class Aws::Plugins::S3RequestSigner::SigningHandler
Constants
- V2_REGIONS
List of regions that support older S3 signature versions. All new regions only support signature version 4.
Public Instance Methods
call(context)
click to toggle source
# File lib/aws-sdk-core/plugins/s3_request_signer.rb, line 25 def call(context) require_credentials(context) version = signature_version(context) case version when /v4/ then apply_v4_signature(context) when /s3/ then apply_v2_signature(context) else raise "unsupported signature version #{version.inspect}" end @handler.call(context) end
Private Instance Methods
apply_v2_signature(context)
click to toggle source
# File lib/aws-sdk-core/plugins/s3_request_signer.rb, line 45 def apply_v2_signature(context) Signers::S3.sign(context) end
apply_v4_signature(context)
click to toggle source
# File lib/aws-sdk-core/plugins/s3_request_signer.rb, line 38 def apply_v4_signature(context) Signers::V4.new( context.config.credentials, 's3', context[:cached_sigv4_region] || context.config.sigv4_region, ).sign(context.http_request) end
classic_endpoint?(context)
click to toggle source
# File lib/aws-sdk-core/plugins/s3_request_signer.rb, line 63 def classic_endpoint?(context) context.config.region == 'us-east-1' end
classic_sigv(context)
click to toggle source
When accessing the classic endpoint, s3.amazonaws.com, we don't know the region name. This makes creating a version 4 signature difficult. Choose v4 only if using KMS encryptions, which requires v4.
# File lib/aws-sdk-core/plugins/s3_request_signer.rb, line 70 def classic_sigv(context) if kms_encrypted?(context) :v4 else :s3 end end
kms_encrypted?(context)
click to toggle source
# File lib/aws-sdk-core/plugins/s3_request_signer.rb, line 89 def kms_encrypted?(context) context.params[:server_side_encryption] == 'aws:kms' end
regional_sigv(context)
click to toggle source
# File lib/aws-sdk-core/plugins/s3_request_signer.rb, line 78 def regional_sigv(context) # Drop back to older S3 signature version when uploading objects for # better performance. This optimization may be removed at some point # in favor of always using signature version 4. if V2_REGIONS.include?(context.config.region) uploading_file?(context) && !kms_encrypted?(context) ? :s3 : :v4 else :v4 end end
signature_version(context)
click to toggle source
# File lib/aws-sdk-core/plugins/s3_request_signer.rb, line 49 def signature_version(context) context[:cached_signature_version] || context.config.signature_version || version_by_region(context) end
uploading_file?(context)
click to toggle source
# File lib/aws-sdk-core/plugins/s3_request_signer.rb, line 93 def uploading_file?(context) [:put_object, :upload_part].include?(context.operation_name) && context.http_request.body.size > 0 end
version_by_region(context)
click to toggle source
# File lib/aws-sdk-core/plugins/s3_request_signer.rb, line 55 def version_by_region(context) if classic_endpoint?(context) classic_sigv(context) else regional_sigv(context) end end