test_signer_v4.R
In paws.common: Paws Low-Level Amazon Web Services API

# Returns a credentials object with a test credential provider.
test_creds <- Credentials(
  provider = list(
    function() {
      list(
        access_key_id = "AKID",
        secret_access_key = "SECRET",
        session_token = "SESSION",
        provider_name = "StaticProvider"
      )
    }
  )
)

test_that("v4_sign_request_handler", {
  metadata <- list(
    endpoints = list("*" = list(endpoint = "s3.{region}.amazonaws.com", global = FALSE)),
    service_name = "s3"
  )
  client <- new_service(metadata, new_handlers("restxml", "s3"), Config())
  client$config$credentials <- test_creds
  client$client_info$signing_region <- "us-east-1"

  op <- new_operation("ListBuckets", "GET", "/", list())
  params <- list()
  data <- tag_add(list(Buckets = list()), list(type = "structure"))
  req <- new_request(client, op, params, data)
  res <- v4_sign_request_handler(req)

  actual <- res$http_request$header[["Authorization"]]
  expected <- "AWS4-HMAC-SHA256 Credential=AKID/\\d{8}/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-security-token, Signature=[0-9a-f]{64}"
  expect_match(actual, expected)
})

test_that("sign with custom URI escape", {
  expected <- "AWS4-HMAC-SHA256 Credential=AKID/19700101/us-east-1/es/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=6601e883cc6d23871fd6c2a394c5677ea2b8c82b04a6446786d64cd74f520967"

  creds <- test_creds
  signer <- Signer(
    credentials = creds,
    disable_uri_path_escaping = TRUE
  )

  host <- "https://subdomain.us-east-1.es.amazonaws.com"
  req <- new_http_request("GET", host, NULL)

  req$url$path <- "/log-*/_search"
  req$url$opaque <- "//subdomain.us-east-1.es.amazonaws.com/log-%2A/_search"

  req <- sign_with_body(signer, req, NULL, "es", "us-east-1", 0, FALSE, unix_time(0, 0))
  actual <- req$header[["Authorization"]]

  expect_equal(actual, expected)
})

test_that("standalone sign with port", {
  cases <- list(
    list(
      description = "default HTTPS port",
      url = "https://estest.us-east-1.es.amazonaws.com:443/_search",
      expected = "AWS4-HMAC-SHA256 Credential=AKID/19700101/us-east-1/es/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=e573fc9aa3a156b720976419319be98fb2824a3abc2ddd895ecb1d1611c6a82d"
    ),
    list(
      description = "default HTTP port",
      url = "http://example.com:80/_search",
      expected = "AWS4-HMAC-SHA256 Credential=AKID/19700101/us-east-1/es/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=54ebe60c4ae03a40948b849e13c333523235f38002e2807059c64a9a8c7cb951"
    ),
    list(
      description = "non-standard HTTP port",
      url = "http://example.com:9200/_search",
      expected = "AWS4-HMAC-SHA256 Credential=AKID/19700101/us-east-1/es/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=cd9d926a460f8d3b58b57beadbd87666dc667e014c0afaa4cea37b2867f51b4f"
    ),
    list(
      description = "non-standard HTTPS port",
      url = "https://example.com:9200/_search",
      expected = "AWS4-HMAC-SHA256 Credential=AKID/19700101/us-east-1/es/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=cd9d926a460f8d3b58b57beadbd87666dc667e014c0afaa4cea37b2867f51b4f"
    )
  )
  for (case in cases) {
    signer <- Signer(test_creds)
    req <- new_http_request("GET", case$url, NULL)
    req <- sign_with_body(signer, req, NULL, "es", "us-east-1", 0, FALSE, unix_time(0, 0))
    actual <- req$header[["Authorization"]]
    expect_equal(actual, case$expected)
  }
})

