2014-02-01 21:13:17 -05:00
require 'fog/aws/core'
2011-08-31 16:52:53 -04:00
2010-09-08 17:40:02 -04:00
module Fog
2011-06-15 17:26:43 -04:00
module Storage
class AWS < Fog :: Service
2012-06-18 04:44:51 -04:00
extend Fog :: AWS :: CredentialFetcher :: ServiceMethods
2010-09-08 17:40:02 -04:00
2013-04-12 06:31:10 -04:00
COMPLIANT_BUCKET_NAMES = / ^(?:[a-z]| \ d(?! \ d{0,2}(?: \ . \ d{1,3}){3}$))(?:[a-z0-9]| \ .(?![ \ . \ -])| \ -(?![ \ .])){1,61}[a-z0-9]$ /
2013-04-12 12:37:01 -04:00
DEFAULT_REGION = 'us-east-1'
2013-04-12 06:31:10 -04:00
DEFAULT_SCHEME = 'https'
DEFAULT_SCHEME_PORT = {
'http' = > 80 ,
'https' = > 443
}
VALID_QUERY_KEYS = %w[
acl
cors
delete
lifecycle
location
logging
notification
partNumber
policy
requestPayment
response - cache - control
response - content - disposition
response - content - encoding
response - content - language
response - content - type
response - expires
2013-04-08 20:51:47 -04:00
restore
2013-10-25 14:29:24 -04:00
tagging
2013-04-12 06:31:10 -04:00
torrent
uploadId
uploads
versionId
versioning
versions
website
]
2010-12-16 18:31:24 -05:00
requires :aws_access_key_id , :aws_secret_access_key
2014-12-01 03:14:38 -05:00
recognizes :endpoint , :region , :host , :port , :scheme , :persistent , :use_iam_profile , :aws_session_token , :aws_credentials_expire_at , :path_style , :instrumentor , :instrumentor_name , :aws_signature_version
2011-01-21 23:45:37 -05:00
2012-06-08 19:36:08 -04:00
secrets :aws_secret_access_key , :hmac
2011-08-24 14:50:42 -04:00
model_path 'fog/aws/models/storage'
2010-09-08 17:40:02 -04:00
collection :directories
model :directory
collection :files
model :file
2011-08-24 14:50:42 -04:00
request_path 'fog/aws/requests/storage'
2010-11-15 20:17:37 -05:00
request :abort_multipart_upload
request :complete_multipart_upload
2010-09-08 17:40:02 -04:00
request :copy_object
request :delete_bucket
2012-12-05 13:30:41 -05:00
request :delete_bucket_cors
2012-01-19 14:25:39 -05:00
request :delete_bucket_lifecycle
2011-06-07 21:41:24 -04:00
request :delete_bucket_policy
2011-02-18 15:06:51 -05:00
request :delete_bucket_website
2010-09-08 17:40:02 -04:00
request :delete_object
2012-01-04 08:19:32 -05:00
request :delete_multiple_objects
2013-10-25 14:29:24 -04:00
request :delete_bucket_tagging
2010-09-08 17:40:02 -04:00
request :get_bucket
request :get_bucket_acl
2012-12-05 13:30:41 -05:00
request :get_bucket_cors
2012-01-19 14:25:39 -05:00
request :get_bucket_lifecycle
2010-09-08 17:40:02 -04:00
request :get_bucket_location
request :get_bucket_logging
request :get_bucket_object_versions
2011-06-07 21:41:24 -04:00
request :get_bucket_policy
2013-10-25 14:29:24 -04:00
request :get_bucket_tagging
2010-09-08 17:40:02 -04:00
request :get_bucket_versioning
2011-02-18 15:06:51 -05:00
request :get_bucket_website
2010-09-08 17:40:02 -04:00
request :get_object
request :get_object_acl
request :get_object_torrent
2011-06-27 17:50:32 -04:00
request :get_object_http_url
request :get_object_https_url
2010-09-08 17:40:02 -04:00
request :get_object_url
request :get_request_payment
request :get_service
