build works, c_allocator no longer required
This commit is contained in:
parent
042dfad64b
commit
a5b78384f5
|
@ -1,6 +1,6 @@
|
||||||
const std = @import("std");
|
const std = @import("std");
|
||||||
|
|
||||||
const awshttp = @import("awshttp.zig");
|
const awshttp = @import("aws_http.zig");
|
||||||
const json = @import("json.zig");
|
const json = @import("json.zig");
|
||||||
const url = @import("url.zig");
|
const url = @import("url.zig");
|
||||||
const case = @import("case.zig");
|
const case = @import("case.zig");
|
||||||
|
|
6
src/aws_authentication.zig
Normal file
6
src/aws_authentication.zig
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
pub const Credentials = struct {
|
||||||
|
access_key: []const u8,
|
||||||
|
secret_key: []const u8,
|
||||||
|
session_token: ?[]const u8,
|
||||||
|
// uint64_t expiration_timepoint_seconds);
|
||||||
|
};
|
23
src/aws_credentials.zig
Normal file
23
src/aws_credentials.zig
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
//! Implements the standard credential chain:
|
||||||
|
//! 1. Environment variables
|
||||||
|
//! 2. Web identity token from STS
|
||||||
|
//! 3. Credentials/config files
|
||||||
|
//! 4. ECS Container credentials, using AWS_CONTAINER_CREDENTIALS_RELATIVE_URI
|
||||||
|
//! 5. EC2 instance profile credentials
|
||||||
|
const std = @import("std");
|
||||||
|
const auth = @import("aws_authentication.zig");
|
||||||
|
|
||||||
|
pub fn getCredentials(allocator: std.mem.Allocator) !auth.Credentials {
|
||||||
|
_ = allocator;
|
||||||
|
if (getEnvironmentCredentials()) |cred| return cred;
|
||||||
|
// TODO: 2-5
|
||||||
|
return error.NotImplemented;
|
||||||
|
}
|
||||||
|
|
||||||
|
fn getEnvironmentCredentials() ?auth.Credentials {
|
||||||
|
return auth.Credentials{
|
||||||
|
.access_key = std.os.getenv("AWS_ACCESS_KEY_ID") orelse return null,
|
||||||
|
.secret_key = std.os.getenv("AWS_SECRET_ACCESS_KEY") orelse return null,
|
||||||
|
.session_token = std.os.getenv("AWS_SESSION_TOKEN"),
|
||||||
|
};
|
||||||
|
}
|
295
src/aws_http.zig
295
src/aws_http.zig
|
@ -8,13 +8,17 @@
|
||||||
//! const result = client.callApi (or client.makeRequest)
|
//! const result = client.callApi (or client.makeRequest)
|
||||||
//! defer result.deinit();
|
//! defer result.deinit();
|
||||||
const std = @import("std");
|
const std = @import("std");
|
||||||
|
const base = @import("aws_http_base.zig");
|
||||||
|
const signing = @import("aws_signing.zig");
|
||||||
|
const credentials = @import("aws_credentials.zig");
|
||||||
|
const zfetch = @import("zfetch");
|
||||||
|
|
||||||
const CN_NORTH_1_HASH = std.hash_map.hashString("cn-north-1");
|
const CN_NORTH_1_HASH = std.hash_map.hashString("cn-north-1");
|
||||||
const CN_NORTHWEST_1_HASH = std.hash_map.hashString("cn-northwest-1");
|
const CN_NORTHWEST_1_HASH = std.hash_map.hashString("cn-northwest-1");
|
||||||
const US_ISO_EAST_1_HASH = std.hash_map.hashString("us-iso-east-1");
|
const US_ISO_EAST_1_HASH = std.hash_map.hashString("us-iso-east-1");
|
||||||
const US_ISOB_EAST_1_HASH = std.hash_map.hashString("us-isob-east-1");
|
const US_ISOB_EAST_1_HASH = std.hash_map.hashString("us-isob-east-1");
|
||||||
|
|
||||||
const httplog = std.log.scoped(.awshttp);
|
const log = std.log.scoped(.awshttp);
|
||||||
|
|
||||||
pub const AwsError = error{
|
pub const AwsError = error{
|
||||||
AddHeaderError,
|
AddHeaderError,
|
||||||
|
@ -38,41 +42,9 @@ pub const Options = struct {
|
||||||
sigv4_service_name: ?[]const u8 = null,
|
sigv4_service_name: ?[]const u8 = null,
|
||||||
};
|
};
|
||||||
|
|
||||||
const SigningOptions = struct {
|
pub const Header = base.Header;
|
||||||
region: []const u8 = "aws-global",
|
pub const HttpRequest = base.Request;
|
||||||
service: []const u8,
|
pub const HttpResult = base.Result;
|
||||||
};
|
|
||||||
|
|
||||||
pub const HttpRequest = struct {
|
|
||||||
path: []const u8 = "/",
|
|
||||||
query: []const u8 = "",
|
|
||||||
body: []const u8 = "",
|
|
||||||
method: []const u8 = "POST",
|
|
||||||
content_type: []const u8 = "application/json", // Can we get away with this?
