private String CreateAuthorization(Byte[] postData,
IDictionary <String, String> headers,
Uri uri,
String service,
String region,
String accessID,
String secretKey)
{
// lock이 없으면 400에러(Protocol Error)가 발생할 수 있다.
lock (_lock)
{
Byte[] contentHash = AWS4SignerBase.CanonicalRequestHashAlgorithm.ComputeHash(postData);
String contentHashString = AWS4SignerBase.ToHexString(contentHash, true);
var signer = new AWS4SignerForPOST
{
EndpointUri = uri,
HttpMethod = "POST",
Service = service,
Region = region
};
String authorization = signer.ComputeSignature(headers, String.Empty, contentHashString, accessID, secretKey);
return(authorization);
}
}
/// <summary>
/// Uploads content to an Amazon S3 object in a single call using Signature V4 authorization.
/// </summary>
public static void Run(string filePath, Stream objectToSave, RegionEndpoint region, string bucketName, string accessKey, string secretKey)
{
var endpointUri = $"https://{bucketName}.s3-{region.SystemName}.amazonaws.com/{filePath}";
var uri = new Uri(endpointUri);
var contentHash = AWS4SignerBase.CanonicalRequestHashAlgorithm.ComputeHash(objectToSave);
objectToSave.Position = 0;
var contentHashString = AWS4SignerBase.ToHexString(contentHash, true);
var headers = new Dictionary <string, string>(StringComparer.OrdinalIgnoreCase)
{
{ AWS4SignerBase.X_Amz_Content_SHA256, contentHashString },
{ AWS4SignerBase.X_Amz_Expires, TimeSpan.FromMinutes(5).TotalSeconds.ToString() },
{ AWS4SignerBase.X_Amz_Acl, "public-read" },
{ "content-length", objectToSave.Length.ToString() },
{ "content-type", "image/*" },
};
var signer = new AWS4SignerForAuthorizationHeader
{
EndpointUri = uri,
HttpMethod = WebRequestMethods.Http.Put,
Service = "s3",
Region = region.SystemName
};
var authorization = signer.ComputeSignature(headers, "", contentHashString, accessKey, secretKey);
headers.Add("Authorization", authorization);
HttpHelpers.InvokeHttpRequest(uri, WebRequestMethods.Http.Put, headers, objectToSave);
}
private static Dictionary <string, string> BuildHeaders(Uri uri, string payload)
{
byte[] contentHash = AWS4SignerBase.CanonicalRequestHashAlgorithm.ComputeHash(Encoding.UTF8.GetBytes(payload));
string contentHashString = AWS4SignerBase.ToHexString(contentHash, true);
var headers = new Dictionary <string, string>
{
{ AWS4SignerBase.X_Amz_Content_SHA256, contentHashString },
{ "content-length", payload.Length.ToString() },
{ "content-type", "text/plain" }
};
var uriWithoutQueryString = new Uri(uri.GetLeftPart(UriPartial.Path));
var signer = new AWS4SignerForAuthorizationHeader
{
EndpointUri = uriWithoutQueryString,
HttpMethod = "POST",
Service = "iotdevicegateway",
Region = "us-east-1"
};
string AWSAccessKey = ConfigHelper.ReadSetting("accesskey");
string AWSSecretKey = ConfigHelper.ReadSetting("secretkey");
string queryStringWithoutLeadingQuestionMark = string.IsNullOrEmpty(uri.Query) ? string.Empty : uri.Query.Substring(1);
var authorization = signer.ComputeSignature(headers, queryStringWithoutLeadingQuestionMark, contentHashString, AWSAccessKey, AWSSecretKey);
headers.Add("Authorization", authorization);
return(headers);
}
private void DoCreate(string awsKey, string awsSecret, string awsToken, string messageInput)
{
var createPath = "create";
var uri = new Uri(string.Format("https://{0}", BuildPath(createPath)));
var bodyJson = JsonUtility.ToJson(new CreateMessageRequest(messageInput));
// Hashing content
var contentHash = AWS4SignerBase.CanonicalRequestHashAlgorithm.ComputeHash(Encoding.UTF8.GetBytes(bodyJson));
var contentHashString = AWS4SignerBase.ToHexString(contentHash, true);
var headers = new Dictionary <string, string> {
{ AWS4SignerBase.X_Amz_Content_SHA256, contentHashString },
{ "content-length", bodyJson.Length.ToString() },
{ "content-type", "application/json" },
{ AWS4SignerBase.X_Amz_Security_Token, awsToken }
};
var signer = new AWS4SignerForPOST {