2014-09-29 01:13:56 -04:00
request :head_bucket
2010-09-08 17:40:02 -04:00
request :head_object
2010-11-15 20:17:37 -05:00
request :initiate_multipart_upload
request :list_multipart_uploads
request :list_parts
2010-10-18 20:56:01 -04:00
request :post_object_hidden_fields
2013-04-08 20:51:47 -04:00
request :post_object_restore
2010-09-08 17:40:02 -04:00
request :put_bucket
request :put_bucket_acl
2012-12-05 13:30:41 -05:00
request :put_bucket_cors
2012-01-19 14:25:39 -05:00
request :put_bucket_lifecycle
2010-09-08 17:40:02 -04:00
request :put_bucket_logging
2011-06-07 21:41:24 -04:00
request :put_bucket_policy
2013-10-25 14:29:24 -04:00
request :put_bucket_tagging
2010-09-08 17:40:02 -04:00
request :put_bucket_versioning
2011-02-18 15:06:51 -05:00
request :put_bucket_website
2010-09-08 17:40:02 -04:00
request :put_object
2010-11-22 02:44:44 -05:00
request :put_object_acl
2010-09-08 17:40:02 -04:00
request :put_object_url
request :put_request_payment
2010-12-21 15:12:30 -05:00
request :sync_clock
2010-11-15 20:17:37 -05:00
request :upload_part
2010-09-08 17:40:02 -04:00
module Utils
2011-08-04 10:41:02 -04:00
attr_accessor :region
2010-11-05 14:37:12 -04:00
def cdn
@cdn || = Fog :: AWS :: CDN . new (
:aws_access_key_id = > @aws_access_key_id ,
2012-06-18 04:44:51 -04:00
:aws_secret_access_key = > @aws_secret_access_key ,
:use_iam_profile = > @use_iam_profile
2010-11-05 14:37:12 -04:00
)
end
2011-06-27 17:50:32 -04:00
def http_url ( params , expires )
2013-04-12 06:31:10 -04:00
signed_url ( params . merge ( :scheme = > 'http' ) , expires )
2011-06-27 17:50:32 -04:00
end
def https_url ( params , expires )
2013-04-12 06:31:10 -04:00
signed_url ( params . merge ( :scheme = > 'https' ) , expires )
2011-06-27 17:50:32 -04:00
end
2010-09-08 17:40:02 -04:00
def url ( params , expires )
2011-10-19 15:49:34 -04:00
Fog :: Logger . deprecation ( " Fog::Storage::AWS => # url is deprecated, use # https_url instead [light_black]( #{ caller . first } )[/] " )
2011-06-27 17:50:32 -04:00
https_url ( params , expires )
end
2013-04-12 06:31:10 -04:00
def request_url ( params )
params = request_params ( params )
params_to_url ( params )
end
def signed_url ( params , expires )
2014-11-02 12:07:10 -05:00
#convert expires from a point in time to a delta to now
now = Fog :: Time . now
expires = expires . to_i - now . to_i
params [ :headers ] || = { }
params [ :query ] || = { }
params [ :query ] [ 'X-Amz-Expires' ] = expires
params [ :query ] [ 'X-Amz-Date' ] = now . to_iso8601_basic
2013-11-29 11:29:26 -05:00
if @aws_session_token
2014-11-02 12:07:10 -05:00
params [ :query ] [ 'X-Amz-Security-Token' ] = @aws_session_token
2013-11-29 11:29:26 -05:00
end
2014-11-02 12:07:10 -05:00
2013-04-12 06:31:10 -04:00
params = request_params ( params )
2014-11-02 12:07:10 -05:00
params [ :headers ] [ :host ] = params [ :host ]
2013-04-12 06:31:10 -04:00
2014-11-02 12:07:10 -05:00
signature = @signer . signature_parameters ( params , now , " UNSIGNED-PAYLOAD " )
params [ :query ] = ( params [ :query ] || { } ) . merge ( signature )
2013-04-12 06:31:10 -04:00
