OpenI
/
aiforge
Not watched
1
0
Fork 0
Code
Releases 128 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
19689 Commits
197 Branches
392 MB
2907 Download
Branch: V20230215
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'V20230215'
${ noResults }
aiforge/modules/obs/auth.go

auth.go 16 kB
Raw Permalink Normal View History

add obs sdk
4 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466 
  1. // Copyright 2019 Huawei Technologies Co.,Ltd.

  2. // Licensed under the Apache License, Version 2.0 (the "License"); you may not use

  3. // this file except in compliance with the License.  You may obtain a copy of the

  4. // License at

  5. //

  6. // http://www.apache.org/licenses/LICENSE-2.0

  7. //

  8. // Unless required by applicable law or agreed to in writing, software distributed

  9. // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR

  10. // CONDITIONS OF ANY KIND, either express or implied.  See the License for the

  11. // specific language governing permissions and limitations under the License.

  12. 

  13. package obs

  14. 

  15. import (

  16. 	"fmt"

  17. 	"net/url"

  18. 	"sort"

  19. 	"strings"

  20. 	"time"

  21. )

  22. 

  23. func (obsClient ObsClient) doAuthTemporary(method, bucketName, objectKey string, params map[string]string,

  24. 	headers map[string][]string, expires int64) (requestURL string, err error) {

  25. 	isAkSkEmpty := obsClient.conf.securityProvider == nil || obsClient.conf.securityProvider.ak == "" || obsClient.conf.securityProvider.sk == ""

  26. 	if isAkSkEmpty == false && obsClient.conf.securityProvider.securityToken != "" {

  27. 		if obsClient.conf.signature == SignatureObs {

  28. 			params[HEADER_STS_TOKEN_OBS] = obsClient.conf.securityProvider.securityToken

  29. 		} else {

  30. 			params[HEADER_STS_TOKEN_AMZ] = obsClient.conf.securityProvider.securityToken

  31. 		}

  32. 	}

  33. 	requestURL, canonicalizedURL := obsClient.conf.formatUrls(bucketName, objectKey, params, true)

  34. 	parsedRequestURL, err := url.Parse(requestURL)

  35. 	if err != nil {

  36. 		return "", err

  37. 	}

  38. 	encodeHeaders(headers)

  39. 	hostName := parsedRequestURL.Host

  40. 

  41. 	isV4 := obsClient.conf.signature == SignatureV4

  42. 	prepareHostAndDate(headers, hostName, isV4)

  43. 

  44. 	if isAkSkEmpty {

  45. 		doLog(LEVEL_WARN, "No ak/sk provided, skip to construct authorization")

  46. 	} else {

  47. 		if isV4 {

  48. 			date, parseDateErr := time.Parse(RFC1123_FORMAT, headers[HEADER_DATE_CAMEL][0])

  49. 			if parseDateErr != nil {

  50. 				doLog(LEVEL_WARN, "Failed to parse date with reason: %v", parseDateErr)

  51. 				return "", parseDateErr

  52. 			}

  53. 			delete(headers, HEADER_DATE_CAMEL)

  54. 			shortDate := date.Format(SHORT_DATE_FORMAT)

  55. 			longDate := date.Format(LONG_DATE_FORMAT)

  56. 			if len(headers[HEADER_HOST_CAMEL]) != 0 {

  57. 				index := strings.LastIndex(headers[HEADER_HOST_CAMEL][0], ":")

  58. 				if index != -1 {

  59. 					port := headers[HEADER_HOST_CAMEL][0][index+1:]

  60. 					if port == "80" || port == "443" {

  61. 						headers[HEADER_HOST_CAMEL] = []string{headers[HEADER_HOST_CAMEL][0][:index]}

  62. 					}

  63. 				}

  64. 

  65. 			}

  66. 

  67. 			signedHeaders, _headers := getSignedHeaders(headers)

  68. 

  69. 			credential, scope := getCredential(obsClient.conf.securityProvider.ak, obsClient.conf.region, shortDate)

  70. 			params[PARAM_ALGORITHM_AMZ_CAMEL] = V4_HASH_PREFIX

  71. 			params[PARAM_CREDENTIAL_AMZ_CAMEL] = credential

  72. 			params[PARAM_DATE_AMZ_CAMEL] = longDate

  73. 			params[PARAM_EXPIRES_AMZ_CAMEL] = Int64ToString(expires)

  74. 			params[PARAM_SIGNEDHEADERS_AMZ_CAMEL] = strings.Join(signedHeaders, ";")

  75. 

