Skip to content

Commit

Permalink
Merge pull request #15 from badslug/sign-other-amz-headers
Browse files Browse the repository at this point in the history 
Sign other amz headers
  • Loading branch information
@badslug
badslug authored May 2, 2017
2 parents b513cd8 + 8d75be9 commit 1c1e5f2
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 12 deletions.
23 changes: 11 additions & 12 deletions AWSSignature4DynamicValue.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ function getParametersString(request, search) {
*/
if (search === null || typeof search === "undefined") {
return ""
}
}

var params = []

Expand Down Expand Up @@ -72,7 +72,7 @@ function getParametersString(request, search) {
* empty.
* Separate the name-value pairs with an ampersand ( & ) (ASCII code 38).
*
* NOTE: Paw already URL encodes parameters before passing them to this
* NOTE: Paw already URL encodes parameters before passing them to this
* extension.
*/
var stringParams = params.map(function(pair) {
Expand Down Expand Up @@ -206,16 +206,15 @@ var AWSSignature4DynamicValue = function() {

// Search for other signed headers to include. We will assume any headers that begin with X-Amz-<*> will be included
var signedHeaders = 'host;x-amz-date'
var headers = '' // The actual headers to sign
var names = request.getHeadersNames()
if (names) {
names.forEach(function(name) {
var lower = name.toLowerCase()
if (lower !== 'x-amz-date' && lower.startsWith('x-amz-')) {
signedHeaders += ';'+lower
headers += lower + ':' + request.getHeaderByName(name, false) + '\n'
}
})
var headers = request.getHeadersArray()
if (headers) {
headers.forEach(function(header) {
var lower = header.name.getEvaluatedString().toLowerCase()
if (lower !== 'x-amz-date' && lower.startsWith('x-amz-')) {
signedHeaders += ';'+lower
headers += lower + ':' + header.value.getEvaluatedString() + '\n'
}
})
}

// Step 1
Expand Down
8 changes: 8 additions & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,11 @@ extensions_dir=$(HOME)/Library/Containers/com.luckymarmot.Paw/Data/Library/Appli
install:
mkdir -p "$(extensions_dir)$(identifier)/"
cp *.js "$(extensions_dir)$(identifier)/"

package:
rm -rf "/tmp/$(identifier)"
mkdir -p "/tmp/$(identifier)/$(identifier)"
cp * "/tmp/$(identifier)/$(identifier)"
cd /tmp/$(identifier); zip AWSSignature4DynamicValue -r -p $(identifier)
mv /tmp/$(identifier)/*.zip ~/Downloads
rm -rf "/tmp/$(identifier)"
2 changes: 2 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,8 @@ Paw.
[start]: http://docs.aws.amazon.com/apigateway/latest/developerguide/getting-started.html
[protect]: http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-method-settings-callers-console.html

> Note: if you are a user of STS temporary credentials, you will also need a header `X-Amz-Security-Token` with your `session token`.
# Issues

* Freeze dynamic values to obtain X-Amz-Date as generated and sent to client
Expand Down

0 comments on commit 1c1e5f2

Please sign in to comment.