/// <summary>
/// Initializes a new instance of the AwsHttpConnection class with the specified AccessKey, SecretKey and Token.
/// </summary>
/// <param name="awsSettings">AWS specific settings required for signing requests.</param>
public AwsHttpConnection(AwsSettings awsSettings)
{
if (awsSettings == null) throw new ArgumentNullException("awsSettings");
if (string.IsNullOrWhiteSpace(awsSettings.Region)) throw new ArgumentException("awsSettings.Region is invalid.", "awsSettings");
_region = awsSettings.Region.ToLowerInvariant();
var key = GetAccessKey(awsSettings);
var secret = GetSecretKey(awsSettings);
if (!string.IsNullOrWhiteSpace(key) && !string.IsNullOrWhiteSpace(secret))
{
_credentials = new Credentials
{
AccessKey = key,
SecretKey = secret,
Token = awsSettings.Token
};
_authType = AuthType.AccessKey;
}
else
{
_authType = AuthType.InstanceProfile;
}
}
public static void SignRequest(IRequest request, byte[] body, Credentials credentials, string region, string service)
{
var date = DateTime.UtcNow;
var dateStamp = date.ToString("yyyyMMdd");
var amzDate = date.ToString("yyyyMMddTHHmmssZ");
request.Headers.XAmzDate = amzDate;
var signingKey = GetSigningKey(credentials.SecretKey, dateStamp, region, service);
var stringToSign = GetStringToSign(request, body, region, service);
Debug.Write("========== String to Sign ==========\r\n{0}\r\n========== String to Sign ==========\r\n", stringToSign);
var signature = signingKey.GetHmacSha256Hash(stringToSign).ToLowercaseHex();
var auth = string.Format(
"AWS4-HMAC-SHA256 Credential={0}/{1}, SignedHeaders={2}, Signature={3}",
credentials.AccessKey,
GetCredentialScope(dateStamp, region, service),
GetSignedHeaders(request),
signature);
request.Headers.Authorization = auth;
if (!String.IsNullOrWhiteSpace(credentials.Token))
request.Headers.XAmzSecurityToken = credentials.Token;
}
private void RefreshCredentials()
{
var credentials = InstanceProfileService.GetCredentials();
if (credentials == null)
throw new Exception("Unable to retrieve session credentials from instance profile service");
_credentials = new Credentials
{
AccessKey = credentials.AccessKeyId,
SecretKey = credentials.SecretAccessKey,
Token = credentials.Token,
};
}