MCPcopy Index your code
hub / github.com/simstudioai/sim / buildSignedHeaders

Function buildSignedHeaders

apps/sim/connectors/s3/s3.ts:282–319  ·  view source on GitHub ↗

* Builds SigV4 request headers for an S3 REST call. * * `canonicalQueryString` must be the already-sorted, percent-encoded query * string (empty for GetObject) — the caller builds the request URL from this * exact same string so the signed query and the wire query are byte-identical * (the clas

(
  ctx: S3Context,
  method: 'GET',
  encodedPath: string,
  canonicalQueryString: string
)

Source from the content-addressed store, hash-verified

280 * RequestTimeTooSkewed.
281 */
282function buildSignedHeaders(
283 ctx: S3Context,
284 method: 'GET',
285 encodedPath: string,
286 canonicalQueryString: string
287): Record<string, string> {
288 const date = new Date()
289 const amzDate = date.toISOString().replace(/[:-]|\.\d{3}/g, '')
290 const dateStamp = amzDate.slice(0, 8)
291
292 const host = resolveHost(ctx)
293 const payloadHash = crypto.createHash('sha256').update('').digest('hex')
294
295 const canonicalHeaders =
296 `host:${host}\n` + `x-amz-content-sha256:${payloadHash}\n` + `x-amz-date:${amzDate}\n`
297 const signedHeaders = 'host;x-amz-content-sha256;x-amz-date'
298
299 const canonicalRequest = `${method}\n${encodedPath}\n${canonicalQueryString}\n${canonicalHeaders}\n${signedHeaders}\n${payloadHash}`
300
301 const algorithm = 'AWS4-HMAC-SHA256'
302 const credentialScope = `${dateStamp}/${ctx.region}/s3/aws4_request`
303 const stringToSign = `${algorithm}\n${amzDate}\n${credentialScope}\n${crypto
304 .createHash('sha256')
305 .update(canonicalRequest)
306 .digest('hex')}`
307
308 const signingKey = getSignatureKey(ctx.secretAccessKey, dateStamp, ctx.region, 's3')
309 const signature = crypto.createHmac('sha256', signingKey).update(stringToSign).digest('hex')
310
311 const authorizationHeader = `${algorithm} Credential=${ctx.accessKeyId}/${credentialScope}, SignedHeaders=${signedHeaders}, Signature=${signature}`
312
313 return {
314 Host: host,
315 'X-Amz-Content-Sha256': payloadHash,
316 'X-Amz-Date': amzDate,
317 Authorization: authorizationHeader,
318 }
319}
320
321/**
322 * Percent-encodes a query parameter name or value per AWS SigV4 canonical rules

Callers 2

listObjectsPageFunction · 0.85
s3.tsFile · 0.85

Calls 3

getSignatureKeyFunction · 0.90
resolveHostFunction · 0.70
replaceMethod · 0.65

Tested by

no test coverage detected