params_to_url ( params )
end
2011-06-27 17:50:32 -04:00
private
2013-04-12 06:31:10 -04:00
def region_to_host ( region = nil )
case region . to_s
when DEFAULT_REGION , ''
's3.amazonaws.com'
else
" s3- #{ region } .amazonaws.com "
2012-04-22 22:16:19 -04:00
end
2013-04-12 06:31:10 -04:00
end
def object_to_path ( object_name = nil )
2013-10-16 09:23:02 -04:00
'/' + escape ( object_name . to_s ) . gsub ( '%2F' , '/' )
2013-04-12 06:31:10 -04:00
end
2013-04-16 09:40:52 -04:00
def bucket_to_path ( bucket_name , path = nil )
2013-10-16 09:23:02 -04:00
" / #{ escape ( bucket_name . to_s ) } #{ path } "
end
2013-10-24 11:01:43 -04:00
# NOTE: differs from Fog::AWS.escape by NOT escaping `/`
2013-10-16 09:23:02 -04:00
def escape ( string )
string . gsub ( / ([^a-zA-Z0-9_. \ -~ \/ ]+) / ) {
" % " + $1 . unpack ( " H2 " * $1 . bytesize ) . join ( " % " ) . upcase
}
2013-04-16 09:40:52 -04:00
end
2013-04-12 06:31:10 -04:00
# Transforms things like bucket_name, object_name, region
#
# Should yield the same result when called f*f
def request_params ( params )
headers = params [ :headers ] || { }
if params [ :scheme ]
scheme = params [ :scheme ]
2013-10-16 15:19:29 -04:00
port = params [ :port ] || DEFAULT_SCHEME_PORT [ scheme ]
2013-04-12 06:31:10 -04:00
else
2013-10-16 15:19:29 -04:00
scheme = @scheme
2013-04-12 06:31:10 -04:00
port = @port
2012-04-22 22:16:19 -04:00
end
2013-04-12 06:31:10 -04:00
if DEFAULT_SCHEME_PORT [ scheme ] == port
port = nil
end
if params [ :region ]
region = params [ :region ]
host = params [ :host ] || region_to_host ( region )
else
region = @region || DEFAULT_REGION
host = params [ :host ] || @host || region_to_host ( region )
end
path = params [ :path ] || object_to_path ( params [ :object_name ] )
path = '/' + path if path [ 0 .. 0 ] != '/'
if params [ :bucket_name ]
bucket_name = params [ :bucket_name ]
path_style = params . fetch ( :path_style , @path_style )
2014-12-02 11:50:45 -05:00
if ! path_style
if COMPLIANT_BUCKET_NAMES !~ bucket_name
Fog :: Logger . warning ( " fog: the specified s3 bucket name( #{ bucket_name } ) is not a valid dns name, which will negatively impact performance. For details see: http://docs.amazonwebservices.com/AmazonS3/latest/dev/BucketRestrictions.html " )
path_style = true
elsif scheme == 'https' && bucket_name =~ / \ . /
Fog :: Logger . warning ( " fog: the specified s3 bucket name( #{ bucket_name } ) contains a '.' so is not accessible over https as a virtual hosted bucket, which will negatively impact performance. For details see: http://docs.amazonwebservices.com/AmazonS3/latest/dev/BucketRestrictions.html " )
path_style = true
end
end
2013-04-12 06:31:10 -04:00
if path_style
2013-04-16 09:40:52 -04:00
path = bucket_to_path bucket_name , path
2013-04-12 06:31:10 -04:00
else
host = [ bucket_name , host ] . join ( '.' )
2011-06-08 13:37:52 -04:00
end
2011-06-07 18:25:12 -04:00
end
2013-04-12 06:31:10 -04:00
ret = params . merge ( {
:scheme = > scheme ,
:host = > host ,
:port = > port ,
:path = > path ,
2013-10-16 15:19:29 -04:00
:headers = > headers
2013-04-12 06:31:10 -04:00
} )