test_that("standalone presign with port", {
  cases <- list(
    list(
      description = "default HTTPS port",
      url = "https://estest.us-east-1.es.amazonaws.com:443/_search",
      expected = "0abcf61a351063441296febf4b485734d780634fba8cf1e7d9769315c35255d6"
    ),
    list(
      description = "default HTTP port",
      url = "http://example.com:80/_search",
      expected = "fce9976dd6c849c21adfa6d3f3e9eefc651d0e4a2ccd740d43efddcccfdc8179"
    ),
    list(
      description = "non-standard HTTP port",
      url = "http://example.com:9200/_search",
      expected = "f33c25a81c735e42bef35ed5e9f720c43940562e3e616ff0777bf6dde75249b0"
    ),
    list(
      description = "non-standard HTTPS port",
      url = "https://example.com:9200/_search",
      expected = "f33c25a81c735e42bef35ed5e9f720c43940562e3e616ff0777bf6dde75249b0"
    )
  )
  for (case in cases) {
    signer <- Signer(test_creds)
    req <- new_http_request("GET", case$url, NULL)
    req <- sign_with_body(signer, req, NULL, "es", "us-east-1", 5 * 60, TRUE, unix_time(0, 0))
    query_params <- parse_query_string(req$url$raw_query)
    actual <- query_params[["X-Amz-Signature"]]
    expect_equal(actual, case$expected)
  }
})

test_that("presign", {
  signer <- Signer(test_creds)
  req <- new_http_request("POST", "https://dynamodb.us-east-1.amazonaws.com", "{}")
  req$url$opaque <- "//example.org/bucket/key-._~,!@#$%^&*()"
  req$header["X-Amz-Target"] <- "prefix.Operation"
  req$header["Content-Type"] <- "application/x-amz-json-1.0"
  req$header["Content-Length"] <- length(charToRaw(req$body))
  req$header["X-Amz-Meta-Other-Header"] <- "some-value=!@#$%^&* (+)"
  req$header[["X-Amz-Meta-Other-Header_With_Underscore"]] <- c("some-value=!@#$%^&* (+)", "some-value=!@#$%^&* (+)")
  req <- sign_with_body(signer, req, "{}", "dynamodb", "us-east-1", 300, TRUE, unix_time(0, 0))

  q <- parse_query_string(req$url$raw_query)

  expect_equal(q[["X-Amz-Signature"]], "122f0b9e091e4ba84286097e2b3404a1f1f4c4aad479adda95b7dff0ccbe5581")
  expect_equal(q[["X-Amz-Credential"]], "AKID/19700101/us-east-1/dynamodb/aws4_request")
  expect_equal(q[["X-Amz-SignedHeaders"]], "content-length;content-type;host;x-amz-meta-other-header;x-amz-meta-other-header_with_underscore")
  expect_equal(q[["X-Amz-Date"]], "19700101T000000Z")
  expect_equal(q[["X-Amz-Target"]], "prefix.Operation")
})

anonymous_test_creds <- Credentials(
  anonymous = TRUE,
  provider = list(
    function() {
      list(
        access_key_id = "",
        secret_access_key = "",
        session_token = "",
        provider_name = ""
      )
    }
  )
)

test_that("Test anonymous credentials", {
  metadata <- list(
    endpoints = list("*" = list(endpoint = "s3.{region}.amazonaws.com", global = FALSE)),
    service_name = "s3"
  )
  client <- new_service(metadata, new_handlers("restxml", "s3"), Config())
  client$config$credentials <- anonymous_test_creds
  client$client_info$signing_region <- "us-east-1"

  op <- new_operation("ListBuckets", "GET", "/", list())
  params <- list()
  data <- tag_add(list(Buckets = list()), list(type = "structure"))
  req <- new_request(client, op, params, data)
  res <- v4_sign_request_handler(req)

  expect_equal(res$http_request$header[["Authorization"]], "")
  expect_equal(res$http_request$header[["X-Amz-Date"]], "")
  expect_equal(res$http_request$header[["X-Amz-Content-Sha256"]], "")
})

Any scripts or data that you put into this service are public.

paws.common documentation built on Nov. 12, 2023, 1:08 a.m.

rdrr.io home R language documentation Run R code online

CRAN packages Bioconductor packages R-Forge packages GitHub packages

Note that we can't provide technical support on individual packages. You should contact the package authors for that.

paws.common
Paws Low-Level Amazon Web Services API

tests/testthat/test_signer_v4.R
In paws.common: Paws Low-Level Amazon Web Services API

Try the paws.common package in your browser

R Package Documentation

Browse R Packages

We want your feedback!

paws.common Paws Low-Level Amazon Web Services API

tests/testthat/test_signer_v4.R In paws.common: Paws Low-Level Amazon Web Services API

Try the paws.common package in your browser

R Package Documentation

Browse R Packages

We want your feedback!

paws.common
Paws Low-Level Amazon Web Services API

tests/testthat/test_signer_v4.R
In paws.common: Paws Low-Level Amazon Web Services API