|
|
||||||
headers: []Header = &[_]Header{},
|
|
||||||
};
|
|
||||||
pub const HttpResult = struct {
|
|
||||||
response_code: u16, // actually 3 digits can fit in u10
|
|
||||||
body: []const u8,
|
|
||||||
headers: []Header,
|
|
||||||
allocator: std.mem.Allocator,
|
|
||||||
|
|
||||||
pub fn deinit(self: HttpResult) void {
|
|
||||||
self.allocator.free(self.body);
|
|
||||||
for (self.headers) |h| {
|
|
||||||
self.allocator.free(h.name);
|
|
||||||
self.allocator.free(h.value);
|
|
||||||
}
|
|
||||||
self.allocator.free(self.headers);
|
|
||||||
httplog.debug("http result deinit complete", .{});
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
pub const Header = struct {
|
|
||||||
name: []const u8,
|
|
||||||
value: []const u8,
|
|
||||||
};
|
|
||||||
|
|
||||||
const EndPoint = struct {
|
const EndPoint = struct {
|
||||||
uri: []const u8,
|
uri: []const u8,
|
||||||
|
@ -99,7 +71,8 @@ pub const AwsHttp = struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn deinit(self: *AwsHttp) void {
|
pub fn deinit(self: *AwsHttp) void {
|
||||||
httplog.debug("Deinit complete", .{});
|
_ = self;
|
||||||
|
log.debug("Deinit complete", .{});
|
||||||
}
|
}
|
||||||
|
|
||||||
/// callApi allows the calling of AWS APIs through a higher-level interface.
|
/// callApi allows the calling of AWS APIs through a higher-level interface.
|
||||||
|
@ -109,12 +82,15 @@ pub const AwsHttp = struct {
|
||||||
pub fn callApi(self: Self, service: []const u8, request: HttpRequest, options: Options) !HttpResult {
|
pub fn callApi(self: Self, service: []const u8, request: HttpRequest, options: Options) !HttpResult {
|
||||||
const endpoint = try regionSubDomain(self.allocator, service, options.region, options.dualstack);
|
const endpoint = try regionSubDomain(self.allocator, service, options.region, options.dualstack);
|
||||||
defer endpoint.deinit();
|
defer endpoint.deinit();
|
||||||
httplog.debug("Calling endpoint {s}", .{endpoint.uri});
|
log.debug("Calling endpoint {s}", .{endpoint.uri});
|
||||||
const signing_options: SigningOptions = .{
|
const creds = try credentials.getCredentials(self.allocator);
|
||||||
|
// defer allocator.free(), except sometimes we don't need freeing...
|
||||||
|
const signing_config: signing.Config = .{
|
||||||
.region = options.region,
|
.region = options.region,
|
||||||
.service = if (options.sigv4_service_name) |name| name else service,
|
.service = options.sigv4_service_name orelse service,
|
||||||
|
.credentials = creds,
|
||||||
};
|
};
|
||||||
return try self.makeRequest(endpoint, request, signing_options);
|
return try self.makeRequest(endpoint, request, signing_config);
|
||||||
}
|
}
|
||||||
|
|
||||||
/// makeRequest is a low level http/https function that can be used inside
|
/// makeRequest is a low level http/https function that can be used inside
|
||||||
|
@ -135,76 +111,70 @@ pub const AwsHttp = struct {
|
||||||
/// Return value is an HttpResult, which will need the caller to deinit().
|
/// Return value is an HttpResult, which will need the caller to deinit().