2013-04-08 20:51:47 -04:00
2013-04-12 06:31:10 -04:00
#
ret . delete ( :path_style )
ret . delete ( :bucket_name )
ret . delete ( :object_name )
ret . delete ( :region )
ret
end
def params_to_url ( params )
query = params [ :query ] && params [ :query ] . map do | key , value |
if value
2013-10-16 09:23:02 -04:00
[ key , escape ( value . to_s ) ] . join ( '=' )
2013-04-12 06:31:10 -04:00
else
key
end
end . join ( '&' )
URI :: Generic . build ( {
:scheme = > params [ :scheme ] ,
:host = > params [ :host ] ,
:port = > params [ :port ] ,
:path = > params [ :path ] ,
:query = > query ,
} ) . to_s
2010-09-08 17:40:02 -04:00
end
end
class Mock
include Utils
2010-11-18 17:17:11 -05:00
def self . acls ( type )
case type
when 'private'
2011-01-21 23:45:37 -05:00
{
2010-11-18 17:17:11 -05:00
" AccessControlList " = > [
{
" Permission " = > " FULL_CONTROL " ,
" Grantee " = > { " DisplayName " = > " me " , " ID " = > " 2744ccd10c7533bd736ad890f9dd5cab2adb27b07d500b9493f29cdc420cb2e0 " }
}
] ,
" Owner " = > { " DisplayName " = > " me " , " ID " = > " 2744ccd10c7533bd736ad890f9dd5cab2adb27b07d500b9493f29cdc420cb2e0 " }
}
when 'public-read'
2011-01-21 23:45:37 -05:00
{
" AccessControlList " = > [
{
" Permission " = > " FULL_CONTROL " ,
" Grantee " = > { " DisplayName " = > " me " , " ID " = > " 2744ccd10c7533bd736ad890f9dd5cab2adb27b07d500b9493f29cdc420cb2e0 " }
} ,
{
" Permission " = > " READ " ,
" Grantee " = > { " URI " = > " http://acs.amazonaws.com/groups/global/AllUsers " }
}
] ,
" Owner " = > { " DisplayName " = > " me " , " ID " = > " 2744ccd10c7533bd736ad890f9dd5cab2adb27b07d500b9493f29cdc420cb2e0 " }
}
2010-11-18 17:17:11 -05:00
when 'public-read-write'
2011-01-21 23:45:37 -05:00
{
" AccessControlList " = > [
{
" Permission " = > " FULL_CONTROL " ,
" Grantee " = > { " DisplayName " = > " me " , " ID " = > " 2744ccd10c7533bd736ad890f9dd5cab2adb27b07d500b9493f29cdc420cb2e0 " }
} ,
{
" Permission " = > " READ " ,
" Grantee " = > { " URI " = > " http://acs.amazonaws.com/groups/global/AllUsers " }
} ,
{
" Permission " = > " WRITE " ,
" Grantee " = > { " URI " = > " http://acs.amazonaws.com/groups/global/AllUsers " }
}
] ,
" Owner " = > { " DisplayName " = > " me " , " ID " = > " 2744ccd10c7533bd736ad890f9dd5cab2adb27b07d500b9493f29cdc420cb2e0 " }
}
2010-11-18 17:17:11 -05:00
when 'authenticated-read'
2011-01-21 23:45:37 -05:00
{
" AccessControlList " = > [
{
" Permission " = > " FULL_CONTROL " ,
" Grantee " = > { " DisplayName " = > " me " , " ID " = > " 2744ccd10c7533bd736ad890f9dd5cab2adb27b07d500b9493f29cdc420cb2e0 " }
} ,
{
" Permission " = > " READ " ,
" Grantee " = > { " URI " = > " http://acs.amazonaws.com/groups/global/AuthenticatedUsers " }
}
] ,
" Owner " = > { " DisplayName " = > " me " , " ID " = > " 2744ccd10c7533bd736ad890f9dd5cab2adb27b07d500b9493f29cdc420cb2e0 " }
}
2010-11-18 17:17:11 -05:00
end
end
2010-09-08 17:40:02 -04:00
def self . data
2010-09-24 16:50:44 -04:00
@data || = Hash . new do | hash , region |
2010-10-13 16:20:18 -04:00
hash [ region ] = Hash . new do | region_hash , key |
region_hash [ key ] = {
