3 * Copyright 2010 LearnBoost <dev@learnboost.com>
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
19 * Module dependencies.
22 var crypto = require('crypto')
23 , parse = require('url').parse
48 * Return an "Authorization" header value with the given `options`
49 * in the form of "AWS <key>:<signature>"
51 * @param {Object} options
56 function authorization (options) {
57 return 'AWS ' + options.key + ':' + sign(options)
60 module.exports = authorization
61 module.exports.authorization = authorization
64 * Simple HMAC-SHA1 Wrapper
66 * @param {Object} options
71 function hmacSha1 (options) {
72 return crypto.createHmac('sha1', options.secret).update(options.message).digest('base64')
75 module.exports.hmacSha1 = hmacSha1
78 * Create a base64 sha1 HMAC for `options`.
80 * @param {Object} options
85 function sign (options) {
86 options.message = stringToSign(options)
87 return hmacSha1(options)
89 module.exports.sign = sign
92 * Create a base64 sha1 HMAC for `options`.
94 * Specifically to be used with S3 presigned URLs
96 * @param {Object} options
101 function signQuery (options) {
102 options.message = queryStringToSign(options)
103 return hmacSha1(options)
105 module.exports.signQuery= signQuery
108 * Return a string for sign() with the given `options`.
119 * @param {Object} options
124 function stringToSign (options) {
125 var headers = options.amazonHeaders || ''
126 if (headers) headers += '\n'
130 , options.contentType
131 , options.date ? options.date.toUTCString() : ''
132 , headers + options.resource
136 module.exports.queryStringToSign = stringToSign
139 * Return a string for sign() with the given `options`, but is meant exclusively
140 * for S3 presigned URLs
147 * @param {Object} options
152 function queryStringToSign (options){
153 return 'GET\n\n\n' + options.date + '\n' + options.resource
155 module.exports.queryStringToSign = queryStringToSign
158 * Perform the following:
160 * - ignore non-amazon headers
162 * - sort lexicographically
163 * - trim whitespace between ":"
164 * - join with newline
166 * @param {Object} headers
171 function canonicalizeHeaders (headers) {
173 , fields = Object.keys(headers)
175 for (var i = 0, len = fields.length; i < len; ++i) {
176 var field = fields[i]
177 , val = headers[field]
178 , field = field.toLowerCase()
180 if (0 !== field.indexOf('x-amz')) continue
181 buf.push(field + ':' + val)
183 return buf.sort().join('\n')
185 module.exports.canonicalizeHeaders = canonicalizeHeaders
188 * Perform the following:
190 * - ignore non sub-resources
191 * - sort lexicographically
193 * @param {String} resource
198 function canonicalizeResource (resource) {
199 var url = parse(resource, true)
200 , path = url.pathname
204 Object.keys(url.query).forEach(function(key){
205 if (!~keys.indexOf(key)) return
206 var val = '' == url.query[key] ? '' : '=' + encodeURIComponent(url.query[key])
210 return path + (buf.length ? '?' + buf.sort().join('&') : '')
212 module.exports.canonicalizeResource = canonicalizeResource