  76. 			requestURL, canonicalizedURL = obsClient.conf.formatUrls(bucketName, objectKey, params, true)

  77. 			parsedRequestURL, _err := url.Parse(requestURL)

  78. 			if _err != nil {

  79. 				return "", _err

  80. 			}

  81. 

  82. 			stringToSign := getV4StringToSign(method, canonicalizedURL, parsedRequestURL.RawQuery, scope, longDate, UNSIGNED_PAYLOAD, signedHeaders, _headers)

  83. 			signature := getSignature(stringToSign, obsClient.conf.securityProvider.sk, obsClient.conf.region, shortDate)

  84. 

  85. 			requestURL += fmt.Sprintf("&%s=%s", PARAM_SIGNATURE_AMZ_CAMEL, UrlEncode(signature, false))

  86. 

  87. 		} else {

  88. 			originDate := headers[HEADER_DATE_CAMEL][0]

  89. 			date, parseDateErr := time.Parse(RFC1123_FORMAT, originDate)

  90. 			if parseDateErr != nil {

  91. 				doLog(LEVEL_WARN, "Failed to parse date with reason: %v", parseDateErr)

  92. 				return "", parseDateErr

  93. 			}

  94. 			expires += date.Unix()

  95. 			headers[HEADER_DATE_CAMEL] = []string{Int64ToString(expires)}

  96. 

  97. 			stringToSign := getV2StringToSign(method, canonicalizedURL, headers, obsClient.conf.signature == SignatureObs)

  98. 			signature := UrlEncode(Base64Encode(HmacSha1([]byte(obsClient.conf.securityProvider.sk), []byte(stringToSign))), false)

  99. 			if strings.Index(requestURL, "?") < 0 {

  100. 				requestURL += "?"

  101. 			} else {

  102. 				requestURL += "&"

  103. 			}

  104. 			delete(headers, HEADER_DATE_CAMEL)

  105. 

  106. 			if obsClient.conf.signature != SignatureObs {

  107. 				requestURL += "AWS"

  108. 			}

  109. 			requestURL += fmt.Sprintf("AccessKeyId=%s&Expires=%d&Signature=%s", UrlEncode(obsClient.conf.securityProvider.ak, false), expires, signature)

  110. 		}

  111. 	}

  112. 

  113. 	return

  114. }

  115. 

  116. func (obsClient ObsClient) doAuth(method, bucketName, objectKey string, params map[string]string,

  117. 	headers map[string][]string, hostName string) (requestURL string, err error) {

  118. 	isAkSkEmpty := obsClient.conf.securityProvider == nil || obsClient.conf.securityProvider.ak == "" || obsClient.conf.securityProvider.sk == ""

  119. 	if isAkSkEmpty == false && obsClient.conf.securityProvider.securityToken != "" {

  120. 		if obsClient.conf.signature == SignatureObs {

  121. 			headers[HEADER_STS_TOKEN_OBS] = []string{obsClient.conf.securityProvider.securityToken}

  122. 		} else {

  123. 			headers[HEADER_STS_TOKEN_AMZ] = []string{obsClient.conf.securityProvider.securityToken}

  124. 		}

  125. 	}

  126. 	isObs := obsClient.conf.signature == SignatureObs

  127. 	requestURL, canonicalizedURL := obsClient.conf.formatUrls(bucketName, objectKey, params, true)

  128. 	parsedRequestURL, err := url.Parse(requestURL)

  129. 	if err != nil {

  130. 		return "", err

  131. 	}

  132. 	encodeHeaders(headers)

  133. 

  134. 	if hostName == "" {

  135. 		hostName = parsedRequestURL.Host

  136. 	}

  137. 

  138. 	isV4 := obsClient.conf.signature == SignatureV4

  139. 	prepareHostAndDate(headers, hostName, isV4)

  140. 