2010-11-18 17:17:11 -05:00
:acls = > {
:bucket = > { } ,
:object = > { }
} ,
2013-01-03 04:15:38 -05:00
:buckets = > { } ,
:cors = > {
:bucket = > { }
2013-10-28 16:50:59 -04:00
} ,
2014-01-02 16:48:55 -05:00
:bucket_tagging = > { } ,
:multipart_uploads = > { }
2010-09-24 16:50:44 -04:00
}
end
2010-09-08 17:40:02 -04:00
end
end
2011-05-19 10:05:33 -04:00
def self . reset
@data = nil
end
2010-09-08 17:40:02 -04:00
def initialize ( options = { } )
2012-06-18 04:44:51 -04:00
@use_iam_profile = options [ :use_iam_profile ]
2014-02-03 12:56:52 -05:00
if @endpoint = options [ :endpoint ]
endpoint = URI . parse ( @endpoint )
@host = endpoint . host
@scheme = endpoint . scheme
@port = endpoint . port
else
@region = options [ :region ] || DEFAULT_REGION
@host = options [ :host ] || region_to_host ( @region )
@scheme = options [ :scheme ] || DEFAULT_SCHEME
@port = options [ :port ] || DEFAULT_SCHEME_PORT [ @scheme ]
end
@path_style = options [ :path_style ] || false
2014-11-02 12:07:10 -05:00
setup_credentials ( options )
2011-05-19 18:35:33 -04:00
end
def data
self . class . data [ @region ] [ @aws_access_key_id ]
2011-03-10 14:16:55 -05:00
end
def reset_data
self . class . data [ @region ] . delete ( @aws_access_key_id )
2010-09-08 17:40:02 -04:00
end
2012-06-23 17:44:10 -04:00
def setup_credentials ( options )
2012-06-18 04:44:51 -04:00
@aws_access_key_id = options [ :aws_access_key_id ]
@aws_secret_access_key = options [ :aws_secret_access_key ]
@aws_session_token = options [ :aws_session_token ]
@aws_credentials_expire_at = options [ :aws_credentials_expire_at ]
2014-11-02 12:07:10 -05:00
@signer = Fog :: AWS :: SignatureV4 . new ( @aws_access_key_id , @aws_secret_access_key , @region , 's3' )
2012-06-18 04:44:51 -04:00
end
2010-09-08 17:40:02 -04:00
end
class Real
include Utils
2012-06-18 04:44:51 -04:00
include Fog :: AWS :: CredentialFetcher :: ConnectionMethods
2010-09-08 17:40:02 -04:00
# Initialize connection to S3
#
# ==== Notes
2010-09-27 19:08:04 -04:00
# options parameter must include values for :aws_access_key_id and
2010-09-08 17:40:02 -04:00
# :aws_secret_access_key in order to create a connection
#
# ==== Examples
2011-10-12 09:45:34 -04:00
# s3 = Fog::Storage.new(
# :provider => "AWS",
2010-09-08 17:40:02 -04:00
# :aws_access_key_id => your_aws_access_key_id,
# :aws_secret_access_key => your_aws_secret_access_key
# )
#
# ==== Parameters
# * options<~Hash> - config arguments for connection. Defaults to {}.
#
# ==== Returns
# * S3 object with connection to aws.
def initialize ( options = { } )
2011-02-16 20:25:50 -05:00
2012-06-18 04:44:51 -04:00
@use_iam_profile = options [ :use_iam_profile ]
2014-09-16 14:31:12 -04:00
@instrumentor = options [ :instrumentor ]
@instrumentor_name = options [ :instrumentor_name ] || 'fog.aws.storage'
2011-09-12 11:01:48 -04:00
@connection_options = options [ :connection_options ] || { }
2013-04-12 06:31:10 -04:00
@persistent = options . fetch ( :persistent , false )
2014-11-29 12:33:42 -05:00
@signature_version = options . fetch ( :aws_signature_version , 4 )
validate_signature_version!
