How to use the aws4.sign function in aws4
To help you get started, we’ve selected a few aws4 examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
mhart / kinesalite / test / helpers.js View on Github 
function request(options, cb) {
if (typeof options === 'function') { cb = options; options = {} }
cb = once(cb)
for (var key in requestOpts) {
if (options[key] === undefined)
options[key] = requestOpts[key]
}
if (!options.noSign) {
aws4.sign(options)
options.noSign = true // don't sign twice if calling recursively
}
// console.log(options)
(options.ssl ? https : http).request(options, function(res) {
res.on('error', cb)
var chunks = []
res.on('data', function(chunk) { chunks.push(chunk) })
res.on('end', function() {
res.rawBody = Buffer.concat(chunks)
if ((res.headers['content-type'] || '').indexOf('application/x-amz-cbor') !== 0) {
res.body = res.rawBody.toString('utf8')
try { res.body = JSON.parse(res.body) } catch (e) {} // eslint-disable-line no-empty
} else {
try { res.body = cbor.Decoder.decodeFirstSync(res.rawBody) } catch (e) {} // eslint-disable-line no-empty
}
if (res.body.__type == 'LimitExceededException' && /^Rate exceeded/.test(res.body.message))var http = require('http'),
https = require('https'),
aws4 = require('aws4')
// given an options object you could pass to http.request
var opts = {host: 'sqs.us-east-1.amazonaws.com', path: '/?Action=ListQueues'}
// alternatively (as aws4 can infer the host):
opts = {service: 'sqs', region: 'us-east-1', path: '/?Action=ListQueues'}
// alternatively (as us-east-1 is default):
opts = {service: 'sqs', path: '/?Action=ListQueues'}
aws4.sign(opts) // assumes AWS credentials are available in process.env
console.log(opts)
/*
{
host: 'sqs.us-east-1.amazonaws.com',
path: '/?Action=ListQueues',
headers: {
Host: 'sqs.us-east-1.amazonaws.com',
'X-Amz-Date': '20121226T061030Z',
Authorization: 'AWS4-HMAC-SHA256 Credential=ABCDEF/20121226/us-east-1/sqs/aws4_request, ...'
}
}
*/
// we can now use this to query AWS using the standard node.js http API
http.request(opts, function(res) { res.pipe(process.stdout) }).end()self._aws = opts
return self
}
if (opts.sign_version === 4 || opts.sign_version === '4') {
// use aws4
var options = {
host: self.uri.host,
path: self.uri.path,
method: self.method,
headers: {
'content-type': self.getHeader('content-type') || ''
},
body: self.body
}
var signRes = aws4.sign(options, {
accessKeyId: opts.key,
secretAccessKey: opts.secret,
sessionToken: opts.session
})
self.setHeader('authorization', signRes.headers.Authorization)
self.setHeader('x-amz-date', signRes.headers['X-Amz-Date'])
if (signRes.headers['X-Amz-Security-Token']) {
self.setHeader('x-amz-security-token', signRes.headers['X-Amz-Security-Token'])
}
} else {
// default: use aws-sign2
var date = new Date()
self.setHeader('date', date.toUTCString())
var auth = {
key: opts.key,
secret: opts.secret,self._aws = opts
return self
}
if (opts.sign_version == 4 || opts.sign_version == '4') {
// use aws4
var options = {
host: self.uri.host,
path: self.uri.path,
method: self.method,
headers: {
'content-type': self.getHeader('content-type') || ''
},
body: self.body
}
var signRes = aws4.sign(options, {
accessKeyId: opts.key,
secretAccessKey: opts.secret
})
self.setHeader('authorization', signRes.headers.Authorization)
self.setHeader('x-amz-date', signRes.headers['X-Amz-Date'])
}
else {
// default: use aws-sign2
var date = new Date()
self.setHeader('date', date.toUTCString())
var auth =
{ key: opts.key
, secret: opts.secret
, verb: self.method.toUpperCase()
, date: date
, contentType: self.getHeader('content-type') || ''export function createPresignedURL(
{
host = process.env.AWS_IOT_HOST,
path = '/mqtt',
region = process.env.AWS_REGION,
service = 'iotdevicegateway',
accessKeyId = process.env.AWS_ACCESS_KEY_ID,
secretAccessKey = process.env.AWS_SECRET_ACCESS_KEY,
sessionToken = process.env.AWS_SESSION_TOKEN,
// expires = 0, // @TODO: 300, check if this is working http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
} = {},
): string {
const signed = aws4.sign(
{
host,
path,
service,
region,
signQuery: true,
// headers: {
// 'X-Amz-Expires': expires,
// },
},
{
accessKeyId,
secretAccessKey,
},
)self._aws = opts
return self
}
if (opts.sign_version === 4 || opts.sign_version === '4') {
// use aws4
var options = {
host: self.uri.host,
path: self.uri.path,
method: self.method,
headers: {
'content-type': self.getHeader('content-type') || ''
},
body: self.body
}
var signRes = aws4.sign(options, {
accessKeyId: opts.key,
secretAccessKey: opts.secret,
sessionToken: opts.session
})
self.setHeader('authorization', signRes.headers.Authorization)
self.setHeader('x-amz-date', signRes.headers['X-Amz-Date'])
if (signRes.headers['X-Amz-Security-Token']) {
self.setHeader('x-amz-security-token', signRes.headers['X-Amz-Security-Token'])
}
} else {
// default: use aws-sign2
var date = new Date()
self.setHeader('date', date.toUTCString())
var auth = {
key: opts.key,
secret: opts.secret,signRequest(path, method) {
const {accessKeyId, secretAccessKey, sessionToken} = this.session.resource;
return aws4.sign({
signQuery: true,
service: 'imdbapi',
region: 'us-east-1',
method,
host: API_BASE,
path: `${path}?X-Amz-Security-Token=${encodeURIComponent(sessionToken).replace(/[!'()*]/g, escape)}`
}, {
accessKeyId,
secretAccessKey
});
}return new P(function(resolve, reject){
if (!env || !env.accessKeyId || !env.secretAccessKey || !env.region ){
reject(new Error('Config not complete. Run "shepherd config"'));
} else {
var mergedOpts = _.assign({ service: 'apigateway', region: env.region }, opts);
aws4.sign(mergedOpts, env);
var req = https.request(mergedOpts, function(response) {
var body = '';
response.on('data', function(d) { body += d; });
response.on('end', function() {
if (response.statusCode < 200 || response.statusCode > 299) {
reject(body);
} else {
resolve(JSON.parse(body));
}
});
});
req.on('error', reject);
req.end(opts.body || '');
}
});async options => {
const credentials = await chain.resolvePromise()
aws4.sign(options, credentials)
}
]aws4
Signs and prepares requests using AWS Signature Version 4
