AWS-Signature4
view release on metacpan or search on metacpan
option of generating a signed URL, so you will want to use
AWS::Signature4 if you need this functionality. Other than that, the
current module is pretty simple to use and hides all of the details of
generating signed requests while remaining generic.
SYNOPSIS
========
<pre>
use AWS::Signature4;
use HTTP::Request::Common;
use LWP;
my $signer = AWS::Signature4->new(-access_key => 'AKIDEXAMPLE',
-secret_key => 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY');
my $ua = LWP::UserAgent->new();
# Example GET request on a URI
my $uri = URI->new('https://iam.amazonaws.com');
$uri->query_form(Action=>'ListUsers',
Version=>'2010-05-08');
lib/AWS/Signature4.pm view on Meta::CPAN
our $VERSION = '1.02';
=head1 NAME
AWS::Signature4 - Create a version4 signature for Amazon Web Services
=head1 SYNOPSIS
use AWS::Signature4;
use HTTP::Request::Common;
use LWP;
my $signer = AWS::Signature4->new(-access_key => 'AKIDEXAMPLE',
-secret_key => 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY');
my $ua = LWP::UserAgent->new();
# Example POST request
my $request = POST('https://iam.amazonaws.com',
[Action=>'ListUsers',
Version=>'2010-05-08']);
lib/AWS/Signature4.pm view on Meta::CPAN
secret_key => $secret,
(defined($args{-security_token}) ? (security_token => $args{-security_token}) : ()),
},ref $self || $self;
}
sub access_key { shift->{access_key } }
sub secret_key { shift->{secret_key } }
=item $signer->sign($request [,$region] [,$payload_sha256_hex])
Given an HTTP::Request object, add the headers required by AWS and
then sign it with a version 4 signature by adding an "Authorization"
header.
The request must include a URL from which the AWS endpoint and service
can be derived, such as "ec2.us-east-1.amazonaws.com." In some cases
(e.g. S3 bucket operations) the endpoint does not indicate the
region. In this case, the region can be forced by passing a defined
value for $region. The current date and time will be added to the
request using an "X-Amz-Date header." To force the date and time to a
fixed value, include the "Date" header in the request.
The request content, or "payload" is retrieved from the HTTP::Request
object by calling its content() method.. Under some circumstances the
payload is not included directly in the request, but is in an external
file that will be uploaded as the request is executed. In this case,
you must pass a second argument containing the results of running
sha256_hex() (from the Digest::SHA module) on the content.
The method returns a true value if successful. On errors, it will
throw an exception.
=item $url = $signer->signed_url($request)
lib/AWS/Signature4.pm view on Meta::CPAN
sub sign {
my $self = shift;
my ($request,$region,$payload_sha256_hex) = @_;
$self->_add_date_header($request);
$self->_sign($request,$region,$payload_sha256_hex);
}
=item my $url $signer->signed_url($request_or_uri [,$expires])
Pass an HTTP::Request, a URI object, or just a plain URL string
containing the proper endpoint and parameters needed for an AWS REST
API Call. This method will return an appropriately signed request as a
URI object, which can be shared with non-AWS users for the purpose of,
e.g., accessing an object in a private S3 bucket.
Pass an optional $expires argument to indicate that the URL will only
be valid for a finite period of time. The value of the argument is in
seconds.
=cut
sub signed_url {
my $self = shift;
my ($arg1,$expires) = @_;
my ($request,$uri);
if (ref $arg1 && UNIVERSAL::isa($arg1,'HTTP::Request')) {
$request = $arg1;
$uri = $request->uri;
my $content = $request->content;
$uri->query($content) if $content;
if (my $date = $request->header('X-Amz-Date') || $request->header('Date')) {
$uri->query_param('Date'=>$date);
}
}
$uri ||= URI->new($arg1);
my $date = $uri->query_param_delete('Date') || $uri->query_param_delete('X-Amz-Date');
$request = HTTP::Request->new(GET=>$uri);
$request->header('Date'=> $date);
$uri = $request->uri; # because HTTP::Request->new() copies the uri!
return $uri if $uri->query_param('X-Amz-Signature');
my $scope = $self->_scope($request);
$uri->query_param('X-Amz-Algorithm' => $self->_algorithm);
$uri->query_param('X-Amz-Credential' => $self->access_key . '/' . $scope);
$uri->query_param('X-Amz-Date' => $self->_datetime($request));
$uri->query_param('X-Amz-Expires' => $expires) if $expires;
lib/AWS/Signature4.pm view on Meta::CPAN
sub _zulu_time {
my $self = shift;
my $request = shift;
my $date = $request->header('Date');
my @datetime = $date ? gmtime(str2time($date)) : gmtime();
return strftime('%Y%m%dT%H%M%SZ',@datetime);
}
sub _hash_canonical_request {
my $self = shift;
my ($request,$hashed_payload) = @_; # (HTTP::Request,sha256_hex($content))
my $method = $request->method;
my $uri = $request->uri;
my $path = $uri->path || '/';
my @params = $uri->query_form;
my $headers = $request->headers;
$hashed_payload ||= sha256_hex($request->content);
# canonicalize query string
my %canonical;
while (my ($key,$value) = splice(@params,0,2)) {
t/01.basic.t view on Meta::CPAN
use strict;
use ExtUtils::MakeMaker;
use FindBin '$Bin';
use constant TEST_COUNT => 11;
use lib "$Bin/lib","$Bin/../lib","$Bin/../blib/lib","$Bin/../blib/arch";
use Test::More tests => TEST_COUNT;
use_ok('AWS::Signature4');
use_ok('HTTP::Request::Common');
my $signer = AWS::Signature4->new(-access_key => 'AKIDEXAMPLE',
-secret_key => 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY');
ok($signer,'AWS::Signature4->new');
my $request = POST('https://iam.amazonaws.com',
[Action=>'ListUsers', Version=>'2010-05-08'],
Date => '1 January 2014 01:00:00 -0500',
);
$signer->sign($request);
( run in 0.422 second using v1.01-cache-2.11-cpan-4505f990765 )