2013-11-15 12:22:40 -05:00
@path_style = options [ :path_style ] || false
2010-09-29 20:53:32 -04:00
if @endpoint = options [ :endpoint ]
endpoint = URI . parse ( @endpoint )
@host = endpoint . host
@scheme = endpoint . scheme
2013-04-12 06:31:10 -04:00
@port = endpoint . port
2010-09-29 20:53:32 -04:00
else
2013-04-12 06:31:10 -04:00
@region = options [ :region ] || DEFAULT_REGION
@host = options [ :host ] || region_to_host ( @region )
@scheme = options [ :scheme ] || DEFAULT_SCHEME
@port = options [ :port ] || DEFAULT_SCHEME_PORT [ @scheme ]
2010-09-29 20:53:32 -04:00
end
2014-11-02 12:07:10 -05:00
setup_credentials ( options )
2010-09-08 17:40:02 -04:00
end
def reload
2013-10-16 15:19:29 -04:00
@connection . reset if @connection
2010-09-08 17:40:02 -04:00
end
2011-02-08 13:06:44 -05:00
private
2014-11-29 12:33:42 -05:00
def validate_signature_version!
unless @signature_version == 2 || @signature_version == 4
raise " Unknown signature version #{ @signature_version } ; valid versions are 2 or 4 "
end
end
2012-06-18 04:44:51 -04:00
def setup_credentials ( options )
@aws_access_key_id = options [ :aws_access_key_id ]
@aws_secret_access_key = options [ :aws_secret_access_key ]
@aws_session_token = options [ :aws_session_token ]
@aws_credentials_expire_at = options [ :aws_credentials_expire_at ]
2014-11-29 12:33:42 -05:00
if @signature_version == 4
@signer = Fog :: AWS :: SignatureV4 . new ( @aws_access_key_id , @aws_secret_access_key , @region , 's3' )
elsif @signature_version == 2
@hmac = Fog :: HMAC . new ( 'sha1' , @aws_secret_access_key )
2014-12-02 11:55:39 -05:00
end
2012-06-18 04:44:51 -04:00
end
2013-10-16 15:19:29 -04:00
def connection ( scheme , host , port )
uri = " #{ scheme } :// #{ host } : #{ port } "
if @persistent
unless uri == @connection_uri
@connection_uri = uri
reload
@connection = nil
end
else
@connection = nil
end
2014-02-26 19:50:35 -05:00
@connection || = Fog :: XML :: Connection . new ( uri , @persistent , @connection_options )
2013-10-16 15:19:29 -04:00
end
2011-02-08 13:06:44 -05:00
def request ( params , & block )
2012-06-18 04:44:51 -04:00
refresh_credentials_if_expired
2014-11-02 12:07:10 -05:00
date = Fog :: Time . now
params = params . dup
2014-11-03 15:17:27 -05:00
params [ :headers ] = ( params [ :headers ] || { } ) . dup
2013-07-03 16:11:13 -04:00
params [ :headers ] [ 'x-amz-security-token' ] = @aws_session_token if @aws_session_token
2014-11-02 12:07:10 -05:00
2014-11-29 12:33:42 -05:00
if @signature_version == 2
2014-12-01 03:39:54 -05:00
expires = date . to_date_header
params [ :headers ] [ 'Date' ] = expires
params [ :headers ] [ 'Authorization' ] = " AWS #{ @aws_access_key_id } : #{ signature_v2 ( params , expires ) } "
2014-11-02 12:07:10 -05:00
end
2013-04-08 20:51:47 -04:00
2013-04-12 06:31:10 -04:00
params = request_params ( params )
2013-10-16 15:19:29 -04:00
scheme = params . delete ( :scheme )
host = params . delete ( :host )
port = params . delete ( :port ) || DEFAULT_SCHEME_PORT [ scheme ]
2014-11-02 12:07:10 -05:00
params [ :headers ] [ 'Host' ] = host
2013-04-12 06:31:10 -04:00
2011-02-08 13:06:44 -05:00
2014-11-29 12:33:42 -05:00
if @signature_version == 4
2014-12-01 03:39:54 -05:00
params [ :headers ] [ 'x-amz-date' ] = date . to_iso8601_basic
2014-11-29 12:33:42 -05:00
if params [ :body ] . respond_to? ( :read )
