Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Normal
Revision Log

source: trip-planner-front/node_modules/aws4/README.md@ 76712b2

Last change on this file since 76712b2 was 6a3a178, checked in by Ema <ema_spirova@…>, 3 years ago
initial commit
Property mode set to `100644`
File size: 6.3 KB

Rev	Line
[6a3a178]	1	aws4
	2	----
	3
	4	[![Build Status](https://api.travis-ci.org/mhart/aws4.png?branch=master)](https://travis-ci.org/github/mhart/aws4)
	5
	6	A small utility to sign vanilla Node.js http(s) request options using Amazon's
	7	[AWS Signature Version 4](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
	8
	9	If you want to sign and send AWS requests in a modern browser, or an environment like [Cloudflare Workers](https://developers.cloudflare.com/workers/), then check out [aws4fetch](https://github.com/mhart/aws4fetch) – otherwise you can also bundle this library for use [in older browsers](./browser).
	10
	11	The only AWS service that doesn't support v4 as of 2020-05-22 is
	12	[SimpleDB](https://docs.aws.amazon.com/AmazonSimpleDB/latest/DeveloperGuide/SDB_API.html)
	13	(it only supports [AWS Signature Version 2](https://github.com/mhart/aws2)).
	14
	15	It also provides defaults for a number of core AWS headers and
	16	request parameters, making it very easy to query AWS services, or
	17	build out a fully-featured AWS library.
	18
	19	Example
	20	-------
	21
	22	```javascript
	23	var https = require('https')
	24	var aws4 = require('aws4')
	25
	26	// to illustrate usage, we'll create a utility function to request and pipe to stdout
	27	function request(opts) { https.request(opts, function(res) { res.pipe(process.stdout) }).end(opts.body \|\| '') }
	28
	29	// aws4 will sign an options object as you'd pass to http.request, with an AWS service and region
	30	var opts = { host: 'my-bucket.s3.us-west-1.amazonaws.com', path: '/my-object', service: 's3', region: 'us-west-1' }
	31
	32	// aws4.sign() will sign and modify these options, ready to pass to http.request
	33	aws4.sign(opts, { accessKeyId: '', secretAccessKey: '' })
	34
	35	// or it can get credentials from process.env.AWS_ACCESS_KEY_ID, etc
	36	aws4.sign(opts)
	37
	38	// for most AWS services, aws4 can figure out the service and region if you pass a host
	39	opts = { host: 'my-bucket.s3.us-west-1.amazonaws.com', path: '/my-object' }
	40
	41	// usually it will add/modify request headers, but you can also sign the query:
	42	opts = { host: 'my-bucket.s3.amazonaws.com', path: '/?X-Amz-Expires=12345', signQuery: true }
	43
	44	// and for services with simple hosts, aws4 can infer the host from service and region:
	45	opts = { service: 'sqs', region: 'us-east-1', path: '/?Action=ListQueues' }
	46
	47	// and if you're using us-east-1, it's the default:
	48	opts = { service: 'sqs', path: '/?Action=ListQueues' }
	49
	50	aws4.sign(opts)
	51	console.log(opts)
	52	/*
	53	{
	54	host: 'sqs.us-east-1.amazonaws.com',
	55	path: '/?Action=ListQueues',
	56	headers: {
	57	Host: 'sqs.us-east-1.amazonaws.com',
	58	'X-Amz-Date': '20121226T061030Z',
	59	Authorization: 'AWS4-HMAC-SHA256 Credential=ABCDEF/20121226/us-east-1/sqs/aws4_request, ...'
	60	}
	61	}
	62	*/
	63
	64	// we can now use this to query AWS
	65	request(opts)
	66	/*
	67	<?xml version="1.0"?>
	68	<ListQueuesResponse xmlns="https://queue.amazonaws.com/doc/2012-11-05/">
	69	...
	70	*/
	71
	72	// aws4 can infer the HTTP method if a body is passed in
	73	// method will be POST and Content-Type: 'application/x-www-form-urlencoded; charset=utf-8'
	74	request(aws4.sign({ service: 'iam', body: 'Action=ListGroups&Version=2010-05-08' }))
	75	/*
	76	<ListGroupsResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
	77	...
	78	*/
	79
	80	// you can specify any custom option or header as per usual
	81	request(aws4.sign({
