in gems/aws-sigv4/lib/aws-sigv4/signer.rb [152:211]
def sign_request(request)
creds = fetch_credentials
http_method = extract_http_method(request)
url = extract_url(request)
headers = downcase_headers(request[:headers])
datetime =
if headers.include? 'x-amz-date'
Time.parse(headers.delete('x-amz-date'))
end
content_sha256 = headers.delete('x-amz-content-sha256')
content_sha256 ||= sha256_hexdigest(request[:body] || '')
sigv4_headers = {}
sigv4_headers['host'] = headers['host'] || host(url)
if headers.include? 'user-agent'
headers['user-agent'] = "#{headers['user-agent']} crt-signer/#{@signing_algorithm}/#{Aws::Sigv4::VERSION}"
sigv4_headers['user-agent'] = headers['user-agent']
end
headers = headers.merge(sigv4_headers)
config = Aws::Crt::Auth::SigningConfig.new(
algorithm: @signing_algorithm,
signature_type: :http_request_headers,
region: @region,
service: @service,
date: datetime,
signed_body_value: content_sha256,
signed_body_header_type: @apply_checksum_header ?
:sbht_content_sha256 : :sbht_none,
credentials: creds,
unsigned_headers: @unsigned_headers,
use_double_uri_encode: @uri_escape_path,
should_normalize_uri_path: @normalize_path,
omit_session_token: @omit_session_token
)
http_request = Aws::Crt::Http::Message.new(
http_method, url.to_s, headers
)
signable = Aws::Crt::Auth::Signable.new(http_request)
signing_result = Aws::Crt::Auth::Signer.sign_request(config, signable)
Signature.new(
headers: sigv4_headers.merge(
downcase_headers(signing_result[:headers])
),
string_to_sign: 'CRT_INTERNAL',
canonical_request: 'CRT_INTERNAL',
content_sha256: content_sha256,
extra: {config: config, signable: signable}
)
end