MCPcopy Index your code
hub / github.com/apache/opendal-reqsign

github.com/apache/opendal-reqsign @v0.20.1

Chat with this repo
repository ↗ · DeepWiki ↗ · release v0.20.1 ↗ · + Follow
1,456 symbols 5,376 edges 201 files 407 documented · 28%
What it actually does AI analysis from the code graph — generated when you open this
loading…
README

Apache OpenDAL Reqsign

Build Status Latest Version Crate Downloads

Signing API requests without effort.


Most API is simple. But they could be complicated when they are hidden from complex abstraction. reqsign bring the simple API back: build, sign, send.

Quick Start

Option 1: Use Default Signer (Recommended)

The simplest way to use reqsign is with the default signers provided by each service:

use anyhow::Result;
use reqsign::aws;

#[tokio::main]
async fn main() -> Result<()> {
    // Create a default signer for S3 in us-east-1
    // This will automatically:
    // - Load credentials from environment variables, config files, or IAM roles
    // - Set up the default HTTP client and file reader
    let signer = aws::default_signer("s3", "us-east-1");

    // Build your request
    let mut req = http::Request::builder()
        .method("GET")
        .uri("https://s3.amazonaws.com/testbucket")
        .body(())
        .unwrap()
        .into_parts()
        .0;

    // Sign the request
    signer.sign(&mut req, None).await?;

    // Send the request with your preferred HTTP client
    println!("Request has been signed!");
    Ok(())
}

Option 2: Custom Assembly

For more control over the components, you can manually assemble the signer:

use anyhow::Result;
use reqsign::{Context, Signer};
use reqsign_aws_v4::{DefaultCredentialProvider, RequestSigner};
use reqsign_file_read_tokio::TokioFileRead;
use reqsign_http_send_reqwest::ReqwestHttpSend;

#[tokio::main]
async fn main() -> Result<()> {
    // Build your own context with specific implementations
    let ctx = Context::new()
        .with_file_read(TokioFileRead)
        .with_http_send(ReqwestHttpSend::default())
        .with_env(reqsign::OsEnv);

    // Configure credential provider
    let credential_provider = DefaultCredentialProvider::new();

    // Configure request signer for S3
    let request_signer = RequestSigner::new("s3", "us-east-1");

    // Assemble the signer
    let signer = Signer::new(ctx, credential_provider, request_signer);

    // Build and sign the request
    let mut req = http::Request::builder()
        .method("GET")
        .uri("https://s3.amazonaws.com/testbucket")
        .body(())
        .unwrap()
        .into_parts()
        .0;

    // Sign the request
    signer.sign(&mut req, None).await?;

    println!("Request has been signed!");
    Ok(())
}

Customizing Default Signers

You can also customize the default signers using the with_* methods:

use reqsign::aws;
use reqsign_aws_v4::StaticCredentialProvider;

// Start with default signer and customize specific components
let signer = aws::default_signer("s3", "us-east-1")
    .with_credential_provider(StaticCredentialProvider::new(
        "my-access-key",
        "my-secret-key",
        None,  // Optional session token
    ));

More Services Examples

Azure Storage

use reqsign::azure;

// Default signer for Azure Storage
let signer = azure::default_signer();

// With custom credentials
use reqsign_azure_storage::StaticCredentialProvider;
let signer = azure::default_signer()
    .with_credential_provider(StaticCredentialProvider::new(
        "account-name",
        "account-key",
    ));

Google Cloud

use reqsign::google;

// Default signer for Google Cloud Storage
let signer = google::default_signer("storage.googleapis.com");

Aliyun OSS

use reqsign::aliyun;

// Default signer for Aliyun OSS
let signer = aliyun::default_signer();

Features

  • Pure rust with minimal dependencies.
  • Test again official SDK and services.
  • Supported services
  • Aliyun OSS: reqsign-aliyun-oss
  • AWS services (SigV4): reqsign-aws-v4
  • Azure Storage services: reqsign-azure-storage
  • Google services: reqsign-google
  • Huawei Cloud OBS: reqsign-huaweicloud-obs
  • Oracle Cloud: reqsign-oracle
  • Tencent COS: reqsign-tencent-cos

Contributing

Check out the CONTRIBUTING.md guide for more details on getting started with contributing to this project.

Getting help

Submit issues for bug report or asking questions in discussion.

Acknowledge

Inspired a lot from:

License

Licensed under Apache License, Version 2.0.

Extension points exported contracts — how you extend this code

SigningCredential (Interface)
SigningCredential is the trait used by signer as the signing credential. [8 implementers]
core/src/api.rs
PushOptionalProvider (Interface)
(no doc) [1 implementers]
services/aliyun-oss/src/provide_credential/default.rs
ProvideCredential (Interface)
ProvideCredential is the trait used by signer to load the credential from the environment. ` Service may require differe [76 …
core/src/api.rs
SignRequest (Interface)
SignRequest is the trait used by signer to build the signing request. [9 implementers]
core/src/api.rs
FileRead (Interface)
FileRead is used to read the file content entirely in `Vec `. This could be used by `Load` to load the credential fr [13 …
core/src/context.rs
HttpSend (Interface)
HttpSend is used to send http request during the signing process. For example, fetch IMDS token from AWS or OAuth2 refr [18 …
core/src/context.rs

Core symbols most depended-on inside this repo

with_env
called by 263
core/src/context.rs
with_http_send
called by 212
core/src/context.rs
with_file_read
called by 211
core/src/context.rs
with_source
called by 210
core/src/error.rs
push
called by 181
core/src/api.rs
with_context
called by 114
core/src/error.rs
is_empty
called by 99
core/src/api.rs
parse
called by 90
services/google/src/credential.rs

Shape

Method 695
Function 496
Class 240
Interface 14
Enum 11

Languages

Rust97%
Python3%

Modules by API surface

services/google/src/provide_credential/external_account.rs81 symbols
services/aliyun-oss/src/sign_request.rs53 symbols
services/aliyun-oss/src/provide_credential/default.rs50 symbols
core/src/context.rs40 symbols
services/aliyun-oss/src/provide_credential/assume_role.rs35 symbols
services/aws-v4/src/provide_credential/default.rs34 symbols
services/aliyun-oss/src/provide_credential/assume_role_with_oidc.rs32 symbols
services/google/src/sign_request.rs30 symbols
services/google/src/credential.rs30 symbols
services/azure-storage/src/provide_credential/default.rs29 symbols
services/google/src/provide_credential/default.rs28 symbols
services/azure-storage/src/sign_request.rs27 symbols

For agents

$ claude mcp add opendal-reqsign \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact