-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathrequest.js
More file actions
104 lines (89 loc) · 2.91 KB
/
request.js
File metadata and controls
104 lines (89 loc) · 2.91 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
const signing = require(`./signing.js`);
const https = require("https");
const METHOD = "GET";
const SIGNING_ALGORITHM = "AWS4-HMAC-SHA256";
const CONTENT_TYPE = "application/x-amz-json-1.1";
const SERVICE = "iam";
const HOST = "iam.amazonaws.com";
const REGION = "us-east-1";
const SIGNED_HEADERS = "content-type;host;x-amz-date";
const CANONICAL_URI = "/";
const CANONICAL_QUERY_STRING = "Action=ListUsers&Version=2010-05-08";
function getCanonicalHeaders(amzTimestamp) {
return [
"content-type:" + CONTENT_TYPE,
"host:" + HOST,
"x-amz-date:" + amzTimestamp + "\n",
].join("\n");
}
function getCanonicalRequest(canonicalHeaders, payloadHash) {
return [
METHOD,
CANONICAL_URI,
CANONICAL_QUERY_STRING,
canonicalHeaders,
SIGNED_HEADERS,
payloadHash,
].join("\n");
}
function getAuthorizationHeader(scope, signature, amazonKeyId) {
return `${SIGNING_ALGORITHM} Credential=${amazonKeyId}/${scope}, SignedHeaders=${SIGNED_HEADERS}, Signature=${signature}`;
}
if (require.main === module) {
// Get user input
const amazonKeyId = process.argv[2];
const secretKey = process.argv[3];
// Get the required timestamp strings
[amzTimestamp, reqTimestamp] = signing.getTimestamps();
console.log("Amazon Timestamp: " + amzTimestamp);
console.log("Request Timestamp: " + reqTimestamp);
// Get the scope of the request (the timestamp and the target service)
const scope = signing.getCredentialScope(reqTimestamp, REGION, SERVICE);
console.log("Credential Scope: " + scope);
const requestParamters = ``;
const payloadHash = signing.computeSHA256SignatureHash(requestParamters);
const headers = getCanonicalHeaders(amzTimestamp);
const canonicalRequest = getCanonicalRequest(headers, payloadHash);
// Get the AWS v4 signing key
const key = signing.getAWS4SignatureKey(
secretKey,
reqTimestamp,
REGION,
SERVICE
);
console.log("Signing Key: " + key.toString("hex"));
// Prepare string value to sign from user input
const stringToSign = signing.getStringToSign(
amzTimestamp,
scope,
canonicalRequest
);
// Sign and output user string
const signature = signing.signHex(key, stringToSign);
console.log("Signature: " + signature);
const authHeader = getAuthorizationHeader(scope, signature, amazonKeyId);
console.log("Auth Header: " + authHeader);
const canReqHeaders = {
"Accept-Encoding": "identity",
"Content-Type": CONTENT_TYPE,
"X-Amz-Date": amzTimestamp,
Authorization: authHeader,
"Content-Length": requestParamters.length,
};
var options = {
hostname: HOST,
path: "/?" + CANONICAL_QUERY_STRING,
port: 443,
method: METHOD,
headers: canReqHeaders,
};
var req = https.request(options, function (res) {
res.on("data", (d) => {
process.stdout.write(d);
});
});
req.write(requestParamters);
req.end(options.body || "").on("error", (err) => {
console.log("Error: " + err.message);
});
}