view release on metacpan or  search on metacpan

lib/AWS/Signature/V2.pm  view on Meta::CPAN

package AWS::Signature::V2;
use Moo;
use Digest::SHA qw(hmac_sha256_base64);
use URI::Escape;
use Encode qw/decode_utf8/;

our $VERSION = "0.01";

has aws_access_key => (is => 'rw', required => 1, builder => 1);
has aws_secret_key => (is => 'rw', required => 1, builder => 1);

sub _build_aws_access_key { $ENV{AWS_ACCESS_KEY} }
sub _build_aws_secret_key { $ENV{AWS_SECRET_KEY} }

sub sign {
    my ($self, $url) = @_;
    my %eq    = map { split /=/, $_ } split /&/, $url->query();
    my %q     = map { $_ => decode_utf8( uri_unescape( $eq{$_} ) ) } keys %eq;
    $q{Keywords} =~ s/\+/ /g if $q{Keywords};
    $q{AWSAccessKeyId} = $self->aws_access_key;
    $q{Timestamp} ||= do {
        my ( $ss, $mm, $hh, $dd, $mo, $yy ) = gmtime();
        join '',
          sprintf( '%04d-%02d-%02d', $yy + 1900, $mo + 1, $dd ), 'T',
          sprintf( '%02d:%02d:%02d', $hh,        $mm,     $ss ), 'Z';
    };
    $q{Version} ||= '2010-09-01';
    my $sq = join '&',
      map { $_ . '=' . uri_escape_utf8( $q{$_}, "^A-Za-z0-9\-_.~" ) }
      sort keys %q;
    my $tosign = join "\n", 'GET', $url->host, $url->path, $sq;
    my $signature = hmac_sha256_base64( $tosign, $self->aws_secret_key );
    $signature .= '=' while length($signature) % 4;    # padding required
    $q{Signature} = $signature;
    $url->query_form( \%q );
    $url;
}

sub signature {