public HttpRequestMessage Sign()

in src/SigV4RequestSigner.cs [92:154]

• 49 lines of code
• 7 McCabe index (conditional complexity)

        public HttpRequestMessage Sign(HttpRequestMessage request, string service, string region, string sessionToken = null)
        {
            var amzdate = DateTimeOffset.UtcNow.ToString("yyyyMMddTHHmmssZ");
            var datestamp = DateTimeOffset.UtcNow.ToString("yyyyMMdd");
            var canonical_request = new StringBuilder();
            var canonicalQueryParams = "";
            var signedHeadersList = new List<string>();
            var signed_headers = "";
            var content = new byte[0];
            var payload_hash = Hash(content);
            var credential_scope = $"{datestamp}/{region}/{service}/aws4_request";
            
            if (string.IsNullOrEmpty(service)) {
                throw new ArgumentOutOfRangeException(nameof(service), service, "Not a valid service.");
            }

            if (string.IsNullOrEmpty(region)) {
                throw new ArgumentOutOfRangeException(nameof(region), region, "Not a valid region.");
            }

            if (request == null) {
                throw new ArgumentNullException(nameof(request));
            }

            if (request.Headers.Host == null) {
                request.Headers.Host = request.RequestUri.Host + ":" + request.RequestUri.Port;
            }
            
            if (sessionToken != null ) {
                request.Headers.Add("x-amz-security-token",sessionToken);
            }

            request.Headers.Add("x-amz-date", amzdate);

            canonicalQueryParams = GetCanonicalQueryParams(request);

            canonical_request.Append(request.Method + "\n");
            canonical_request.Append(request.RequestUri.AbsolutePath + "\n");
            canonical_request.Append(canonicalQueryParams + "\n");

            foreach (var header in request.Headers.OrderBy(a => a.Key.ToLowerInvariant()))
            {
                canonical_request.Append(header.Key.ToLowerInvariant());
                canonical_request.Append(":");
                canonical_request.Append(string.Join(",", header.Value.Select(s => s.Trim())));
                canonical_request.Append("\n");
                signedHeadersList.Add(header.Key.ToLowerInvariant());
            }
            canonical_request.Append("\n");
            
            signed_headers = string.Join(";", signedHeadersList);
            canonical_request.Append(signed_headers + "\n");
            canonical_request.Append(payload_hash);
            
            var string_to_sign = $"{algorithm}\n{amzdate}\n{credential_scope}\n" + Hash(Encoding.UTF8.GetBytes(canonical_request.ToString()));

            var signing_key = GetSignatureKey(_secret_key, datestamp, region, service);
            var signature = ToHexString(HmacSHA256(signing_key, string_to_sign));
            
            request.Headers.TryAddWithoutValidation("Authorization", $"{algorithm} Credential={_access_key}/{credential_scope}, SignedHeaders={signed_headers}, Signature={signature}");
            
            return request;
        }