# See http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html
params [ :headers ] [ 'x-amz-content-sha256' ] = 'STREAMING-AWS4-HMAC-SHA256-PAYLOAD'
params [ :headers ] [ 'x-amz-decoded-content-length' ] = params [ :headers ] . delete 'Content-Length'
encoding = " aws-chunked "
encoding += " , #{ params [ :headers ] [ 'Content-Encoding' ] } " if params [ :headers ] [ 'Content-Encoding' ]
params [ :headers ] [ 'Content-Encoding' ] = encoding
else
params [ :headers ] [ 'x-amz-content-sha256' ] || = Digest :: SHA256 . hexdigest ( params [ :body ] || '' )
end
signature_components = @signer . signature_components ( params , date , params [ :headers ] [ 'x-amz-content-sha256' ] )
params [ :headers ] [ 'Authorization' ] = @signer . components_to_header ( signature_components )
if params [ :body ] . respond_to? ( :read )
body = params . delete :body
params [ :request_block ] = S3Streamer . new ( body , signature_components [ 'X-Amz-Signature' ] , @signer , date )
end
2014-11-02 12:07:10 -05:00
end
2014-11-29 12:33:42 -05:00
# FIXME: ToHashParser should make this not needed
original_params = params . dup
2014-11-02 12:07:10 -05:00
2014-09-16 14:31:12 -04:00
if @instrumentor
@instrumentor . instrument ( " #{ @instrumentor_name } .request " , params ) do
_request ( scheme , host , port , params , original_params , & block )
end
else
_request ( scheme , host , port , params , original_params , & block )
2011-02-08 13:06:44 -05:00
end
2014-09-16 14:31:12 -04:00
end
2011-02-08 13:06:44 -05:00
2014-09-16 14:31:12 -04:00
def _request ( scheme , host , port , params , original_params , & block )
connection ( scheme , host , port ) . request ( params , & block )
2014-11-19 11:39:28 -05:00
rescue Excon :: Errors :: MovedPermanently , Excon :: Errors :: TemporaryRedirect = > error
2014-09-16 14:31:12 -04:00
headers = ( error . response . is_a? ( Hash ) ? error . response [ :headers ] : error . response . headers )
2014-11-20 11:14:58 -05:00
new_params = { }
if headers . has_key? ( 'Location' )
new_params [ :host ] = URI . parse ( headers [ 'Location' ] ) . host
2014-11-19 11:39:28 -05:00
else
body = error . response . is_a? ( Hash ) ? error . response [ :body ] : error . response . body
2014-11-20 11:14:58 -05:00
new_params [ :bucket_name ] = %r{ <Bucket>([^<]*)</Bucket> } . match ( body ) . captures . first
new_params [ :host ] = %r{ <Endpoint>([^<]*)</Endpoint> } . match ( body ) . captures . first
2014-11-19 11:39:28 -05:00
end
Fog :: Logger . warning ( " fog: followed redirect to #{ host } , connecting to the matching region will be more performant " )
2014-11-26 10:28:52 -05:00
original_region , original_signer = @region , @signer
@region = case new_params [ :host ]
2014-12-02 11:55:39 -05:00
when 's3.amazonaws.com' , 's3-external-1.amazonaws.com'
2014-11-18 16:38:12 -05:00
DEFAULT_REGION
2014-12-02 11:55:39 -05:00
when 's3.eu-central-1.amazonaws.com'
'eu-central-1.amazonaws.com'
2014-11-18 16:38:12 -05:00
else
2014-11-20 11:14:58 -05:00
%r{ s3-([^ \ .]*).amazonaws.com } . match ( new_params [ :host ] ) . captures . first
2014-11-18 16:38:12 -05:00
end
2014-11-29 12:33:42 -05:00
if @signature_version == 4
@signer = Fog :: AWS :: SignatureV4 . new ( @aws_access_key_id , @aws_secret_access_key , @region , 's3' )
original_params [ :headers ] . delete ( 'Authorization' )
