a=&&=&%41&',
    '/?a=A&*=a&@=b',
  ]

  let tests = [{
    url: 'https://runtime.sagemaker.us-east-1.amazonaws.com/a=b~ and c * \' (what+ever)!?a=b~ and c * \' @(whatever)!',
    signQuery: true,
    method: 'POST',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'Accept': 'application/json',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{}',
  }, {
    url: 'https://runtime.sagemaker.us-east-1.amazonaws.com/a=b~ and c * \' (what+ever)!?a=b~ and c * \' @(whatever)!',
    signQuery: true,
    method: 'POST',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'Accept': 'application/json',
      'Accept-Encoding': 'gzip, deflate, br',
      'X-Amz-Target': 'SageMaker.ListEndpoints',
    },
    body: '{}',
  }, {
    url: 'https://s3.amazonaws.com/test//`@$^&*()-_+[]{}\\|;:.,<>۟%41=b~ and c * \' //(whatever)!?۟`@$^&*()-_+[]{}\\|;:.,<>=`@$^&*()-_+[]{}\\|;:.,<>%41۟ab~ and c * \' (whatever)!',
    method: 'POST',
    body: '',
  }, {
    url: 'https://s3.amazonaws.com/test//`@$^&*()-_+[]{}\\|;:.,<>۟%41=b~ and c * \' //(whatever)!?۟`@$^&*()-_+[]{}\\|;:.,<>=`@$^&*()-_+[]{}\\|;:.,<>%41۟ab~ and c * \' (whatever)!',
    signQuery: true,
    method: 'POST',
    body: '',
  }]

  paths.forEach(p => tests.push({ url: `https://s3.amazonaws.com/test${p}` }))
  paths.forEach(p => tests.push({ url: `https://s3.amazonaws.com/test${p}`, signQuery: true }))
  paths.forEach(p => tests.push({ url: `https://runtime.sagemaker.us-east-1.amazonaws.com/test${p}` }))
  paths.forEach(p => tests.push({ url: `https://runtime.sagemaker.us-east-1.amazonaws.com/test${p}`, signQuery: true }))

  tests.forEach(test => {
    test.accessKeyId = process.env.AWS_ACCESS_KEY_ID
    test.secretAccessKey = process.env.AWS_SECRET_ACCESS_KEY
    test.sessionToken = process.env.AWS_SESSION_TOKEN
  })

  let okTests = [{
    url: 'https://s3.us-east-1.amazonaws.com/',
  }, {
    url: 'https://sqs.us-east-1.amazonaws.com/?Action=ListQueues',
  }, {
    url: 'https://iam.amazonaws.com/?Action=ListGroups&Version=2010-05-08',
  }, {
    url: 'https://ec2.us-east-1.amazonaws.com/?Action=DescribeRegions&Version=2014-06-15',
  }, {
    url: 'https://sns.us-east-1.amazonaws.com/?Action=ListTopics&Version=2010-03-31',
  }, {
    url: 'https://sts.us-east-1.amazonaws.com/?Action=GetCallerIdentity&Version=2011-06-15',
  }, {
    url: 'https://cloudsearch.us-east-1.amazonaws.com/?Action=ListDomainNames&Version=2013-01-01',
  }, {
    url: 'https://email.us-east-1.amazonaws.com/?Action=ListIdentities&Version=2010-12-01',
  }, {
    url: 'https://autoscaling.us-east-1.amazonaws.com/?Action=DescribeAutoScalingInstances&Version=2011-01-01',
  }, {
    url: 'https://elasticloadbalancing.us-east-1.amazonaws.com/?Action=DescribeLoadBalancers&Version=2012-06-01',
  }, {
    url: 'https://cloudformation.us-east-1.amazonaws.com/?Action=ListStacks&Version=2010-05-15',
  }, {
    url: 'https://elasticbeanstalk.us-east-1.amazonaws.com/?Action=ListAvailableSolutionStacks&Version=2010-12-01',
  }, {
    url: 'https://rds.us-east-1.amazonaws.com/?Action=DescribeDBInstances&Version=2012-09-17',
  }, {
    url: 'https://monitoring.us-east-1.amazonaws.com/?Action=ListMetrics&Version=2010-08-01',
  }, {
    url: 'https://redshift.us-east-1.amazonaws.com/?Action=DescribeClusters&Version=2012-12-01',
  }, {
    url: 'https://cloudfront.amazonaws.com/2014-05-31/distribution',
  }, {
    url: 'https://elasticache.us-east-1.amazonaws.com/?Action=DescribeCacheClusters&Version=2014-07-15',
  }, {
    url: 'https://elasticmapreduce.us-east-1.amazonaws.com/?Action=ListClusters&Version=2009-03-31',
  }, {
    url: 'https://route53.amazonaws.com/2013-04-01/hostedzone',
  }, {
    url: 'https://cognito-sync.us-east-1.amazonaws.com/identitypools',
  }, {
    url: 'https://elastictranscoder.us-east-1.amazonaws.com/2012-09-25/pipelines',
  }, {
    url: 'https://lambda.us-east-1.amazonaws.com/2014-11-13/functions/',
  }, {
    url: 'https://ecs.us-east-1.amazonaws.com/?Action=ListClusters&Version=2014-11-13',
  }, {
    url: 'https://glacier.us-east-1.amazonaws.com/-/vaults',
    headers: {
      'X-Amz-Glacier-Version': '2012-06-01',
      'Accept-Encoding': 'gzip, deflate, br',
    },
  }, {
    url: 'https://dynamodb.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.0',
      'X-Amz-Target': 'DynamoDB_20120810.ListTables',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{}',
  }, {
    service: 'appstream',
    url: 'https://appstream2.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'X-Amz-Target': 'PhotonAdminProxyService.DescribeFleets',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{}',
  }, {
    url: 'https://storagegateway.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'X-Amz-Target': 'StorageGateway_20120630.ListGateways',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{}',
  }, {
    url: 'https://datapipeline.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'X-Amz-Target': 'DataPipeline.ListPipelines',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{}',
  }, {
    url: 'https://opsworks.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'X-Amz-Target': 'OpsWorks_20130218.DescribeStacks',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{}',
  }, {
    url: 'https://route53domains.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'X-Amz-Target': 'Route53Domains_v20140515.ListDomains',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{}',
  }, {
    url: 'https://kinesis.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'X-Amz-Target': 'Kinesis_20131202.ListStreams',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{}',
  }, {
    url: 'https://cloudtrail.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'X-Amz-Target': 'CloudTrail_20131101.DescribeTrails',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{}',
  }, {
    url: 'https://logs.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'X-Amz-Target': 'Logs_20140328.DescribeLogGroups',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{}',
  }, {
    url: 'https://codedeploy.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'X-Amz-Target': 'CodeDeploy_20141006.ListApplications',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{}',
  }, {
    url: 'https://directconnect.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'X-Amz-Target': 'OvertureService.DescribeConnections',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{}',
  }, {
    url: 'https://kms.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'X-Amz-Target': 'TrentService.ListKeys',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{}',
  }, {
    url: 'https://config.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'X-Amz-Target': 'StarlingDoveService.DescribeDeliveryChannels',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{}',
  }, {
    service: 'cloudhsm',
    url: 'https://cloudhsmv2.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'X-Amz-Target': 'BaldrApiService.DescribeClusters',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{}',
  }, {
    url: 'https://swf.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.0',
      'X-Amz-Target': 'SimpleWorkflowService.ListDomains',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{"registrationStatus":"REGISTERED"}',
  }, {
    url: 'https://cognito-identity.us-east-1.amazonaws.com/',
    headers: {
      'Content-Type': 'application/x-amz-json-1.1',
      'X-Amz-Target': 'AWSCognitoIdentityService.ListIdentityPools',
      'Accept-Encoding': 'gzip, deflate, br',
    },
    body: '{"MaxResults": 1}',
  }]

