aws-sigv4-sign
Version:
SignatureV4 sign function implemented with the official AWS SDK
80 lines (75 loc) • 3.12 kB
TypeScript
import { AwsCredentialIdentity, AwsCredentialIdentityProvider } from '@aws-sdk/types';
type SignRequestOptions = {
/**
* The AWS service to sign requests for, e.g. `execute-api` for AWS API Gateway or `lambda` for Lambda Function URLs.
*/
service: string;
/**
* The AWS region to sign requests for, e.g. `us-east-1` or `eu-west-2`.
* Defaults to `us-east-1` if not provided.
*/
region?: string;
/**
* The AWS credentials to use when signing requests.
* Optional in Node.js environments where they will be retrieved from the environment using [`@aws-sdk/credential-provider-node`](https://www.npmjs.com/package/@aws-sdk/credential-provider-node).
* In browser environments, credentials are **required** and must be provided explicitly.
*
* @see {@link https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-smithy-types/Interface/AwsCredentialIdentity/ | AwsCredentialIdentity}
* @see {@link https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-smithy-types/Interface/AwsCredentialIdentityProvider/ | AwsCredentialIdentityProvider}
*/
credentials?: AwsCredentialIdentity | AwsCredentialIdentityProvider;
};
/**
* Signs a request using AWS Signature V4 and returns a `Request` object.
*
* @example
* ```ts
* const signedRequest = await signRequest('https://mylambda.lambda-url.eu-west-1.on.aws/', {
* service: 'lambda',
* region: 'eu-west-1'
* });
*
* const response = await fetch(signedRequest);
* ```
*/
declare function signRequest(input: string | Request | URL, options: SignRequestOptions): Promise<Request>;
/**
* Signs a request using AWS Signature V4 and returns a `Request` object.
*
* @example
* ```ts
* const signedRequest = await signRequest('https://mylambda.lambda-url.eu-west-1.on.aws/',
* {
* method: 'POST',
* body: JSON.stringify({ a: 1 }),
* headers: { 'Content-Type': 'application/json' }
* },
* {
* service: 'lambda',
* region: 'eu-west-1'
* }
* );
*
* const response = await fetch(signedRequest);
* ```
*/
declare function signRequest(input: string | Request | URL, init: RequestInit, options: SignRequestOptions): Promise<Request>;
/**
* Returns the default credential provider based on the environment.
* In Node.js, it uses the default provider from @aws-sdk/credential-provider-node.
* In a browser environment, it throws an error as credentials must be provided explicitly.
*/
declare function getDefaultCredentialProvider(): Promise<AwsCredentialIdentityProvider>;
interface ParsedRequest {
url: URL;
method: string;
headers: Record<string, string>;
body?: ArrayBuffer;
}
/**
* Extract the URL, method, body, and headers from a request.
* Input can be a `string`, `URL`, or `Request` object.
* Init is an optional `RequestInit` object. If provided, it will override the values in the `Request` object.
*/
declare const parseRequest: (input: string | Request | URL, init?: RequestInit) => Promise<ParsedRequest>;
export { type SignRequestOptions, getDefaultCredentialProvider, parseRequest, signRequest };