Laravel version update
Laravel version update
This commit is contained in:
Manish Verma
@@ -9,8 +9,6 @@ use Psr\Http\Message\RequestInterface;
|
||||
*/
|
||||
class S3SignatureV4 extends SignatureV4
|
||||
{
|
||||
const UNSIGNED_PAYLOAD = 'UNSIGNED-PAYLOAD';
|
||||
|
||||
/**
|
||||
* Always add a x-amz-content-sha-256 for data integrity.
|
||||
*/
|
||||
@@ -34,7 +32,8 @@ class S3SignatureV4 extends SignatureV4
|
||||
public function presign(
|
||||
RequestInterface $request,
|
||||
CredentialsInterface $credentials,
|
||||
$expires
|
||||
$expires,
|
||||
array $options = []
|
||||
) {
|
||||
if (!$request->hasHeader('x-amz-content-sha256')) {
|
||||
$request = $request->withHeader(
|
||||
@@ -43,7 +42,7 @@ class S3SignatureV4 extends SignatureV4
|
||||
);
|
||||
}
|
||||
|
||||
return parent::presign($request, $credentials, $expires);
|
||||
return parent::presign($request, $credentials, $expires, $options);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -52,7 +51,7 @@ class S3SignatureV4 extends SignatureV4
|
||||
*/
|
||||
protected function getPresignedPayload(RequestInterface $request)
|
||||
{
|
||||
return self::UNSIGNED_PAYLOAD;
|
||||
return SignatureV4::UNSIGNED_PAYLOAD;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -60,6 +59,10 @@ class S3SignatureV4 extends SignatureV4
|
||||
*/
|
||||
protected function createCanonicalizedPath($path)
|
||||
{
|
||||
return '/' . ltrim($path, '/');
|
||||
// Only remove one slash in case of keys that have a preceding slash
|
||||
if (substr($path, 0, 1) === '/') {
|
||||
$path = substr($path, 1);
|
||||
}
|
||||
return '/' . $path;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -114,6 +114,8 @@ class SignatureProvider
|
||||
return $service === 's3'
|
||||
? new S3SignatureV4($service, $region)
|
||||
: new SignatureV4($service, $region);
|
||||
case 'v4-unsigned-body':
|
||||
return new SignatureV4($service, $region, ['unsigned-body' => 'true']);
|
||||
case 'anonymous':
|
||||
return new AnonymousSignature();
|
||||
default:
|
||||
|
||||
@@ -14,6 +14,7 @@ class SignatureV4 implements SignatureInterface
|
||||
{
|
||||
use SignatureTrait;
|
||||
const ISO8601_BASIC = 'Ymd\THis\Z';
|
||||
const UNSIGNED_PAYLOAD = 'UNSIGNED-PAYLOAD';
|
||||
|
||||
/** @var string */
|
||||
private $service;
|
||||
@@ -21,14 +22,21 @@ class SignatureV4 implements SignatureInterface
|
||||
/** @var string */
|
||||
private $region;
|
||||
|
||||
/** @var bool */
|
||||
private $unsigned;
|
||||
|
||||
/**
|
||||
* @param string $service Service name to use when signing
|
||||
* @param string $region Region name to use when signing
|
||||
* @param array $options Array of configuration options used when signing
|
||||
* - unsigned-body: Flag to make request have unsigned payload.
|
||||
* Unsigned body is used primarily for streaming requests.