  okTests = okTests.concat(okTests.map(test => Object.assign({ signQuery: true }, test)))

  okTests.forEach(test => {
    test.accessKeyId = process.env.AWS_ACCESS_KEY_ID
    test.secretAccessKey = process.env.AWS_SECRET_ACCESS_KEY
    test.sessionToken = process.env.AWS_SESSION_TOKEN
  })

  try {
    const signed = await getSignedTests(tests)
    const responses = await Promise.all(signed.map(request))

    responses.map((r, i) => {
      if (/InvalidSignatureException|SignatureDoesNotMatch/.test(r.body)) {
        return {
          index: i,
          method: signed[i].method || 'GET',
          path: signed[i].path,
          url: signed[i].url,
          canonicalString: signed[i].canonicalString,
          body: r.body.replace(/&/g, '&'),
        }
      } else {
        console.log('Passed tests ' + i)
      }
    }).filter(Boolean).forEach(({ index, method, path, url, canonicalString, body }) => {
      console.log('Test ' + index)
      console.log(method + ' ' + path)
      console.log('--------------')
      console.log(url)
      console.log('--------------')
      console.log(canonicalString)
      console.log('--------------')
      console.log(body)
      console.log('==============')
    })
  } catch (e) {
    console.error(e)
  }

  try {
    const signed = await getSignedTests(okTests)
    const responses = await Promise.all(signed.map(request))

    responses.map((r, i) => {
      if (r.statusCode !== 200) {
        return {
          index: i,
          method: signed[i].method || 'GET',
          path: signed[i].path,
          url: signed[i].url,
          canonicalString: signed[i].canonicalString,
          body: r.body.replace(/&/g, '&'),
        }
      } else {
        console.log('Passed okTests ' + i)
      }
    }).filter(Boolean).forEach(({ index, method, path, url, canonicalString, body }) => {
      console.log('Test ' + index)
      console.log(method + ' ' + path)
      console.log('--------------')
      console.log(url)
      console.log('--------------')
      console.log(canonicalString)
      console.log('--------------')
      console.log(body)
      console.log('==============')
    })
  } catch (e) {
    console.error(e)
  }
})()

async function getSignedTests(tests) {
  return tests.map(test => {
    var url = test.url
    var urlPieces = url.split('/')
    test.host = urlPieces[2]
    test.path = '/' + urlPieces.slice(3).join('/')
    delete test.url
    test.headers = Object.assign({}, test.headers)
    var signer = new RequestSigner(test)
    var signed = signer.sign()
    signed.canonicalString = signer.canonicalString()
    signed.url = url
    return signed
  })
}

const RETRY_ERRS = ['EADDRINFO', 'ETIMEDOUT', 'ECONNRESET', 'ESOCKETTIMEDOUT', 'ENOTFOUND', 'EMFILE']

async function request(options) {
  options.retries = options.retries || 0
  return new Promise((resolve, reject) => {
    const onError = err => {
      if (RETRY_ERRS.includes(err.code) && options.retries < 5) {
        options.retries++
        return request(options).then(resolve).catch(reject)
      }
      reject(err)
    }
    https.request(options, res => {
      let bufs = []
      res.on('error', onError)
      res.on('data', bufs.push.bind(bufs))
      res.on('end', () => {
        resolve({
          statusCode: res.statusCode,
          headers: res.headers,
          body: Buffer.concat(bufs).toString('utf8'),
        })
      })
    }).on('error', onError).end(options.body)
  })
}