  141. 	if isAkSkEmpty {

  142. 		doLog(LEVEL_WARN, "No ak/sk provided, skip to construct authorization")

  143. 	} else {

  144. 		ak := obsClient.conf.securityProvider.ak

  145. 		sk := obsClient.conf.securityProvider.sk

  146. 		var authorization string

  147. 		if isV4 {

  148. 			headers[HEADER_CONTENT_SHA256_AMZ] = []string{UNSIGNED_PAYLOAD}

  149. 			ret := v4Auth(ak, sk, obsClient.conf.region, method, canonicalizedURL, parsedRequestURL.RawQuery, headers)

  150. 			authorization = fmt.Sprintf("%s Credential=%s,SignedHeaders=%s,Signature=%s", V4_HASH_PREFIX, ret["Credential"], ret["SignedHeaders"], ret["Signature"])

  151. 		} else {

  152. 			ret := v2Auth(ak, sk, method, canonicalizedURL, headers, isObs)

  153. 			hashPrefix := V2_HASH_PREFIX

  154. 			if isObs {

  155. 				hashPrefix = OBS_HASH_PREFIX

  156. 			}

  157. 			authorization = fmt.Sprintf("%s %s:%s", hashPrefix, ak, ret["Signature"])

  158. 		}

  159. 		headers[HEADER_AUTH_CAMEL] = []string{authorization}

  160. 	}

  161. 	return

  162. }

  163. 

  164. func prepareHostAndDate(headers map[string][]string, hostName string, isV4 bool) {

  165. 	headers[HEADER_HOST_CAMEL] = []string{hostName}

  166. 	if date, ok := headers[HEADER_DATE_AMZ]; ok {

  167. 		flag := false

  168. 		if len(date) == 1 {

  169. 			if isV4 {

  170. 				if t, err := time.Parse(LONG_DATE_FORMAT, date[0]); err == nil {

  171. 					headers[HEADER_DATE_CAMEL] = []string{FormatUtcToRfc1123(t)}

  172. 					flag = true

  173. 				}

  174. 			} else {

  175. 				if strings.HasSuffix(date[0], "GMT") {

  176. 					headers[HEADER_DATE_CAMEL] = []string{date[0]}

  177. 					flag = true

  178. 				}

  179. 			}

  180. 		}

  181. 		if !flag {

  182. 			delete(headers, HEADER_DATE_AMZ)

  183. 		}

  184. 	}

  185. 	if _, ok := headers[HEADER_DATE_CAMEL]; !ok {

  186. 		headers[HEADER_DATE_CAMEL] = []string{FormatUtcToRfc1123(time.Now().UTC())}

  187. 	}

  188. }

  189. 

  190. func encodeHeaders(headers map[string][]string) {

  191. 	for key, values := range headers {

  192. 		for index, value := range values {

  193. 			values[index] = UrlEncode(value, true)

  194. 		}

  195. 		headers[key] = values

  196. 	}

  197. }

  198. 

  199. func attachHeaders(headers map[string][]string, isObs bool) string {

  200. 	length := len(headers)

  201. 	_headers := make(map[string][]string, length)

  202. 	keys := make([]string, 0, length)

  203. 

  204. 	for key, value := range headers {

  205. 		_key := strings.ToLower(strings.TrimSpace(key))

  206. 		if _key != "" {

  207. 			prefixheader := HEADER_PREFIX

  208. 			if isObs {

  209. 				prefixheader = HEADER_PREFIX_OBS

  210. 			}

  211. 			if _key == "content-md5" || _key == "content-type" || _key == "date" || strings.HasPrefix(_key, prefixheader) {

  212. 				keys = append(keys, _key)

  213. 				_headers[_key] = value

  214. 			}

  215. 		} else {

  216. 			delete(headers, key)

  217. 		}

  218. 	}

  219. 

