Skip to content

Commit d4dcf6f

Browse files
mikpemikpe
committed
aws_signature: add sign_v4a/10 API
1 parent 3729878 commit d4dcf6f

File tree

1 file changed

+39
-0
lines changed

1 file changed

+39
-0
lines changed

src/aws_signature.erl

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,12 +2,51 @@
22
-module(aws_signature).
33

44
-export([sign_v4/9, sign_v4/10, sign_v4_event/7, sign_v4_query_params/7, sign_v4_query_params/8]).
5+
-export([sign_v4a/10]).
56

67
-type header() :: {binary(), binary()}.
78
-type headers() :: [header()].
89
-type query_param() :: {binary(), binary()}.
910
-type query_params() :: [query_param()].
1011

12+
%% @doc Implements the <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html">Asymmetric Signature Version 4 (SigV4a)</a> algorithm.
13+
%%
14+
%% This function takes AWS client credentials and request details,
15+
%% based on which it computes the signature and returns headers
16+
%% extended with the authorization entries.
17+
%%
18+
%% `URL' must be valid, with all components properly escaped.
19+
%% For example, "https://example.com/path%20to" is valid, whereas
20+
%% "https://example.com/path to" is not.
21+
%%
22+
%% It is essential that the provided request details are final
23+
%% and the returned headers are used to make the request. All
24+
%% custom headers need to be assembled before the signature is
25+
%% calculated.
26+
%%
27+
%% The following options are supported:
28+
%%
29+
%% <dl>
30+
%% <dt>`add_payload_hash_header'</dt>
31+
%% <dd>
32+
%% When `true' adds the `X-Amz-Content-Sha256' header to signed requests.
33+
%% Amazon S3 is an example of a service that requires this setting.
34+
%% Defaults to `false'.
35+
%% </dd>
36+
%% <dt>`disable_implicit_payload_hashing'</dt>
37+
%% <dd>
38+
%% When `true' use the "UNSIGNED-PAYLOAD" sentinel instead of computing
39+
%% SHA256 digest of the payload. Defaults to `false'.
40+
%% </dd>
41+
%% </dl>
42+
-spec sign_v4a(binary(), binary(), binary(), [binary()], binary(),
43+
binary(), binary(), headers(), binary(), map())
44+
-> {ok, headers()} | {error, any()}.
45+
sign_v4a(AccessKeyID, SecretAccessKey, SessionToken, Regions,
46+
Service, Method, URL, Headers, Body, Options) ->
47+
aws_sigv4a:sign_request(AccessKeyID, SecretAccessKey, SessionToken, Regions,
48+
Service, Method, URL, Headers, Body, Options).
49+
1150
%% @doc Same as {@link sign_v4/10} with no options.
1251
sign_v4(AccessKeyID, SecretAccessKey, Region, Service, DateTime, Method, URL, Headers, Body) ->
1352
sign_v4(AccessKeyID, SecretAccessKey, Region, Service, DateTime, Method, URL, Headers, Body, []).

0 commit comments

Comments
 (0)