Amazon.Runtime.Internal.Auth.AWS3Signer.SignHttp C# (CSharp) Method

AWS3Signer Class Documentation Mostrar archivo Open project: aws/aws-sdk-net

SignHttp() private static method

private static SignHttp ( IRequest request, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey ) : void
request	IRequest
metrics	Amazon.Runtime.Internal.Util.RequestMetrics
awsAccessKeyId	string
awsSecretAccessKey	string
return	void

        private static void SignHttp(IRequest request, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey)
        {
            SigningAlgorithm algorithm = SigningAlgorithm.HmacSHA256;
            string nonce = Guid.NewGuid().ToString();
            string date = AWSSDKUtils.FormattedCurrentTimestampRFC822;
            bool isHttps = IsHttpsRequest(request);

            // Temporarily disabling the AWS3 HTTPS signing scheme and only using AWS3 HTTP
            isHttps = false;

            request.Headers[HeaderKeys.DateHeader] = date;
            request.Headers[HeaderKeys.XAmzDateHeader] = date;

            // Clear out existing auth header (can be there if retry)
            request.Headers.Remove(HeaderKeys.XAmzAuthorizationHeader);

            // AWS3 HTTP requires that we sign the Host header
            // so we have to have it in the request by the time we sign.
            string hostHeader = request.Endpoint.Host;
            if (!request.Endpoint.IsDefaultPort)
                hostHeader += ":" + request.Endpoint.Port;
            request.Headers[HeaderKeys.HostHeader] = hostHeader;

            byte[] bytesToSign = null;
            string stringToSign;
            if (isHttps)
            {
                request.Headers[HeaderKeys.XAmzNonceHeader] = nonce;
                stringToSign = date + nonce;
                bytesToSign = Encoding.UTF8.GetBytes(stringToSign);
            }
            else
            {
                Uri url = request.Endpoint;
                if (!string.IsNullOrEmpty(request.ResourcePath))
                    url = new Uri(request.Endpoint, request.ResourcePath);

                stringToSign = request.HttpMethod + "\n"
                    + GetCanonicalizedResourcePath(url) + "\n"
                    + GetCanonicalizedQueryString(request.Parameters) + "\n"
                    + GetCanonicalizedHeadersForStringToSign(request) + "\n"
                    + GetRequestPayload(request);

                bytesToSign = CryptoUtilFactory.CryptoInstance.ComputeSHA256Hash(Encoding.UTF8.GetBytes(stringToSign));
            }

            metrics.AddProperty(Metric.StringToSign, stringToSign);
            string signature = ComputeHash(bytesToSign, awsSecretAccessKey, algorithm);

            StringBuilder builder = new StringBuilder();
            builder.Append(isHttps ? HTTPS_SCHEME : HTTP_SCHEME);
            builder.Append(" ");
            builder.Append("AWSAccessKeyId=" + awsAccessKeyId + ",");
            builder.Append("Algorithm=" + algorithm.ToString() + ",");

            if (!isHttps)
            {
                builder.Append(GetSignedHeadersComponent(request) + ",");
            }

            builder.Append("Signature=" + signature);
            string authorizationHeader = builder.ToString();
            request.Headers[HeaderKeys.XAmzAuthorizationHeader] = authorizationHeader;
        }

AWS3Signer

GetCanonicalizedHeadersForStringToSign

GetCanonicalizedQueryString

GetCanonicalizedResourcePath

GetHeadersForStringToSign

GetRequestPayload

GetSignedHeadersComponent

IsHttpsRequest

Sign

SignHttp

SignHttps