public static AWS4SigningResult SignRequest(IRequest request, IClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey, string service, string overrideSigningRegion) { request.Headers.Remove("Authorization"); if (!request.Headers.ContainsKey("host")) { string text = request.Endpoint.Host; if (!request.Endpoint.IsDefaultPort) { text = text + ":" + request.Endpoint.Port; } request.Headers.Add("host", text); } DateTime correctedUtcNow = AWSSDKUtils.CorrectedUtcNow; string text2 = overrideSigningRegion ?? AWS4Signer.DetermineSigningRegion(clientConfig, service, request.AlternateEndpoint, request); if (request.Headers.ContainsKey("X-Amz-Content-SHA256")) { request.Headers.Remove("X-Amz-Content-SHA256"); } IDictionary <string, string> sortedHeaders = AWS4Signer.SortHeaders(request.Headers); string text3 = AWS4Signer.CanonicalizeHeaderNames(sortedHeaders); IDictionary <string, string> parametersToCanonicalize = AWS4Signer.GetParametersToCanonicalize(request); parametersToCanonicalize.Add("X-Amz-Algorithm", "AWS4-HMAC-SHA256"); parametersToCanonicalize.Add("X-Amz-Credential", string.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}/{3}/{4}", awsAccessKeyId, AWS4Signer.FormatDateTime(correctedUtcNow, "yyyyMMdd"), text2, service, "aws4_request")); parametersToCanonicalize.Add("X-Amz-Date", AWS4Signer.FormatDateTime(correctedUtcNow, "yyyyMMddTHHmmssZ")); parametersToCanonicalize.Add("X-Amz-SignedHeaders", text3); string canonicalQueryString = AWS4Signer.CanonicalizeQueryParameters(parametersToCanonicalize); string text4 = AWS4Signer.CanonicalizeRequest(request.Endpoint, request.ResourcePath, request.HttpMethod, sortedHeaders, canonicalQueryString, (service == "s3") ? "UNSIGNED-PAYLOAD" : "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"); metrics?.AddProperty(Metric.CanonicalRequest, text4); return(AWS4Signer.ComputeSignature(awsAccessKeyId, awsSecretAccessKey, text2, correctedUtcNow, service, text3, text4, metrics)); }
public void TestSignerWithMutableHeader() { var pipeline = new RuntimePipeline(new MockHandler()); pipeline.AddHandler(new Signer()); pipeline.AddHandler(new CredentialsRetriever(new BasicAWSCredentials("accessKey", "secretKey"))); var context = CreateTestContext(); var signer = new AWS4Signer(); ((RequestContext)context.RequestContext).Signer = signer; // inject a mutable header that the signer should strip out context.RequestContext.Request.Headers[HeaderKeys.XAmznTraceIdHeader] = "stuff"; pipeline.InvokeSync(context); // verify that the header is not in the signature var t = context.RequestContext.Request.Headers[HeaderKeys.AuthorizationHeader]; Assert.IsFalse(t.Contains(HeaderKeys.XAmznTraceIdHeader)); Assert.IsTrue(context.RequestContext.Request.Headers.ContainsKey(HeaderKeys.XAmznTraceIdHeader)); }