sig

package
v1.30.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 26, 2024 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Overview

Package sig This file implements helper functions to validate Streaming AWS Signature Version '4' authorization header.

Index

Constants

View Source
const (
	V4authHeaderName        = "Authorization"
	V4authHeaderPrefix      = "AWS4-HMAC-SHA256"
	AmzDecodedContentLength = "X-Amz-Decoded-Content-Length"
)
View Source
const (
	SlashSeparator = "/"
)

Streaming AWS Signature Version '4' constants.

Variables

View Source
var (
	V4AuthHeaderRegexp      = regexp.MustCompile(`AWS4-HMAC-SHA256 Credential=(?P<AccessKeyId>.{3,20})/(?P<Date>\d{8})/(?P<Region>[\w\-]+)/(?P<Service>[\w\-]+)/aws4_request,\s*SignedHeaders=(?P<SignatureHeaders>[\w\-\;]+),\s*Signature=(?P<Signature>[abcdef0123456789]{64})`)
	V4CredentialScopeRegexp = regexp.MustCompile(`(?P<AccessKeyId>.{3,20})/(?P<Date>\d{8})/(?P<Region>[\w\-]+)/(?P<Service>[\w\-]+)/aws4_request`)
)
View Source
var (
	ErrInvalidByte   = errors.New("invalid byte in chunk length")
	ErrChunkTooLarge = errors.New("http chunk length too large")
)
View Source
var (
	ErrHeaderMalformed = errors.New("header malformed")
)
View Source
var (
	V2AuthHeaderRegexp = regexp.MustCompile(`AWS (?P<AccessKeyId>.{3,20}):(?P<Signature>[A-Za-z0-9+/=]+)`)
)

Functions

func EncodePath

func EncodePath(pathName string) string

EncodePath encode the strings from UTF-8 byte representations to HTML hex escape sequences This is necessary since regular url.Parse() and url.Encode() functions do not support UTF-8 non english characters cannot be parsed due to the nature in which url.Encode() is written This function on the other hand is a direct replacement for url.Encode() technique to support pretty much every UTF-8 character.

func Equal

func Equal(sig1, sig2 []byte) bool

func IsAWSSignedRequest added in v0.48.0

func IsAWSSignedRequest(req *http.Request) bool

func NewSha265Reader

func NewSha265Reader(src io.ReadCloser, sha256Hex string) (io.ReadCloser, error)

func V4Verify

func V4Verify(auth V4Auth, credentials *model.Credential, r *http.Request) error

Types

type JavaV2Signer added in v1.19.0

type JavaV2Signer struct {
	// contains filtered or unexported fields
}

func NewJavaV2SigAuthenticator added in v1.19.0

func NewJavaV2SigAuthenticator(r *http.Request, bareDomain string) *JavaV2Signer

func (*JavaV2Signer) Parse added in v1.19.0

func (j *JavaV2Signer) Parse() (SigContext, error)

func (*JavaV2Signer) Verify added in v1.19.0

func (j *JavaV2Signer) Verify(creds *model.Credential) error

type JavaV2SignerContext added in v1.19.0

type JavaV2SignerContext struct {
	// contains filtered or unexported fields
}

func (*JavaV2SignerContext) GetAccessKeyID added in v1.19.0

func (j *JavaV2SignerContext) GetAccessKeyID() string

type Sha256Reader

type Sha256Reader struct {
	// contains filtered or unexported fields
}

func (*Sha256Reader) Close

func (r *Sha256Reader) Close() error

func (*Sha256Reader) Read

func (r *Sha256Reader) Read(p []byte) (int, error)

func (*Sha256Reader) Verify

func (r *Sha256Reader) Verify() error

type SigAuthenticator

type SigAuthenticator interface {
	Parse() (SigContext, error)
	Verify(*model.Credential) error
}

func ChainedAuthenticator

func ChainedAuthenticator(methods ...SigAuthenticator) SigAuthenticator

type SigContext

type SigContext interface {
	GetAccessKeyID() string
}

type V2SigAuthenticator

type V2SigAuthenticator struct {
	// contains filtered or unexported fields
}

func NewV2SigAuthenticator

func NewV2SigAuthenticator(r *http.Request, bareDomain string) *V2SigAuthenticator

func (*V2SigAuthenticator) Parse

func (a *V2SigAuthenticator) Parse() (SigContext, error)

func (*V2SigAuthenticator) String

func (a *V2SigAuthenticator) String() string

func (*V2SigAuthenticator) Verify

func (a *V2SigAuthenticator) Verify(creds *model.Credential) error

type V4Auth

type V4Auth struct {
	AccessKeyID         string
	Date                string
	Region              string
	Service             string
	SignedHeaders       []string
	SignedHeadersString string
	Signature           string
}

func ParseV4AuthContext

func ParseV4AuthContext(r *http.Request) (V4Auth, error)

func (V4Auth) GetAccessKeyID

func (a V4Auth) GetAccessKeyID() string

type V4Authenticator

type V4Authenticator struct {
	// contains filtered or unexported fields
}

func NewV4Authenticator

func NewV4Authenticator(r *http.Request) *V4Authenticator

func (*V4Authenticator) Parse

func (a *V4Authenticator) Parse() (SigContext, error)

func (*V4Authenticator) String

func (a *V4Authenticator) String() string

func (*V4Authenticator) Verify

func (a *V4Authenticator) Verify(creds *model.Credential) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL