in pkg/sts.go [108:141]
func (c *Client) generateSignedURL(expiredTime uint) (string, error) {
uid := uuid.NewV4()
rst := uid.String()
queryStr := "SignatureVersion=" + StsSignVersion
queryStr += "&Format=" + RespBodyFormat
queryStr += "&Timestamp=" + url.QueryEscape(time.Now().UTC().Format(TimeFormat))
queryStr += "&RoleArn=" + url.QueryEscape(c.RoleArn)
queryStr += "&RoleSessionName=" + c.SessionName
queryStr += "&AccessKeyId=" + c.AccessKeyId
queryStr += "&SignatureMethod=HMAC-SHA1"
queryStr += "&Version=" + StsAPIVersion
queryStr += "&Action=AssumeRole"
queryStr += "&SignatureNonce=" + rst
queryStr += "&DurationSeconds=" + strconv.FormatUint((uint64)(expiredTime), 10)
// Sort query string
queryParams, err := url.ParseQuery(queryStr)
if err != nil {
return "", err
}
result := queryParams.Encode()
strToSign := HTTPGet + "&" + PercentEncode + "&" + url.QueryEscape(result)
// Generate signature
hashSign := hmac.New(sha1.New, []byte(c.AccessKeySecret+"&"))
hashSign.Write([]byte(strToSign))
signature := base64.StdEncoding.EncodeToString(hashSign.Sum(nil))
// Build url
assumeURL := StsHost + "?" + queryStr + "&Signature=" + url.QueryEscape(signature)
return assumeURL, nil
}