UNPKG

aws-sigv4-sign

Version:

SignatureV4 sign function implemented with the official AWS SDK

103 lines (99 loc) 3.03 kB
// src/sign-request.ts import { Sha256 } from "@aws-crypto/sha256-js"; import { HttpRequest } from "@smithy/protocol-http"; import { SignatureV4 } from "@smithy/signature-v4"; // src/credential-provider.ts function isBrowser() { return typeof window !== "undefined" && typeof document !== "undefined"; } async function getDefaultCredentialProvider() { if (isBrowser()) throw new Error( "AWS credentials provider is not available in browser environments. You must provide credentials explicitly when calling signRequest in a browser." ); try { const { defaultProvider } = await import("@aws-sdk/credential-provider-node"); return defaultProvider(); } catch (error) { throw new Error("AWS credentials provider could not be loaded. You must provide credentials explicitly."); } } // src/parse-request.ts var copyHeaders = (headers) => { const headersMap = /* @__PURE__ */ new Map(); headers.forEach((value, key) => headersMap.set(key.toLowerCase(), value)); return Object.fromEntries(headersMap.entries()); }; var parseRequest = async (input, init) => { let request; if (typeof input === "string" || input instanceof URL) { const url2 = input instanceof URL ? input.href : input; request = new Request(url2, init); } else { request = new Request(input.clone(), init); } const method = request.method.toUpperCase(); const url = new URL(request.url); const headers = copyHeaders(request.headers); const buffer = await request.arrayBuffer(); const body = buffer.byteLength > 0 ? buffer : void 0; return { method, headers, url, body }; }; // src/sign-request.ts async function signRequest(...args) { let input; let init; let options; if (args.length === 2) { input = args[0]; options = args[1]; } else { input = args[0]; init = args[1]; options = args[2]; } const { url, method, headers, body } = await parseRequest(input, init); headers["host"] = url.host; const service = options.service; const region = options.region || "us-east-1"; const credentials = options.credentials || await getDefaultCredentialProvider(); const httpRequest = new HttpRequest({ method, body, headers, hostname: url.hostname, path: url.pathname, protocol: url.protocol, port: url.port ? Number(url.port) : void 0, username: url.username, password: url.password, fragment: url.hash, // Query paramaters accept multiple values per key query: Array.from(url.searchParams.entries()).reduce((acc, [key, value]) => { if (Array.isArray(acc[key])) { acc[key].push(value); } else { acc[key] = [value]; } return acc; }, {}) }); const signer = new SignatureV4({ credentials, service, region, sha256: Sha256 }); const { headers: signedHeaders } = await signer.sign(httpRequest); return new Request(input, { ...init, headers: signedHeaders }); } export { getDefaultCredentialProvider, parseRequest, signRequest };