|
||||||
/// HttpResult currently contains the body only. The addition of Headers
|
/// HttpResult currently contains the body only. The addition of Headers
|
||||||
/// and return code would be a relatively minor change
|
/// and return code would be a relatively minor change
|
||||||
pub fn makeRequest(self: Self, endpoint: EndPoint, request: HttpRequest, signing_options: ?SigningOptions) !HttpResult {
|
pub fn makeRequest(self: Self, endpoint: EndPoint, request: HttpRequest, signing_config: ?signing.Config) !HttpResult {
|
||||||
httplog.debug("Path: {s}", .{request.path});
|
log.debug("Path: {s}", .{request.path});
|
||||||
httplog.debug("Query: {s}", .{request.query});
|
log.debug("Query: {s}", .{request.query});
|
||||||
httplog.debug("Method: {s}", .{request.method});
|
log.debug("Method: {s}", .{request.method});
|
||||||
httplog.debug("body length: {d}", .{request.body.len});
|
log.debug("body length: {d}", .{request.body.len});
|
||||||
httplog.debug("Body\n====\n{s}\n====", .{request.body});
|
log.debug("Body\n====\n{s}\n====", .{request.body});
|
||||||
// End CreateRequest. This should return a struct with a deinit function that can do
|
// End CreateRequest. This should return a struct with a deinit function that can do
|
||||||
// destroys, etc
|
// destroys, etc
|
||||||
|
|
||||||
var context = RequestContext{
|
// TODO: Add headers
|
||||||
.allocator = self.allocator,
|
_ = endpoint;
|
||||||
};
|
//try self.addHeaders(endpoint.host, request.body, request.content_type, request.headers);
|
||||||
try self.addHeaders(http_request.?, host, request.body, request.content_type, request.headers);
|
if (signing_config) |opts| try signing.signRequest(self.allocator, request, opts);
|
||||||
if (signing_options) |opts| try self.signRequest(http_request.?, opts);
|
|
||||||
|
|
||||||
// TODO: make req
|
// TODO: make req
|
||||||
// TODO: Timeout
|
try zfetch.init(); // This only does anything on Windows. Not sure how performant it is to do this on every request
|
||||||
httplog.debug("request_complete. Response code {d}", .{context.response_code.?});
|
defer zfetch.deinit();
|
||||||
httplog.debug("headers:", .{});
|
var headers = zfetch.Headers.init(self.allocator);
|
||||||
for (context.headers.?.items) |h| {
|
defer headers.deinit();
|
||||||
httplog.debug(" {s}: {s}", .{ h.name, h.value });
|
for (request.headers) |header|
|
||||||
|
try headers.appendValue(header.name, header.value);
|
||||||
|
|
||||||
|
// TODO: Construct URL with endpoint and request info
|
||||||
|
var req = try zfetch.Request.init(self.allocator, "https://www.lerch.org", null);
|
||||||
|
|
||||||
|
// TODO: http method as requested
|
||||||
|
// TODO: payload
|
||||||
|
try req.do(.GET, headers, null);
|
||||||
|
|
||||||
|
// TODO: Timeout - is this now above us?
|
||||||
|
log.debug("request_complete. Response code {d}: {s}", .{ req.status.code, req.status.reason });
|
||||||
|
log.debug("headers:", .{});
|
||||||
|
var resp_headers = try std.ArrayList(Header).initCapacity(self.allocator, req.headers.list.items.len);
|
||||||
|
for (req.headers.list.items) |h| {
|
||||||
|
log.debug(" {s}: {s}", .{ h.name, h.value });
|
||||||
|
resp_headers.appendAssumeCapacity(.{ .name = h.name, .value = h.value });
|
||||||
}
|
}
|
||||||
httplog.debug("raw response body:\n{s}", .{context.body});
|
const reader = req.reader();
|
||||||
|
// TODO: Get content length and use that to allocate the buffer
|
||||||
|
var buf: [65535]u8 = undefined;
|
||||||
|
while (true) {
|
||||||
|
const read = try reader.read(&buf);
|
||||||
|
if (read == 0) break;
|
||||||
|
}
|
||||||
|
log.debug("raw response body:\n{s}", .{buf});
|
||||||