	82	service: 'dynamodb',
	83	region: 'ap-southeast-2',
	84	method: 'POST',
	85	path: '/',
	86	headers: {
	87	'Content-Type': 'application/x-amz-json-1.0',
	88	'X-Amz-Target': 'DynamoDB_20120810.ListTables'
	89	},
	90	body: '{}'
	91	}))
	92	/*
	93	{"TableNames":[]}
	94	...
	95	*/
	96
	97	// The raw RequestSigner can be used to generate CodeCommit Git passwords
	98	var signer = new aws4.RequestSigner({
	99	service: 'codecommit',
	100	host: 'git-codecommit.us-east-1.amazonaws.com',
	101	method: 'GIT',
	102	path: '/v1/repos/MyAwesomeRepo',
	103	})
	104	var password = signer.getDateTime() + 'Z' + signer.signature()
	105
	106	// see example.js for examples with other services
	107	```
	108
	109	API
	110	---
	111
	112	### aws4.sign(requestOptions, [credentials])
	113
	114	Calculates and populates any necessary AWS headers and/or request
	115	options on `requestOptions`. Returns `requestOptions` as a convenience for chaining.
	116
	117	`requestOptions` is an object holding the same options that the Node.js
	118	[http.request](https://nodejs.org/docs/latest/api/http.html#http_http_request_options_callback)
	119	function takes.
	120
	121	The following properties of `requestOptions` are used in the signing or
	122	populated if they don't already exist:
	123
	124	- `hostname` or `host` (will try to be determined from `service` and `region` if not given)
	125	- `method` (will use `'GET'` if not given or `'POST'` if there is a `body`)
	126	- `path` (will use `'/'` if not given)
	127	- `body` (will use `''` if not given)
	128	- `service` (will try to be calculated from `hostname` or `host` if not given)
	129	- `region` (will try to be calculated from `hostname` or `host` or use `'us-east-1'` if not given)
	130	- `signQuery` (to sign the query instead of adding an `Authorization` header, defaults to false)
	131	- `headers['Host']` (will use `hostname` or `host` or be calculated if not given)
	132	- `headers['Content-Type']` (will use `'application/x-www-form-urlencoded; charset=utf-8'`
	133	if not given and there is a `body`)
	134	- `headers['Date']` (used to calculate the signature date if given, otherwise `new Date` is used)
	135
	136	Your AWS credentials (which can be found in your
	137	[AWS console](https://portal.aws.amazon.com/gp/aws/securityCredentials))
	138	can be specified in one of two ways:
	139
	140	- As the second argument, like this:
	141
	142	```javascript
	143	aws4.sign(requestOptions, {
	144	secretAccessKey: "<your-secret-access-key>",
	145	accessKeyId: "<your-access-key-id>",
	146	sessionToken: "<your-session-token>"
	147	})
	148	```
	149
	150	- From `process.env`, such as this:
	151
	152	```
	153	export AWS_ACCESS_KEY_ID="<your-access-key-id>"
	154	export AWS_SECRET_ACCESS_KEY="<your-secret-access-key>"
	155	export AWS_SESSION_TOKEN="<your-session-token>"
	156	```
	157
	158	(will also use `AWS_ACCESS_KEY` and `AWS_SECRET_KEY` if available)
	159
	160	The `sessionToken` property and `AWS_SESSION_TOKEN` environment variable are optional for signing
	161	with [IAM STS temporary credentials](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html).
	162
	163	Installation
	164	------------
	165
	166	With [npm](https://www.npmjs.com/) do:
	167
	168	```
	169	npm install aws4
	170	```
	171
	172	Can also be used [in the browser](./browser).
	173
	174	Thanks
	175	------
	176
	177	Thanks to [@jed](https://github.com/jed) for his
	178	[dynamo-client](https://github.com/jed/dynamo-client) lib where I first
	179	committed and subsequently extracted this code.
	180
	181	Also thanks to the
	182	[official Node.js AWS SDK](https://github.com/aws/aws-sdk-js) for giving
	183	me a start on implementing the v4 signature.

Note: See TracBrowser for help on using the repository browser.

Download in other formats: