Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support verification of signed requests and other special presigned request behavior #419

Merged
merged 2 commits into from
Mar 21, 2019
Merged

Support verification of signed requests and other special presigned request behavior #419

merged 2 commits into from
Mar 21, 2019

Conversation

kherock
Copy link
Collaborator

@kherock kherock commented Mar 21, 2019
edited
Loading

This includes full support for signature version 2 and partial support for version 4. This also supports specifing x-amz-meta-* headers via query parameters and overriding response headers via response-* query parameters.

The test suite is by no means comprehensive but should cover the most important errors typically encountered. There are a lot of edge cases that I've done my best to handle as accurately as possible.

For future reference, here's the list of the features currently not supported in the signature version 4 implementation:

  • Verification of a provided signature (and calculating signing keys)
  • Verification of content hash for signed payloads
  • Validation of each component of an Authorization header
  • Well-formedness check of Credential, SignedHeaders, and Signature parameters
  • Validation of the date of a Credential parameter
  • Enforcement of the SignedHeaders component

@kherock kherock force-pushed the request-authentication branch 2 times, most recently from e18e3ac to c39cee7 Compare March 21, 2019 06:12
@kherock kherock mentioned this pull request Mar 21, 2019
Merged
24 tasks
kherock added 2 commits March 21, 2019 02:54
@kherock
support verification of signed requests and other special presigned r…
c2f764e 
…equest behavior

This includes full support for signature version 2 and partial support
for version 4. This also supports
specifing x-amz-meta-* headers via query parameters and overriding response headers via response-* query parameters.
@kherock
update README with new credential requirements
51f7431
@kherock kherock force-pushed the request-authentication branch from c39cee7 to 51f7431 Compare March 21, 2019 06:55
@kherock kherock merged commit e52ae83 into next Mar 21, 2019
@kherock kherock deleted the request-authentication branch August 5, 2019 04:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@kherock