|
|
||||||
// Headers would need to be allocated/copied into HttpResult similar
|
// Headers would need to be allocated/copied into HttpResult similar
|
||||||
// to RequestContext, so we'll leave this as a later excercise
|
// to RequestContext, so we'll leave this as a later excercise
|
||||||
// if it becomes necessary
|
// if it becomes necessary
|
||||||
const rc = HttpResult{
|
const rc = HttpResult{
|
||||||
.response_code = context.response_code.?,
|
.response_code = req.status.code,
|
||||||
.body = final_body,
|
.body = "change me", // TODO: work this all out
|
||||||
.headers = context.headers.?.toOwnedSlice(),
|
.headers = resp_headers.toOwnedSlice(),
|
||||||
.allocator = self.allocator,
|
.allocator = self.allocator,
|
||||||
};
|
};
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
fn signRequest(self: Self, http_request: *c.aws_http_message, options: SigningOptions) !void {
|
fn addHeaders(self: Self, host: []const u8, body: []const u8, content_type: []const u8, additional_headers: []Header) !void {
|
||||||
const creds = try self.getCredentials();
|
_ = self;
|
||||||
httplog.debug("Signing with access key: {s}", .{c.aws_string_c_str(access_key)});
|
_ = host;
|
||||||
|
_ = body;
|
||||||
// const signing_region = try std.fmt.allocPrintZ(self.allocator, "{s}", .{options.region});
|
_ = content_type;
|
||||||
// defer self.allocator.free(signing_region);
|
_ = additional_headers;
|
||||||
// const signing_service = try std.fmt.allocPrintZ(self.allocator, "{s}", .{options.service});
|
|
||||||
// defer self.allocator.free(signing_service);
|
|
||||||
// const temp_signing_config = c.bitfield_workaround_aws_signing_config_aws{
|
|
||||||
// .algorithm = 0, // .AWS_SIGNING_ALGORITHM_V4, // https://github.com/awslabs/aws-c-auth/blob/ace1311f8ef6ea890b26dd376031bed2721648eb/include/aws/auth/signing_config.h#L38
|
|
||||||
// .config_type = 1, // .AWS_SIGNING_CONFIG_AWS, // https://github.com/awslabs/aws-c-auth/blob/ace1311f8ef6ea890b26dd376031bed2721648eb/include/aws/auth/signing_config.h#L24
|
|
||||||
// .signature_type = 0, // .AWS_ST_HTTP_REQUEST_HEADERS, // https://github.com/awslabs/aws-c-auth/blob/ace1311f8ef6ea890b26dd376031bed2721648eb/include/aws/auth/signing_config.h#L49
|
|
||||||
// .region = c.aws_byte_cursor_from_c_str(@ptrCast([*c]const u8, signing_region)),
|
|
||||||
// .service = c.aws_byte_cursor_from_c_str(@ptrCast([*c]const u8, signing_service)),
|
|
||||||
// .should_sign_header = null,
|
|
||||||
// .should_sign_header_ud = null,
|
|
||||||
// // TODO: S3 does not double uri encode. Also not sure why normalizing
|
|
||||||
// // the path here is a flag - seems like it should always do this?
|
|
||||||
// .flags = c.bitfield_workaround_aws_signing_config_aws_flags{
|
|
||||||
// .use_double_uri_encode = 1,
|
|
||||||
// .should_normalize_uri_path = 1,
|
|
||||||
// .omit_session_token = 1,
|
|
||||||
// },
|
|
||||||
// .signed_body_value = c.aws_byte_cursor_from_c_str(""),
|
|
||||||
// .signed_body_header = 1, // .AWS_SBHT_X_AMZ_CONTENT_SHA256, //or 0 = AWS_SBHT_NONE // https://github.com/awslabs/aws-c-auth/blob/ace1311f8ef6ea890b26dd376031bed2721648eb/include/aws/auth/signing_config.h#L131
|
|
||||||
// .credentials = creds,
|
|
||||||
// .credentials_provider = self.credentialsProvider,
|
|
||||||
// .expiration_in_seconds = 0,
|
|
||||||
// };
|
|
||||||
// return AwsError.SignableError;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
fn addHeaders(self: Self, request: *c.aws_http_message, host: []const u8, body: []const u8, content_type: []const u8, additional_headers: []Header) !void {
|
|
||||||
// const accept_header = c.aws_http_header{
|