end
2014-11-20 11:14:58 -05:00
response = request ( original_params . merge ( new_params ) , & block )
2014-11-26 10:28:52 -05:00
@region , @signer = original_region , original_signer
2014-11-19 11:39:28 -05:00
response
2011-02-08 13:06:44 -05:00
end
2014-11-02 12:07:10 -05:00
# See http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html
class S3Streamer
2014-11-25 03:07:23 -05:00
attr_accessor :body , :signature , :signer , :finished , :date , :initial_signature
2014-11-02 12:07:10 -05:00
def initialize ( body , signature , signer , date )
self . body = body
self . date = date
self . signature = signature
2014-11-25 03:07:23 -05:00
self . initial_signature = signature
2014-11-02 12:07:10 -05:00
self . signer = signer
if body . respond_to? ( :binmode )
body . binmode
end
2014-11-25 03:07:23 -05:00
2014-11-02 12:07:10 -05:00
if body . respond_to? ( :pos = )
body . pos = 0
end
2014-11-25 03:07:23 -05:00
end
#called if excon wants to retry the request. As well as rewinding the body
#we must also reset the signature
def rewind
self . signature = initial_signature
body . rewind
2014-11-02 12:07:10 -05:00
end
def call
if finished
''
else
next_chunk
end
end
def next_chunk
data = body . read ( 0x10000 )
if data . nil?
self . finished = true
data = ''
end
self . signature = sign_chunk ( data , signature )
" #{ data . length . to_s ( 16 ) } ;chunk-signature= #{ signature } \r \n #{ data } \r \n "
end
def sign_chunk ( data , previous_signature )
string_to_sign = <<-DATA
AWS4 - HMAC - SHA256 - PAYLOAD
#{date.to_iso8601_basic}
#{signer.credential_scope(date)}
#{previous_signature}
#{Digest::SHA256.hexdigest('')}
#{Digest::SHA256.hexdigest(data)}
DATA
hmac = signer . derived_hmac ( date )
hmac . sign ( string_to_sign . strip ) . unpack ( 'H*' ) . first
end
end
2014-11-29 12:33:42 -05:00
2014-12-01 03:39:54 -05:00
def signature_v2 ( params , expires )
2014-11-29 12:33:42 -05:00
headers = params [ :headers ] || { }
string_to_sign =
<<-DATA
#{params[:method].to_s.upcase}
#{headers['Content-MD5']}
#{headers['Content-Type']}
2014-12-01 03:39:54 -05:00
#{expires}
2014-11-29 12:33:42 -05:00
DATA
amz_headers , canonical_amz_headers = { } , ''
for key , value in headers
if key [ 0 .. 5 ] == 'x-amz-'
amz_headers [ key ] = value
end
end
amz_headers = amz_headers . sort { | x , y | x [ 0 ] < = > y [ 0 ] }
for key , value in amz_headers
canonical_amz_headers << " #{ key } : #{ value } \n "
end
string_to_sign << canonical_amz_headers
query_string = ''
if params [ :query ]
query_args = [ ]
for key in params [ :query ] . keys . sort
if VALID_QUERY_KEYS . include? ( key )
value = params [ :query ] [ key ]
if value
query_args << " #{ key } = #{ value } "
else
query_args << key
end
end
end
if query_args . any?
query_string = '?' + query_args . join ( '&' )
end
end
canonical_path = ( params [ :path ] || object_to_path ( params [ :object_name ] ) ) . to_s
canonical_path = '/' + canonical_path if canonical_path [ 0 .. 0 ] != '/'
if params [ :bucket_name ]
canonical_resource = " / #{ params [ :bucket_name ] } #{ canonical_path } "
else
canonical_resource = canonical_path
end
canonical_resource << query_string
string_to_sign << canonical_resource
signed_string = @hmac . sign ( string_to_sign )
Base64 . encode64 ( signed_string ) . chomp!
end
2010-09-08 17:40:02 -04:00
end
end
end
end