-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsigner_test.go
123 lines (95 loc) · 4.47 KB
/
signer_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
package aws4_test
import (
"net/http"
"testing"
"time"
"github.com/allaboutapps/aws4"
"github.com/allaboutapps/aws4/pkg/credentials"
"github.com/allaboutapps/aws4/pkg/util"
)
func TestSignerSign(t *testing.T) {
req, err := http.NewRequest("GET", "https://iam.amazonaws.com/?Action=ListUsers&Version=2010-05-08", nil)
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
signTime, err := time.Parse(util.TimeFormatISO8601DateTime, "20150830T123600Z")
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
req.Header.Set("Content-Type", "application/x-www-form-urlencoded; charset=utf-8")
req.Header.Set("X-Amz-Date", util.FormatDateTime(signTime))
signer := aws4.NewSignerWithStaticCredentials("AKIDEXAMPLE", "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY", "")
err = signer.Sign(req, nil, "iam", "us-east-1", signTime)
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
expectedAuth := "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/iam/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=5d672d79c15b13162d9279b0855cfba6789a8edb4c82c400e06b5924a6f2b5d7"
if e, g := expectedAuth, req.Header.Get("Authorization"); e != g {
t.Errorf("expected %q, got %q", e, g)
}
}
func TestSignerPresign(t *testing.T) {
req, err := http.NewRequest("GET", "https://iam.amazonaws.com/?Action=ListUsers&Version=2010-05-08", nil)
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
signTime, err := time.Parse(util.TimeFormatISO8601DateTime, "20150830T123600Z")
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
req.Header.Set("Content-Type", "application/x-www-form-urlencoded; charset=utf-8")
req.Header.Set("X-Amz-Date", util.FormatDateTime(signTime))
signer := aws4.NewSignerWithStaticCredentials("AKIDEXAMPLE", "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY", "")
err = signer.Presign(req, nil, "iam", "us-east-1", 60*time.Second, signTime)
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
expectedSig := "63613d9c6a68b0e499ed9beeeabe0c4f3295742554209d6f109fe3c9563f56c3"
q := req.URL.Query()
if e, g := expectedSig, q.Get("X-Amz-Signature"); e != g {
t.Errorf("expected %q, got %q", e, g)
}
}
func TestSignerValidateSigned(t *testing.T) {
signedURL := "https://iam.amazonaws.com/?Action=ListUsers&Version=2010-05-08"
req, err := http.NewRequest("GET", signedURL, nil)
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
signTime, err := time.Parse(util.TimeFormatISO8601DateTime, "20150830T123600Z")
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
req.Header.Set("Content-Type", "application/x-www-form-urlencoded; charset=utf-8")
req.Header.Set("X-Amz-Date", util.FormatDateTime(signTime))
req.Header.Set("Authorization", "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/iam/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=5d672d79c15b13162d9279b0855cfba6789a8edb4c82c400e06b5924a6f2b5d7")
signer := aws4.NewSignerWithTimeNowFunc(credentials.NewStaticProvider("AKIDEXAMPLE", "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY", ""), func() time.Time { return signTime })
sc, err := signer.Validate(req)
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
if e, g := signedURL, sc.Request.URL.String(); e != g {
t.Errorf("expected %q, got %q", e, g)
}
}
func TestSignerValidatePresigned(t *testing.T) {
presignedURL := "https://iam.amazonaws.com/?Action=ListUsers&Version=2010-05-08&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIDEXAMPLE%2F20150830%2Fus-east-1%2Fiam%2Faws4_request&X-Amz-Date=20150830T123600Z&X-Amz-Expires=60&X-Amz-SignedHeaders=content-type%3Bhost%3Bx-amz-date&X-Amz-Signature=63613d9c6a68b0e499ed9beeeabe0c4f3295742554209d6f109fe3c9563f56c3"
req, err := http.NewRequest("GET", presignedURL, nil)
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
signTime, err := time.Parse(util.TimeFormatISO8601DateTime, "20150830T123600Z")
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
req.Header.Set("Content-Type", "application/x-www-form-urlencoded; charset=utf-8")
req.Header.Set("X-Amz-Date", util.FormatDateTime(signTime))
signer := aws4.NewSignerWithTimeNowFunc(credentials.NewStaticProvider("AKIDEXAMPLE", "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY", ""), func() time.Time { return signTime })
sc, err := signer.Validate(req)
if err != nil {
t.Fatalf("expected no error, got %v", err)
}
if e, g := presignedURL, sc.Request.URL.String(); e != g {
t.Errorf("expected %q, got %q", e, g)
}
}