// const accept_header = c.aws_http_header{
|
||||||
// .name = c.aws_byte_cursor_from_c_str("Accept"),
|
// .name = c.aws_byte_cursor_from_c_str("Accept"),
|
||||||
// .value = c.aws_byte_cursor_from_c_str("application/json"),
|
// .value = c.aws_byte_cursor_from_c_str("application/json"),
|
||||||
|
@ -225,52 +195,40 @@ pub const AwsHttp = struct {
|
||||||
|
|
||||||
// AWS *does* seem to care about Content-Type. I don't think this header
|
// AWS *does* seem to care about Content-Type. I don't think this header
|
||||||
// will hold for all APIs
|
// will hold for all APIs
|
||||||
const c_type = try std.fmt.allocPrintZ(self.allocator, "{s}", .{content_type});
|
// const c_type = try std.fmt.allocPrintZ(self.allocator, "{s}", .{content_type});
|
||||||
defer self.allocator.free(c_type);
|
// defer self.allocator.free(c_type);
|
||||||
const content_type_header = c.aws_http_header{
|
// const content_type_header = c.aws_http_header{
|
||||||
.name = c.aws_byte_cursor_from_c_str("Content-Type"),
|
// .name = c.aws_byte_cursor_from_c_str("Content-Type"),
|
||||||
.value = c.aws_byte_cursor_from_c_str(c_type),
|
// .value = c.aws_byte_cursor_from_c_str(c_type),
|
||||||
.compression = 0, // .AWS_HTTP_HEADER_COMPRESSION_USE_CACHE,
|
// .compression = 0, // .AWS_HTTP_HEADER_COMPRESSION_USE_CACHE,
|
||||||
};
|
// };
|
||||||
|
//
|
||||||
for (additional_headers) |h| {
|
// for (additional_headers) |h| {
|
||||||
const name = try std.fmt.allocPrintZ(self.allocator, "{s}", .{h.name});
|
// const name = try std.fmt.allocPrintZ(self.allocator, "{s}", .{h.name});
|
||||||
defer self.allocator.free(name);
|
// defer self.allocator.free(name);
|
||||||
const value = try std.fmt.allocPrintZ(self.allocator, "{s}", .{h.value});
|
// const value = try std.fmt.allocPrintZ(self.allocator, "{s}", .{h.value});
|
||||||
defer self.allocator.free(value);
|
// defer self.allocator.free(value);
|
||||||
const c_header = c.aws_http_header{
|
// const c_header = c.aws_http_header{
|
||||||
.name = c.aws_byte_cursor_from_c_str(name),
|
// .name = c.aws_byte_cursor_from_c_str(name),
|
||||||
.value = c.aws_byte_cursor_from_c_str(value),
|
// .value = c.aws_byte_cursor_from_c_str(value),
|
||||||
.compression = 0, // .AWS_HTTP_HEADER_COMPRESSION_USE_CACHE,
|
// .compression = 0, // .AWS_HTTP_HEADER_COMPRESSION_USE_CACHE,
|
||||||
};
|
// };
|
||||||
if (c.aws_http_message_add_header(request, c_header) != c.AWS_OP_SUCCESS)
|
// if (c.aws_http_message_add_header(request, c_header) != c.AWS_OP_SUCCESS)
|
||||||
return AwsError.AddHeaderError;
|
// return AwsError.AddHeaderError;
|
||||||
}
|
// }
|
||||||
|
//
|
||||||
if (body.len > 0) {
|
// if (body.len > 0) {
|
||||||
const len = try std.fmt.allocPrintZ(self.allocator, "{d}", .{body.len});
|
// const len = try std.fmt.allocPrintZ(self.allocator, "{d}", .{body.len});
|
||||||
// This defer seems to work ok, but I'm a bit concerned about why
|
// // This defer seems to work ok, but I'm a bit concerned about why
|
||||||
defer self.allocator.free(len);
|
// defer self.allocator.free(len);
|
||||||
const content_length_header = c.aws_http_header{
|
// const content_length_header = c.aws_http_header{
|
||||||
.name = c.aws_byte_cursor_from_c_str("Content-Length"),
|
// .name = c.aws_byte_cursor_from_c_str("Content-Length"),
|
||||||
.value = c.aws_byte_cursor_from_c_str(@ptrCast([*c]const u8, len)),
|
// .value = c.aws_byte_cursor_from_c_str(@ptrCast([*c]const u8, len)),
|
||||||
.compression = 0, // .AWS_HTTP_HEADER_COMPRESSION_USE_CACHE,
|
// .compression = 0, // .AWS_HTTP_HEADER_COMPRESSION_USE_CACHE,
|
||||||
};
|
// };
|
||||||
if (c.aws_http_message_add_header(request, content_length_header) != c.AWS_OP_SUCCESS)