  220. 	for _, interestedHeader := range interestedHeaders {

  221. 		if _, ok := _headers[interestedHeader]; !ok {

  222. 			_headers[interestedHeader] = []string{""}

  223. 			keys = append(keys, interestedHeader)

  224. 		}

  225. 	}

  226. 	dateCamelHeader := PARAM_DATE_AMZ_CAMEL

  227. 	dataHeader := HEADER_DATE_AMZ

  228. 	if isObs {

  229. 		dateCamelHeader = PARAM_DATE_OBS_CAMEL

  230. 		dataHeader = HEADER_DATE_OBS

  231. 	}

  232. 	if _, ok := _headers[HEADER_DATE_CAMEL]; ok {

  233. 		if _, ok := _headers[dataHeader]; ok {

  234. 			_headers[HEADER_DATE_CAMEL] = []string{""}

  235. 		} else if _, ok := headers[dateCamelHeader]; ok {

  236. 			_headers[HEADER_DATE_CAMEL] = []string{""}

  237. 		}

  238. 	} else if _, ok := _headers[strings.ToLower(HEADER_DATE_CAMEL)]; ok {

  239. 		if _, ok := _headers[dataHeader]; ok {

  240. 			_headers[HEADER_DATE_CAMEL] = []string{""}

  241. 		} else if _, ok := headers[dateCamelHeader]; ok {

  242. 			_headers[HEADER_DATE_CAMEL] = []string{""}

  243. 		}

  244. 	}

  245. 

  246. 	sort.Strings(keys)

  247. 

  248. 	stringToSign := make([]string, 0, len(keys))

  249. 	for _, key := range keys {

  250. 		var value string

  251. 		prefixHeader := HEADER_PREFIX

  252. 		prefixMetaHeader := HEADER_PREFIX_META

  253. 		if isObs {

  254. 			prefixHeader = HEADER_PREFIX_OBS

  255. 			prefixMetaHeader = HEADER_PREFIX_META_OBS

  256. 		}

  257. 		if strings.HasPrefix(key, prefixHeader) {

  258. 			if strings.HasPrefix(key, prefixMetaHeader) {

  259. 				for index, v := range _headers[key] {

  260. 					value += strings.TrimSpace(v)

  261. 					if index != len(_headers[key])-1 {

  262. 						value += ","

  263. 					}

  264. 				}

  265. 			} else {

  266. 				value = strings.Join(_headers[key], ",")

  267. 			}

  268. 			value = fmt.Sprintf("%s:%s", key, value)

  269. 		} else {

  270. 			value = strings.Join(_headers[key], ",")

  271. 		}

  272. 		stringToSign = append(stringToSign, value)

  273. 	}

  274. 	return strings.Join(stringToSign, "\n")

  275. }

  276. 

  277. func getV2StringToSign(method, canonicalizedURL string, headers map[string][]string, isObs bool) string {

  278. 	stringToSign := strings.Join([]string{method, "\n", attachHeaders(headers, isObs), "\n", canonicalizedURL}, "")

  279. 

  280. 	var isSecurityToken bool

  281. 	var securityToken []string

  282. 	if isObs {

  283. 		securityToken, isSecurityToken = headers[HEADER_STS_TOKEN_OBS]

  284. 	} else {

  285. 		securityToken, isSecurityToken = headers[HEADER_STS_TOKEN_AMZ]

  286. 	}

  287. 	var query []string

  288. 	if !isSecurityToken {

  289. 		parmas := strings.Split(canonicalizedURL, "?")

  290. 		if len(parmas) > 1 {

  291. 			query = strings.Split(parmas[1], "&")

  292. 			for _, value := range query {

  293. 				if strings.HasPrefix(value, HEADER_STS_TOKEN_AMZ+"=") || strings.HasPrefix(value, HEADER_STS_TOKEN_OBS+"=") {

  294. 					if value[len(HEADER_STS_TOKEN_AMZ)+1:] != "" {

  295. 						securityToken = []string{value[len(HEADER_STS_TOKEN_AMZ)+1:]}

  296. 						isSecurityToken = true

  297. 					}

  298. 				}

  299. 			}

  300. 		}

  301. 	}

  302. 	logStringToSign := stringToSign

  303. 	if isSecurityToken && len(securityToken) > 0 {

  304. 		logStringToSign = strings.Replace(logStringToSign, securityToken[0], "******", -1)

  305. 	}

  306. 	doLog(LEVEL_DEBUG, "The v2 auth stringToSign:\n%s", logStringToSign)

  307. 	return stringToSign

  308. }

  309. 