|
||||
*/
|
||||
public function __construct($service, $region)
|
||||
public function __construct($service, $region, array $options = [])
|
||||
{
|
||||
$this->service = $service;
|
||||
$this->region = $region;
|
||||
$this->unsigned = isset($options['unsigned-body']) ? $options['unsigned-body'] : false;
|
||||
}
|
||||
|
||||
public function signRequest(
|
||||
@@ -43,9 +51,13 @@ class SignatureV4 implements SignatureInterface
|
||||
if ($token = $credentials->getSecurityToken()) {
|
||||
$parsed['headers']['X-Amz-Security-Token'] = [$token];
|
||||
}
|
||||
|
||||
$cs = $this->createScope($sdt, $this->region, $this->service);
|
||||
$payload = $this->getPayload($request);
|
||||
|
||||
if ($payload == self::UNSIGNED_PAYLOAD) {
|
||||
$parsed['headers']['X-Amz-Content-Sha256'] = [$payload];
|
||||
}
|
||||
|
||||
$context = $this->createContext($parsed, $payload);
|
||||
$toSign = $this->createStringToSign($ldt, $cs, $context['creq']);
|
||||
$signingKey = $this->getSigningKey(
|
||||
@@ -67,19 +79,27 @@ class SignatureV4 implements SignatureInterface
|
||||
public function presign(
|
||||
RequestInterface $request,
|
||||
CredentialsInterface $credentials,
|
||||
$expires
|
||||
$expires,
|
||||
array $options = []
|
||||
) {
|
||||
|
||||
$startTimestamp = isset($options['start_time'])
|
||||
? $this->convertToTimestamp($options['start_time'], null)
|
||||
: time();
|
||||
|
||||
$expiresTimestamp = $this->convertToTimestamp($expires, $startTimestamp);
|
||||
|
||||
$parsed = $this->createPresignedRequest($request, $credentials);
|
||||
$payload = $this->getPresignedPayload($request);
|
||||
$httpDate = gmdate(self::ISO8601_BASIC, time());
|
||||
$httpDate = gmdate(self::ISO8601_BASIC, $startTimestamp);
|
||||
$shortDate = substr($httpDate, 0, 8);
|
||||
$scope = $this->createScope($shortDate, $this->region, $this->service);
|
||||
$credential = $credentials->getAccessKeyId() . '/' . $scope;
|
||||
$parsed['query']['X-Amz-Algorithm'] = 'AWS4-HMAC-SHA256';
|
||||
$parsed['query']['X-Amz-Credential'] = $credential;
|
||||
$parsed['query']['X-Amz-Date'] = gmdate('Ymd\THis\Z', time());
|
||||
$parsed['query']['X-Amz-Date'] = gmdate('Ymd\THis\Z', $startTimestamp);
|
||||
$parsed['query']['X-Amz-SignedHeaders'] = 'host';
|
||||
$parsed['query']['X-Amz-Expires'] = $this->convertExpires($expires);
|
||||
$parsed['query']['X-Amz-Expires'] = $this->convertExpires($expiresTimestamp, $startTimestamp);
|
||||
$context = $this->createContext($parsed, $payload);
|
||||
$stringToSign = $this->createStringToSign($httpDate, $scope, $context['creq']);
|
||||
$key = $this->getSigningKey(
|
||||
@@ -127,6 +147,9 @@ class SignatureV4 implements SignatureInterface
|
||||
|
||||
protected function getPayload(RequestInterface $request)
|
||||
{
|
||||
if ($this->unsigned && $request->getUri()->getScheme() == 'https') {
|
||||
return self::UNSIGNED_PAYLOAD;
|
||||
}
|
||||
// Calculate the request signature payload
|
||||
if ($request->hasHeader('X-Amz-Content-Sha256')) {
|
||||
// Handle streaming operations (e.g. Glacier.UploadArchive)
|
||||
@@ -206,7 +229,8 @@ class SignatureV4 implements SignatureInterface
|
||||
'proxy-authorization' => true,
|
||||
'from' => true,
|
||||
'referer' => true,
|
||||
'user-agent' => true
|
||||
'user-agent' => true,
|
||||
'x-amzn-trace-id' => true
|
||||
];
|
||||
|
||||
// Normalize the path as required by SigV4
|
||||
@@ -266,15 +290,24 @@ class SignatureV4 implements SignatureInterface
|
||||
return substr($qs, 0, -1);
|
||||
}
|
||||
|
||||
private function convertExpires($expires)
|
||||
private function convertToTimestamp($dateValue, $relativeTimeBase = null)
|
||||
{
|
||||
if ($expires instanceof \DateTime) {
|
||||
$expires = $expires->getTimestamp();
|
||||
} elseif (!is_numeric($expires)) {
|
||||
$expires = strtotime($expires);
|
||||
if ($dateValue instanceof \DateTimeInterface) {
|
||||
$timestamp = $dateValue->getTimestamp();
|
||||
} elseif (!is_numeric($dateValue)) {
|
||||
$timestamp = strtotime($dateValue,
|
||||
$relativeTimeBase === null ? time() : $relativeTimeBase
|
||||
);
|
||||
} else {
|
||||
$timestamp = $dateValue;
|
||||
}
|
||||
|
||||
$duration = $expires - time();
|
||||
return $timestamp;
|
||||
}
|
||||
|
||||
private function convertExpires($expiresTimestamp, $startTimestamp)
|
||||
{
|
||||
$duration = $expiresTimestamp - $startTimestamp;
|
||||
|
||||
// Ensure that the duration of the signature is not longer than a week
|
||||
if ($duration > 604800) {
|
||||
|
||||
Reference in New Issue
Block a user