|
// if (c.aws_http_message_add_header(request, content_length_header) != c.AWS_OP_SUCCESS)
|
||||||
return AwsError.AddHeaderError;
|
// return AwsError.AddHeaderError;
|
||||||
}
|
// }
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
fn getCredentials(self: Self) !*c.aws_credentials {
|
|
||||||
// const get_async_result =
|
|
||||||
_ = c.aws_credentials_provider_get_credentials(self.credentialsProvider, callback, &callback_results);
|
|
||||||
|
|
||||||
if (credential_result.error_code != c.AWS_ERROR_SUCCESS) {
|
|
||||||
httplog.err("Could not acquire credentials: {s}:{s}", .{ c.aws_error_name(credential_result.error_code), c.aws_error_str(credential_result.error_code) });
|
|
||||||
return AwsError.CredentialsError;
|
|
||||||
}
|
|
||||||
return credential_result.result orelse unreachable;
|
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -297,7 +255,7 @@ fn regionSubDomain(allocator: std.mem.Allocator, service: []const u8, region: []
|
||||||
|
|
||||||
const uri = try std.fmt.allocPrintZ(allocator, "https://{s}{s}.{s}.{s}", .{ service, dualstack, realregion, domain });
|
const uri = try std.fmt.allocPrintZ(allocator, "https://{s}{s}.{s}.{s}", .{ service, dualstack, realregion, domain });
|
||||||
const host = uri["https://".len..];
|
const host = uri["https://".len..];
|
||||||
httplog.debug("host: {s}, scheme: {s}, port: {}", .{ host, "https", 443 });
|
log.debug("host: {s}, scheme: {s}, port: {}", .{ host, "https", 443 });
|
||||||
return EndPoint{
|
return EndPoint{
|
||||||
.uri = uri,
|
.uri = uri,
|
||||||
.host = host,
|
.host = host,
|
||||||
|
@ -346,7 +304,7 @@ fn endPointFromUri(allocator: std.mem.Allocator, uri: []const u8) !EndPoint {
|
||||||
}
|
}
|
||||||
host = uri[host_start..host_end];
|
host = uri[host_start..host_end];
|
||||||
|
|
||||||
httplog.debug("host: {s}, scheme: {s}, port: {}", .{ host, scheme, port });
|
log.debug("host: {s}, scheme: {s}, port: {}", .{ host, scheme, port });
|
||||||
return EndPoint{
|
return EndPoint{
|
||||||
.uri = uri,
|
.uri = uri,
|
||||||
.host = host,
|
.host = host,
|
||||||
|
@ -355,54 +313,3 @@ fn endPointFromUri(allocator: std.mem.Allocator, uri: []const u8) !EndPoint {
|
||||||
.port = port,
|
.port = port,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
const RequestContext = struct {
|
|
||||||
connection: ?*c.aws_http_connection = null,
|
|
||||||
connection_complete: std.atomic.Atomic(bool) = std.atomic.Atomic(bool).init(false),
|
|
||||||
request_complete: std.atomic.Atomic(bool) = std.atomic.Atomic(bool).init(false),
|
|
||||||
return_error: ?AwsError = null,
|
|
||||||
allocator: std.mem.Allocator,
|
|
||||||
body: ?[]const u8 = null,
|
|
||||||
response_code: ?u16 = null,
|
|
||||||
headers: ?std.ArrayList(Header) = null,
|
|
||||||
|
|
||||||
const Self = @This();
|
|
||||||
|
|
||||||
pub fn deinit(self: Self) void {
|
|
||||||
// We're going to leave it to the caller to free the body
|
|
||||||
// if (self.body) |b| self.allocator.free(b);
|
|
||||||
if (self.headers) |hs| {
|
|
||||||
for (hs.items) |h| {
|
|
||||||
// deallocate the copied values
|
|
||||||
self.allocator.free(h.name);
|
|
||||||
self.allocator.free(h.value);
|
|
||||||
}
|
|
||||||
// deallocate the structure itself
|
|
||||||
hs.deinit();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn appendToBody(self: *Self, fragment: []const u8) !void {
|
|
||||||
var orig_body: []const u8 = "";
|
|
||||||
if (self.body) |b| {
|
|
||||||
orig_body = try self.allocator.dupe(u8, b);
|
|
||||||
self.allocator.free(b);
|
|
||||||
self.body = null;
|
|
||||||
}
|
|
||||||
defer self.allocator.free(orig_body);