  310. func v2Auth(ak, sk, method, canonicalizedURL string, headers map[string][]string, isObs bool) map[string]string {

  311. 	stringToSign := getV2StringToSign(method, canonicalizedURL, headers, isObs)

  312. 	return map[string]string{"Signature": Base64Encode(HmacSha1([]byte(sk), []byte(stringToSign)))}

  313. }

  314. 

  315. func getScope(region, shortDate string) string {

  316. 	return fmt.Sprintf("%s/%s/%s/%s", shortDate, region, V4_SERVICE_NAME, V4_SERVICE_SUFFIX)

  317. }

  318. 

  319. func getCredential(ak, region, shortDate string) (string, string) {

  320. 	scope := getScope(region, shortDate)

  321. 	return fmt.Sprintf("%s/%s", ak, scope), scope

  322. }

  323. 

  324. func getV4StringToSign(method, canonicalizedURL, queryURL, scope, longDate, payload string, signedHeaders []string, headers map[string][]string) string {

  325. 	canonicalRequest := make([]string, 0, 10+len(signedHeaders)*4)

  326. 	canonicalRequest = append(canonicalRequest, method)

  327. 	canonicalRequest = append(canonicalRequest, "\n")

  328. 	canonicalRequest = append(canonicalRequest, canonicalizedURL)

  329. 	canonicalRequest = append(canonicalRequest, "\n")

  330. 	canonicalRequest = append(canonicalRequest, queryURL)

  331. 	canonicalRequest = append(canonicalRequest, "\n")

  332. 

  333. 	for _, signedHeader := range signedHeaders {

  334. 		values, _ := headers[signedHeader]

  335. 		for _, value := range values {

  336. 			canonicalRequest = append(canonicalRequest, signedHeader)

  337. 			canonicalRequest = append(canonicalRequest, ":")

  338. 			canonicalRequest = append(canonicalRequest, value)

  339. 			canonicalRequest = append(canonicalRequest, "\n")

  340. 		}

  341. 	}

  342. 	canonicalRequest = append(canonicalRequest, "\n")

  343. 	canonicalRequest = append(canonicalRequest, strings.Join(signedHeaders, ";"))

  344. 	canonicalRequest = append(canonicalRequest, "\n")

  345. 	canonicalRequest = append(canonicalRequest, payload)

  346. 

  347. 	_canonicalRequest := strings.Join(canonicalRequest, "")

  348. 

  349. 	var isSecurityToken bool

  350. 	var securityToken []string

  351. 	if securityToken, isSecurityToken = headers[HEADER_STS_TOKEN_OBS]; !isSecurityToken {

  352. 		securityToken, isSecurityToken = headers[HEADER_STS_TOKEN_AMZ]

  353. 	}

  354. 	var query []string

  355. 	if !isSecurityToken {

  356. 		query = strings.Split(queryURL, "&")

  357. 		for _, value := range query {

  358. 			if strings.HasPrefix(value, HEADER_STS_TOKEN_AMZ+"=") || strings.HasPrefix(value, HEADER_STS_TOKEN_OBS+"=") {

  359. 				if value[len(HEADER_STS_TOKEN_AMZ)+1:] != "" {

  360. 					securityToken = []string{value[len(HEADER_STS_TOKEN_AMZ)+1:]}

  361. 					isSecurityToken = true

  362. 				}

  363. 			}

  364. 		}

  365. 	}

  366. 	logCanonicalRequest := _canonicalRequest

  367. 	if isSecurityToken && len(securityToken) > 0 {

  368. 		logCanonicalRequest = strings.Replace(logCanonicalRequest, securityToken[0], "******", -1)

  369. 	}

  370. 	doLog(LEVEL_DEBUG, "The v4 auth canonicalRequest:\n%s", logCanonicalRequest)

  371. 

  372. 	stringToSign := make([]string, 0, 7)

  373. 	stringToSign = append(stringToSign, V4_HASH_PREFIX)

  374. 	stringToSign = append(stringToSign, "\n")

  375. 	stringToSign = append(stringToSign, longDate)

  376. 	stringToSign = append(stringToSign, "\n")

  377. 	stringToSign = append(stringToSign, scope)

  378. 	stringToSign = append(stringToSign, "\n")

  379. 	stringToSign = append(stringToSign, HexSha256([]byte(_canonicalRequest)))

  380. 

