Documentation
¶
Overview ¶
Package sig This file implements helper functions to validate Streaming AWS Signature Version '4' authorization header.
Index ¶
- Constants
- Variables
- func EncodePath(pathName string) string
- func Equal(sig1, sig2 []byte) bool
- func IsAWSSignedRequest(req *http.Request) bool
- func NewSha265Reader(src io.ReadCloser, sha256Hex string) (io.ReadCloser, error)
- func V4Verify(auth V4Auth, credentials *model.Credential, r *http.Request) error
- type JavaV2Signer
- type JavaV2SignerContext
- type Sha256Reader
- type SigAuthenticator
- type SigContext
- type V2SigAuthenticator
- type V4Auth
- type V4Authenticator
Constants ¶
View Source
const ( V4authHeaderName = "Authorization" V4authHeaderPrefix = "AWS4-HMAC-SHA256" AmzDecodedContentLength = "X-Amz-Decoded-Content-Length" )
View Source
const (
SlashSeparator = "/"
)
Streaming AWS Signature Version '4' constants.
Variables ¶
View Source
var ( V4AuthHeaderRegexp = regexp.MustCompile(`AWS4-HMAC-SHA256 Credential=(?P<AccessKeyId>.{3,20})/(?P<Date>\d{8})/(?P<Region>[\w\-]+)/(?P<Service>[\w\-]+)/aws4_request,\s*SignedHeaders=(?P<SignatureHeaders>[\w\-\;]+),\s*Signature=(?P<Signature>[abcdef0123456789]{64})`) V4CredentialScopeRegexp = regexp.MustCompile(`(?P<AccessKeyId>.{3,20})/(?P<Date>\d{8})/(?P<Region>[\w\-]+)/(?P<Service>[\w\-]+)/aws4_request`) )
View Source
var ( ErrInvalidByte = errors.New("invalid byte in chunk length") ErrChunkTooLarge = errors.New("http chunk length too large") )
View Source
var (
ErrHeaderMalformed = errors.New("header malformed")
)
View Source
var (
V2AuthHeaderRegexp = regexp.MustCompile(`AWS (?P<AccessKeyId>.{3,20}):(?P<Signature>[A-Za-z0-9+/=]+)`)
)
Functions ¶
func EncodePath ¶
EncodePath encode the strings from UTF-8 byte representations to HTML hex escape sequences This is necessary since regular url.Parse() and url.Encode() functions do not support UTF-8 non english characters cannot be parsed due to the nature in which url.Encode() is written This function on the other hand is a direct replacement for url.Encode() technique to support pretty much every UTF-8 character.
func IsAWSSignedRequest ¶ added in v0.48.0
func NewSha265Reader ¶
func NewSha265Reader(src io.ReadCloser, sha256Hex string) (io.ReadCloser, error)
Types ¶
type JavaV2Signer ¶ added in v1.19.0
type JavaV2Signer struct {
// contains filtered or unexported fields
}
func NewJavaV2SigAuthenticator ¶ added in v1.19.0
func NewJavaV2SigAuthenticator(r *http.Request, bareDomain string) *JavaV2Signer
func (*JavaV2Signer) Parse ¶ added in v1.19.0
func (j *JavaV2Signer) Parse() (SigContext, error)
func (*JavaV2Signer) Verify ¶ added in v1.19.0
func (j *JavaV2Signer) Verify(creds *model.Credential) error
type JavaV2SignerContext ¶ added in v1.19.0
type JavaV2SignerContext struct {
// contains filtered or unexported fields
}
func (*JavaV2SignerContext) GetAccessKeyID ¶ added in v1.19.0
func (j *JavaV2SignerContext) GetAccessKeyID() string
type Sha256Reader ¶
type Sha256Reader struct {
// contains filtered or unexported fields
}
func (*Sha256Reader) Close ¶
func (r *Sha256Reader) Close() error
func (*Sha256Reader) Verify ¶
func (r *Sha256Reader) Verify() error
type SigAuthenticator ¶
type SigAuthenticator interface {
Parse() (SigContext, error)
Verify(*model.Credential) error
}
func ChainedAuthenticator ¶
func ChainedAuthenticator(methods ...SigAuthenticator) SigAuthenticator
type SigContext ¶
type SigContext interface {
GetAccessKeyID() string
}
type V2SigAuthenticator ¶
type V2SigAuthenticator struct {
// contains filtered or unexported fields
}
func NewV2SigAuthenticator ¶
func NewV2SigAuthenticator(r *http.Request, bareDomain string) *V2SigAuthenticator
func (*V2SigAuthenticator) Parse ¶
func (a *V2SigAuthenticator) Parse() (SigContext, error)
func (*V2SigAuthenticator) String ¶
func (a *V2SigAuthenticator) String() string
func (*V2SigAuthenticator) Verify ¶
func (a *V2SigAuthenticator) Verify(creds *model.Credential) error
type V4Auth ¶
type V4Auth struct {
AccessKeyID string
Date string
Region string
Service string
SignedHeaders []string
SignedHeadersString string
Signature string
}
func (V4Auth) GetAccessKeyID ¶
type V4Authenticator ¶
type V4Authenticator struct {
// contains filtered or unexported fields
}
func NewV4Authenticator ¶
func NewV4Authenticator(r *http.Request) *V4Authenticator
func (*V4Authenticator) Parse ¶
func (a *V4Authenticator) Parse() (SigContext, error)
func (*V4Authenticator) String ¶
func (a *V4Authenticator) String() string
func (*V4Authenticator) Verify ¶
func (a *V4Authenticator) Verify(creds *model.Credential) error
Source Files
Click to show internal directories.
Click to hide internal directories.