alamb commented on code in PR #4237:
URL: https://github.com/apache/arrow-rs/pull/4237#discussion_r1197007784
##########
object_store/src/aws/credential.rs:
##########
@@ -85,47 +90,82 @@ const HASH_HEADER: &str = "x-amz-content-sha256";
const TOKEN_HEADER: &str = "x-amz-security-token";
const AUTH_HEADER: &str = "authorization";
-impl<'a> RequestSigner<'a> {
- fn sign(&self, request: &mut Request, pre_calculated_digest:
Option<Vec<u8>>) {
+impl<'a> AwsAuthorizer<'a> {
+ /// Create a new [`AwsAuthorizer`]
+ pub fn new(credential: &'a AwsCredential, service: &'a str, region: &'a
str) -> Self {
+ Self {
+ credential,
+ service,
+ region,
+ date: None,
+ sign_payload: true,
+ }
+ }
+
+ /// Controls whether this [`AwsAuthorizer`] will attempt to sign the
request payload
+ pub fn with_sign_payload(mut self, signed: bool) -> Self {
+ self.sign_payload = signed;
+ self
+ }
+
+ /// Authorize `request` with an optional pre-calculated SHA256 digest
+ ///
+ /// # Signature
+ ///
+ /// AWS SigV4 requests must contain the `x-amz-content-sha256` header, it
is set as follows:
+ ///
+ /// If not configured to sign payloads, it is set to `UNSIGNED-PAYLOAD`
+ /// If a `pre_calculated_digest` is `Some`, it is set to the hex encoding
of it
+ /// If it is a streaming request, it is set to
`STREAMING-AWS4-HMAC-SHA256-PAYLOAD`
+ /// Otherwise it is set to the hex encoded SHA256 of the request body
+ pub fn authorize(&self, request: &mut Request, pre_calculated_digest:
Option<&[u8]>) {
Review Comment:
Seems fine to me at this point
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