  381. 	_stringToSign := strings.Join(stringToSign, "")

  382. 

  383. 	doLog(LEVEL_DEBUG, "The v4 auth stringToSign:\n%s", _stringToSign)

  384. 	return _stringToSign

  385. }

  386. 

  387. func getSignedHeaders(headers map[string][]string) ([]string, map[string][]string) {

  388. 	length := len(headers)

  389. 	_headers := make(map[string][]string, length)

  390. 	signedHeaders := make([]string, 0, length)

  391. 	for key, value := range headers {

  392. 		_key := strings.ToLower(strings.TrimSpace(key))

  393. 		if _key != "" {

  394. 			signedHeaders = append(signedHeaders, _key)

  395. 			_headers[_key] = value

  396. 		} else {

  397. 			delete(headers, key)

  398. 		}

  399. 	}

  400. 	sort.Strings(signedHeaders)

  401. 	return signedHeaders, _headers

  402. }

  403. 

  404. func getSignature(stringToSign, sk, region, shortDate string) string {

  405. 	key := HmacSha256([]byte(V4_HASH_PRE+sk), []byte(shortDate))

  406. 	key = HmacSha256(key, []byte(region))

  407. 	key = HmacSha256(key, []byte(V4_SERVICE_NAME))

  408. 	key = HmacSha256(key, []byte(V4_SERVICE_SUFFIX))

  409. 	return Hex(HmacSha256(key, []byte(stringToSign)))

  410. }

  411. 

  412. // V4Auth is a wrapper for v4Auth

  413. func V4Auth(ak, sk, region, method, canonicalizedURL, queryURL string, headers map[string][]string) map[string]string {

  414. 	return v4Auth(ak, sk, region, method, canonicalizedURL, queryURL, headers)

  415. }

  416. 

  417. func v4Auth(ak, sk, region, method, canonicalizedURL, queryURL string, headers map[string][]string) map[string]string {

  418. 	var t time.Time

  419. 	if val, ok := headers[HEADER_DATE_AMZ]; ok {

  420. 		var err error

  421. 		t, err = time.Parse(LONG_DATE_FORMAT, val[0])

  422. 		if err != nil {

  423. 			t = time.Now().UTC()

  424. 		}

  425. 	} else if val, ok := headers[PARAM_DATE_AMZ_CAMEL]; ok {

  426. 		var err error

  427. 		t, err = time.Parse(LONG_DATE_FORMAT, val[0])

  428. 		if err != nil {

  429. 			t = time.Now().UTC()

  430. 		}

  431. 	} else if val, ok := headers[HEADER_DATE_CAMEL]; ok {

  432. 		var err error

  433. 		t, err = time.Parse(RFC1123_FORMAT, val[0])

  434. 		if err != nil {

  435. 			t = time.Now().UTC()

  436. 		}

  437. 	} else if val, ok := headers[strings.ToLower(HEADER_DATE_CAMEL)]; ok {

  438. 		var err error

  439. 		t, err = time.Parse(RFC1123_FORMAT, val[0])

  440. 		if err != nil {

  441. 			t = time.Now().UTC()

  442. 		}

  443. 	} else {

  444. 		t = time.Now().UTC()

  445. 	}

  446. 	shortDate := t.Format(SHORT_DATE_FORMAT)

  447. 	longDate := t.Format(LONG_DATE_FORMAT)

  448. 

  449. 	signedHeaders, _headers := getSignedHeaders(headers)

  450. 

  451. 	credential, scope := getCredential(ak, region, shortDate)

  452. 

  453. 	payload := UNSIGNED_PAYLOAD

  454. 	if val, ok := headers[HEADER_CONTENT_SHA256_AMZ]; ok {

  455. 		payload = val[0]

  456. 	}

  457. 	stringToSign := getV4StringToSign(method, canonicalizedURL, queryURL, scope, longDate, payload, signedHeaders, _headers)

  458. 

  459. 	signature := getSignature(stringToSign, sk, region, shortDate)

  460. 

  461. 	ret := make(map[string]string, 3)

  462. 	ret["Credential"] = credential

  463. 	ret["SignedHeaders"] = strings.Join(signedHeaders, ";")

  464. 	ret["Signature"] = signature

  465. 	return ret

  466. }

No Description