Merge pull request #3244 from fcheung/update_post_object_hidden_fields_to_sig4

[AWS|Storage] update post_object_hidden_fields to use signature v4

lib/fog/aws/requests/storage/post_object_hidden_fields.rb

@@ -23,12 +23,30 @@ module Fog
         # @see http://docs.amazonwebservices.com/AmazonS3/latest/dev/HTTPPOSTForms.html
         #
         def post_object_hidden_fields(options = {})
-          if options['policy']
-            options['policy'] = Base64.encode64(Fog::JSON.encode(options['policy'])).gsub("\n", "")
-            options['AWSAccessKeyId'] = @aws_access_key_id
-            options['Signature'] = Base64.encode64(@hmac.sign(options['policy'])).gsub("\n", "")
+          options = options.dup
+          if policy = options['policy']
+            date = Fog::Time.now
+            credential = "#{@aws_access_key_id}/#{@signer.credential_scope(date)}"
+            extra_conditions = [
+              {'x-amz-date' => date.to_iso8601_basic},
+              {'x-amz-credential' => credential},
+              {'x-amz-algorithm' => Fog::AWS::SignatureV4::ALGORITHM}
+            ]
+
+            extra_conditions << {'x-amz-security-token' => @aws_session_token } if @aws_session_token
+
+            policy_with_auth_fields = policy.merge('conditions' => policy['conditions'] + extra_conditions)
+
+            options['policy'] = Base64.encode64(Fog::JSON.encode(policy_with_auth_fields)).gsub("\n", "")
+            options['X-Amz-Credential'] = credential
+            options['X-Amz-Date'] = date.to_iso8601_basic
+            options['X-Amz-Algorithm'] = Fog::AWS::SignatureV4::ALGORITHM
+            if @aws_session_token
+              options['X-Amz-Security-Token'] = @aws_session_token         
+            end
+            options['X-Amz-Signature'] = @signer.derived_hmac(date).sign(options['policy']).unpack('H*').first
           end
-          options
+          options          
         end
       end
     end