4 * Copyright(c) 2010 LearnBoost <dev@learnboost.com>
12 var crypto = require('crypto')
13 , parse = require('url').parse
38 * Return an "Authorization" header value with the given `options`
39 * in the form of "AWS <key>:<signature>"
41 * @param {Object} options
46 exports.authorization = function(options){
47 return 'AWS ' + options.key + ':' + exports.sign(options)
51 * Simple HMAC-SHA1 Wrapper
53 * @param {Object} options
58 exports.hmacSha1 = function(options){
59 return crypto.createHmac('sha1', options.secret).update(options.message).digest('base64')
63 * Create a base64 sha1 HMAC for `options`.
65 * @param {Object} options
70 exports.sign = function(options){
71 options.message = exports.stringToSign(options)
72 return exports.hmacSha1(options)
76 * Create a base64 sha1 HMAC for `options`.
78 * Specifically to be used with S3 presigned URLs
80 * @param {Object} options
85 exports.signQuery = function(options){
86 options.message = exports.queryStringToSign(options)
87 return exports.hmacSha1(options)
91 * Return a string for sign() with the given `options`.
102 * @param {Object} options
107 exports.stringToSign = function(options){
108 var headers = options.amazonHeaders || ''
109 if (headers) headers += '\n'
113 , options.contentType
114 , options.date.toUTCString()
115 , headers + options.resource
121 * Return a string for sign() with the given `options`, but is meant exclusively
122 * for S3 presigned URLs
129 * @param {Object} options
134 exports.queryStringToSign = function(options){
135 return 'GET\n\n\n' + options.date + '\n' + options.resource
139 * Perform the following:
141 * - ignore non-amazon headers
143 * - sort lexicographically
144 * - trim whitespace between ":"
145 * - join with newline
147 * @param {Object} headers
152 exports.canonicalizeHeaders = function(headers){
154 , fields = Object.keys(headers)
156 for (var i = 0, len = fields.length; i < len; ++i) {
157 var field = fields[i]
158 , val = headers[field]
159 , field = field.toLowerCase()
161 if (0 !== field.indexOf('x-amz')) continue
162 buf.push(field + ':' + val)
164 return buf.sort().join('\n')
168 * Perform the following:
170 * - ignore non sub-resources
171 * - sort lexicographically
173 * @param {String} resource
178 exports.canonicalizeResource = function(resource){
179 var url = parse(resource, true)
180 , path = url.pathname
184 Object.keys(url.query).forEach(function(key){
185 if (!~keys.indexOf(key)) return
186 var val = '' == url.query[key] ? '' : '=' + encodeURIComponent(url.query[key])
190 return path + (buf.length ? '?' + buf.sort().join('&') : '')