sign_but_dont

sign_but_dont_send

in gems/aws-sdk-s3/lib/aws-sdk-s3/presigner.rb [191:258]
59 lines of code
10 McCabe index (conditional complexity)

      def sign_but_dont_send(
        req, expires_in, secure, time, unsigned_headers, hoist = true
      )
        x_amz_headers = {}
        http_req = req.context.http_request
        req.handlers.remove(Seahorse::Client::Plugins::ContentLength::Handler)
        req.handlers.remove(Aws::Rest::ContentTypeHandler)
        req.handlers.remove(Aws::Plugins::ChecksumAlgorithm::OptionHandler)
        req.handlers.remove(Aws::Plugins::ChecksumAlgorithm::ChecksumHandler)
        req.handlers.remove(Aws::Plugins::InvocationId::Handler)
        req.handlers.remove(Aws::Plugins::Sign::Handler)
        req.handlers.remove(Aws::S3::Plugins::S3Signer::LegacyHandler)
        req.handle(step: :send) do |context|
          
          if context.config.regional_endpoint
            http_req.endpoint.scheme = secure ? 'https' : 'http'
            http_req.endpoint.port = secure ? 443 : 80
          end

          query = http_req.endpoint.query ? http_req.endpoint.query.split('&') : []
          http_req.headers.each do |key, value|
            next unless key =~ /^x-amz/i

            if hoist
              value = Aws::Sigv4::Signer.uri_escape(value)
              key = Aws::Sigv4::Signer.uri_escape(key)
              
              http_req.headers.delete(key)
              query << "#{key}=#{value}"
            else
              x_amz_headers[key] = value
            end
          end
          http_req.endpoint.query = query.join('&') unless query.empty?

          auth_scheme = context[:auth_scheme]
          scheme_name = auth_scheme['name']
          region = if scheme_name == 'sigv4a'
                     auth_scheme['signingRegionSet'].first
                   else
                     auth_scheme['signingRegion']
                   end
          signer = Aws::Sigv4::Signer.new(
            service: auth_scheme['signingName'] || 's3',
            region: context[:sigv4_region] || region || context.config.region,
            credentials_provider: context[:sigv4_credentials] || context.config.credentials,
            signing_algorithm: scheme_name.to_sym,
            uri_escape_path: !!!auth_scheme['disableDoubleEncoding'],
            normalize_path: !!!auth_scheme['disableNormalizePath'],
            unsigned_headers: unsigned_headers,
            apply_checksum_header: false
          )

          url = signer.presign_url(
            http_method: http_req.http_method,
            url: http_req.endpoint,
            headers: http_req.headers,
            body_digest: 'UNSIGNED-PAYLOAD',
            expires_in: expires_in,
            time: time
          ).to_s

          Seahorse::Client::Response.new(context: context, data: url)
        end
        
        x_amz_headers
      end