lib/aws/s3/s3_object.rb in aws-sdk-1.30.1 vs lib/aws/s3/s3_object.rb in aws-sdk-1.31.0
- old
+ new
@@ -1136,11 +1136,11 @@
nil
end
# @api private
- REQUEST_PARAMETERS = Request.query_parameters.map do |p|
+ REQUEST_PARAMETERS = Core::Signers::S3::QUERY_PARAMS.map do |p|
p.tr("-","_").to_sym
end
# Generates a presigned URL for an operation on this object.
# This URL can be used by a regular HTTP client to perform the
@@ -1227,32 +1227,29 @@
# x-amz-acl.
#
# @option options [String] :response_content_encoding Sets the
# Content-Encoding header of the response when performing an
# HTTP GET on the returned URL.
+ #
+ # @option options [:v3, :v4] :signature_version (:v3)
+ #
# @return [URI::HTTP, URI::HTTPS]
def url_for(method, options = {})
+
options = options.dup
- options[:secure] = config.use_ssl? unless options.key?(:secure)
options[:expires] = expiration_timestamp(options[:expires])
- options[:acl] = options[:acl].to_s.sub('_', '-') if options[:acl]
+ options[:secure] = config.use_ssl? unless options.key?(:secure)
+ options[:signature_version] ||= config.s3_signature_version
- req = request_for_signing(options)
- req.http_method = http_method(method)
- req.add_param("AWSAccessKeyId", config.credential_provider.access_key_id)
- req.add_param("versionId", options[:version_id]) if options[:version_id]
- req.add_param("Signature", signature(req, options))
- req.add_param("Expires", options[:expires])
- req.add_param("x-amz-acl", options[:acl]) if options[:acl]
- if config.credential_provider.session_token
- req.add_param(
- "x-amz-security-token",
- config.credential_provider.session_token
- )
+ case options[:signature_version]
+ when :v3 then presign_v3(method, options)
+ when :v4 then presign_v4(method, options)
+ else
+ msg = "invalid signature version, expected :v3 or :v4, got "
+ msg << options[:signature_version].inspect
+ raise ArgumentError, msg
end
-
- build_uri(req, options)
end
# Generates a public (not authenticated) URL for the object.
#
# @param [Hash] options Options for generating the URL.
@@ -1295,10 +1292,34 @@
value
end
private
+ def presign_v4(method, options)
+ PresignV4.new(self).presign(method, options)
+ end
+
+ def presign_v3(method, options)
+ options[:acl] = options[:acl].to_s.sub('_', '-') if options[:acl]
+
+ req = request_for_signing(options)
+ req.http_method = http_method(method)
+ req.add_param("AWSAccessKeyId", config.credential_provider.access_key_id)
+ req.add_param("versionId", options[:version_id]) if options[:version_id]
+ req.add_param("Signature", signature(req, options))
+ req.add_param("Expires", options[:expires])
+ req.add_param("x-amz-acl", options[:acl]) if options[:acl]
+ if config.credential_provider.session_token
+ req.add_param(
+ "x-amz-security-token",
+ config.credential_provider.session_token
+ )
+ end
+
+ build_uri(req, options)
+ end
+
# Used to determine if the data needs to be copied in parts
def use_multipart_copy? options
options[:use_multipart_copy]
end
@@ -1410,15 +1431,15 @@
parts << options[:expires]
parts << "x-amz-acl:#{options[:acl]}" if options[:acl]
if token = config.credential_provider.session_token
parts << "x-amz-security-token:#{token}"
end
- parts << request.canonicalized_resource
+ parts << Core::Signers::S3.canonicalized_resource(request)
string_to_sign = parts.join("\n")
secret = config.credential_provider.secret_access_key
- Core::Signer.sign(secret, string_to_sign, 'sha1')
+ Core::Signers::Base.sign(secret, string_to_sign, 'sha1')
end
def expiration_timestamp(input)
input = input.to_int if input.respond_to?(:to_int)
case input