-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathaws_signed_headers.go
61 lines (54 loc) · 1.48 KB
/
aws_signed_headers.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
package s3
import (
"net/http"
"sort"
"strings"
)
func canonicalAndSignedHeaders(original http.Header) (canonical, signed string) {
lowercaseKeys := map[string]string{} // map[lowercase]original
for key := range original {
if headerEligibleForSigning(key) {
lowercaseKeys[strings.ToLower(key)] = key
}
}
var sortedKeys []string
for key := range lowercaseKeys {
sortedKeys = append(sortedKeys, key)
}
sort.Strings(sortedKeys)
canonicalBuilder := new(strings.Builder)
for _, lowerKey := range sortedKeys {
titleKey := lowercaseKeys[lowerKey]
var values []string
for _, value := range original[titleKey] {
if titleKey == "Host" && strings.Contains(value, ":") {
value = strings.Split(value, ":")[0] // AWS does not include port in signing request.
}
values = append(values, trimHeaderValue(value))
}
canonicalBuilder.WriteString(lowerKey)
canonicalBuilder.WriteString(":")
canonicalBuilder.WriteString(strings.Join(values, ","))
canonicalBuilder.WriteString("\n")
}
return canonicalBuilder.String(), strings.Join(sortedKeys, ";")
}
func trimHeaderValue(value string) string {
value = strings.TrimSpace(value)
for strings.Contains(value, " ") {
value = strings.ReplaceAll(value, " ", " ")
}
return value
}
func headerEligibleForSigning(key string) bool {
if runningAWSTestSuite {
return true
}
switch key {
case "Content-Type", "Content-Md5", "Host":
return true
default:
return strings.HasPrefix(key, "X-Amz")
}
}
var runningAWSTestSuite bool