in aws-runtime/aws-signing/common/src/aws/sdk/kotlin/runtime/auth/signing/Presigner.kt [87:134]
public suspend fun createPresignedRequest(serviceConfig: ServicePresignConfig, requestConfig: PresignedRequestConfig): HttpRequest {
val crtCredentials = serviceConfig.credentialsProvider.getCredentials().toCrt()
val endpoint = serviceConfig.endpointResolver.resolve(serviceConfig.serviceId, serviceConfig.region)
val signingConfig: AwsSigningConfig = AwsSigningConfig.build {
region = endpoint.credentialScope?.region ?: serviceConfig.region
service = endpoint.credentialScope?.service ?: serviceConfig.signingName
credentials = crtCredentials
signatureType = if (requestConfig.signingLocation == SigningLocation.HEADER) AwsSignatureType.HTTP_REQUEST_VIA_HEADERS else AwsSignatureType.HTTP_REQUEST_VIA_QUERY_PARAMS
signedBodyHeader = AwsSignedBodyHeaderType.X_AMZ_CONTENT_SHA256
signedBodyValue = if (requestConfig.signBody) null else AwsSignedBodyValue.UNSIGNED_PAYLOAD
expirationInSeconds = requestConfig.durationSeconds
useDoubleUriEncode = serviceConfig.useDoubleUriEncode
normalizeUriPath = serviceConfig.normalizeUriPath
}
val unsignedUrl = Url(
scheme = Protocol.HTTPS,
host = endpoint.endpoint.uri.host,
port = endpoint.endpoint.uri.port,
path = requestConfig.path,
parameters = requestConfig.queryString,
)
val request = CrtHttpRequest(
requestConfig.method.name,
unsignedUrl.encodedPath,
aws.sdk.kotlin.crt.http.Headers.build {
append("Host", endpoint.endpoint.uri.host)
appendAll(requestConfig.additionalHeaders.toCrtHeaders())
}
)
val signedRequest = AwsSigner.signRequest(request, signingConfig)
return HttpRequest(
method = HttpMethod.parse(signedRequest.method),
url = Url(
scheme = Protocol.HTTPS,
host = endpoint.endpoint.uri.host,
port = endpoint.endpoint.uri.port,
path = signedRequest.path(),
parameters = signedRequest.queryParameters() ?: QueryParameters.Empty,
encodeParameters = false,
),
headers = signedRequest.headers.toSdkHeaders(),
body = HttpBody.Empty
)
}