EndpointUri = uri,
HttpMethod = "POST",
Service = "execute-api",
Region = ApiGatewayRegionField.text
};
var authorization = signer.ComputeSignature(
headers,
string.Empty,
contentHashString,
awsKey,
awsSecret);
headers.Add("Authorization", authorization);
var payloadBytes = Encoding.UTF8.GetBytes(bodyJson);
headers.Remove("Host");
WWW www = new WWW(uri.AbsoluteUri, payloadBytes, headers);
Send(www, (resp => {
if (string.IsNullOrEmpty(www.error))
{
Log(www.text);
}
else
{
Log("Error: " + www.error);
}
}));
}
private Dictionary <string, string> SetHeaders(string body)
{
// hash the Base64 version of the body and pass this to the signer as the body hash
var bodyBytes = Encoding.UTF8.GetBytes(body);
var bodyHash = AWS4SignerBase.CanonicalRequestHashAlgorithm.ComputeHash(bodyBytes);
var bodyHashString = AWS4SignerBase.ToHexString(bodyHash, true);
var headers = new Dictionary <string, string>
{
{ HttpHeaderNames.Content_Length, body.Length.ToString() },
{ HttpHeaderNames.Content_Type, "application/x-amz-json-1.1" },
{ HttpHeaderNames.X_Amz_Content_SHA256, bodyHashString },
{ HttpHeaderNames.X_Amz_Target, $"{serviceName}.GetSecretValue" }
};
this.CalculateAuthorizationHeader(headers, bodyHashString);
return(headers);
}
/// <summary>
/// Runs a http request to the specified endpoint
/// </summary>
/// <param name="endpointUri">
/// "https://service.chime.aws.amazon.com/meetings"
/// </param>
/// <param name="requestType">
/// "POST"
/// </param>
/// <param name="body">
/// new { ClientRequestToken = "75341496-0878-440c-9db1-a7006c25a39f", MediaRegion = "us-east-1" }
/// </param>
/// <param name="service">
/// // service = "chime"
/// </param>
/// <param name="region">
/// "us-east-1"
/// </param>
/// <param name="queryParameters">
/// ""
/// </param>
public static async Task <HttpWebResponse> Run(string endpointUri, string requestType, string service, string region, object body, string queryParameters)
{
var uri = new Uri(endpointUri);
var headers = new Dictionary <string, string>();
var authorization = string.Empty;
string serializedBody = null;
switch (requestType)
{
case Http.Post:
// precompute hash of the body content
serializedBody = JsonConvert.SerializeObject(body);
var contentHash = AWS4SignerBase.CanonicalRequestHashAlgorithm.ComputeHash(Encoding.UTF8.GetBytes(serializedBody));
var contentHashString = AWS4SignerBase.ToHexString(contentHash, true);
headers.Add(AWS4SignerBase.X_Amz_Content_SHA256, contentHashString);
headers.Add("content-length", serializedBody.Length.ToString());
headers.Add("content-type", "text/json");
var postSigner = new AWS4SignerForAuthorizationHeader
{
EndpointUri = uri,
HttpMethod = Http.Post,
Service = service,
Region = region
};
authorization = postSigner.ComputeSignature(headers, queryParameters, contentHashString, Settings.AWSAccessKey, Settings.AWSSecretKey);
// express authorization for this as a header
headers.Add("Authorization", authorization);
return(await HttpHelpers.InvokeHttpRequest(uri, Http.Post, headers, serializedBody));
case Http.Get:
headers.Add(AWS4SignerBase.X_Amz_Content_SHA256, Settings.EMPTY_BODY_SHA256);
headers.Add("content-type", "text/plain");
var getSigner = new AWS4SignerForQueryParameterAuth
{
EndpointUri = uri,
HttpMethod = Http.Get,
Service = service,
Region = region
};
authorization = getSigner.ComputeSignature(headers, queryParameters, Settings.EMPTY_BODY_SHA256, Settings.AWSAccessKey, Settings.AWSSecretKey);
var urlBuilder = new StringBuilder(endpointUri);
if (!string.IsNullOrEmpty(queryParameters))
{
urlBuilder.AppendFormat($"?{queryParameters}");
urlBuilder.AppendFormat($"&{authorization}");
}
else
{
urlBuilder.AppendFormat($"?{authorization}");
}
var presignedUrl = urlBuilder.ToString();
return(await HttpHelpers.InvokeHttpRequest(new Uri(presignedUrl), Http.Get, headers, serializedBody));
default: throw new Exception("Unknown request type");
}
}