class Gem::S3URISigner

S3URISigner implements AWS SigV4 for S3 Source to avoid a dependency on the aws-sdk-* gems More on AWS SigV4: docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html

Constants

BASE64_URI_TRANSLATE
EC2_IAM_INFO
EC2_IAM_SECURITY_CREDENTIALS
S3Config

Attributes

Public Class Methods

# File lib/rubygems/s3_uri_signer.rb, line 31
def initialize(uri)
  @uri = uri
end

Public Instance Methods

Signs S3 URI using query-params according to the reference: docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html

# File lib/rubygems/s3_uri_signer.rb, line 37
def sign(expiration = 86_400)
  s3_config = fetch_s3_config

  current_time = Time.now.utc
  date_time = current_time.strftime("%Y%m%dT%H%m%SZ")
  date = date_time[0,8]

  credential_info = "#{date}/#{s3_config.region}/s3/aws4_request"
  canonical_host = "#{uri.host}.s3.#{s3_config.region}.amazonaws.com"

  query_params = generate_canonical_query_params(s3_config, date_time, credential_info, expiration)
  canonical_request = generate_canonical_request(canonical_host, query_params)
  string_to_sign = generate_string_to_sign(date_time, credential_info, canonical_request)
  signature = generate_signature(s3_config, date, string_to_sign)

  Gem::URI.parse("https://#{canonical_host}#{uri.path}?#{query_params}&X-Amz-Signature=#{signature}")
end