|
|
||||||
self.body = try std.fmt.allocPrint(self.allocator, "{s}{s}", .{ orig_body, fragment });
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn addHeader(self: *Self, name: []const u8, value: []const u8) !void {
|
|
||||||
if (self.headers == null)
|
|
||||||
self.headers = std.ArrayList(Header).init(self.allocator);
|
|
||||||
|
|
||||||
const name_copy = try self.allocator.dupeZ(u8, name);
|
|
||||||
const value_copy = try self.allocator.dupeZ(u8, value);
|
|
||||||
|
|
||||||
try self.headers.?.append(.{
|
|
||||||
.name = name_copy,
|
|
||||||
.value = value_copy,
|
|
||||||
});
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
33
src/aws_http_base.zig
Normal file
33
src/aws_http_base.zig
Normal file
|
@ -0,0 +1,33 @@
|
||||||
|
//! This module provides base data structures for aws http requests
|
||||||
|
const std = @import("std");
|
||||||
|
const log = std.log.scoped(.aws_base);
|
||||||
|
pub const Request = struct {
|
||||||
|
path: []const u8 = "/",
|
||||||
|
query: []const u8 = "",
|
||||||
|
body: []const u8 = "",
|
||||||
|
method: []const u8 = "POST",
|
||||||
|
content_type: []const u8 = "application/json", // Can we get away with this?
|
||||||
|
headers: []Header = &[_]Header{},
|
||||||
|
};
|
||||||
|
pub const Result = struct {
|
||||||
|
response_code: u16, // actually 3 digits can fit in u10
|
||||||
|
body: []const u8,
|
||||||
|
headers: []Header,
|
||||||
|
allocator: std.mem.Allocator,
|
||||||
|
|
||||||
|
pub fn deinit(self: Result) void {
|
||||||
|
self.allocator.free(self.body);
|
||||||
|
for (self.headers) |h| {
|
||||||
|
self.allocator.free(h.name);
|
||||||
|
self.allocator.free(h.value);
|
||||||
|
}
|
||||||
|
self.allocator.free(self.headers);
|
||||||
|
log.debug("http result deinit complete", .{});
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
pub const Header = struct {
|
||||||
|
name: []const u8,
|
||||||
|
value: []const u8,
|
||||||
|
};
|
80
src/aws_signing.zig
Normal file
80
src/aws_signing.zig
Normal file
|
@ -0,0 +1,80 @@
|
||||||
|
const std = @import("std");
|
||||||
|
const base = @import("aws_http_base.zig");
|
||||||
|
const auth = @import("aws_authentication.zig");
|
||||||
|
|
||||||
|
const log = std.log.scoped(.aws_signing);
|
||||||
|
|
||||||
|
// see https://github.com/awslabs/aws-c-auth/blob/ace1311f8ef6ea890b26dd376031bed2721648eb/include/aws/auth/signing_config.h#L186-L207
|
||||||
|
const ConfigFlags = packed struct {
|
||||||
|
// We assume the uri will be encoded once in preparation for transmission. Certain services
|
||||||
|
// do not decode before checking signature, requiring us to actually double-encode the uri in the canonical
|
||||||
|
// request in order to pass a signature check.
|
||||||
|
|
||||||
|
use_double_uri_encode: bool = true,
|
||||||
|
|
||||||
|
// Controls whether or not the uri paths should be normalized when building the canonical request
|
||||||
|
should_normalize_uri_path: bool = true,
|
||||||
|
|
||||||
|
// Controls whether "X-Amz-Security-Token" is omitted from the canonical request.
|
||||||
|
// "X-Amz-Security-Token" is added during signing, as a header or
|
||||||
|
// query param, when credentials have a session token.
|
||||||
|
// If false (the default), this parameter is included in the canonical request.
|
||||||
|
// If true, this parameter is still added, but omitted from the canonical request.
|
||||||
|
omit_session_token: bool = true,
|
||||||
|
};
|
||||||
|
|
||||||
|
pub const Config = struct {
|
||||||
|
// These two should be all you need to set most of the time
|
||||||
|
service: []const u8,
|
||||||
|
credentials: auth.Credentials,
|
||||||
|
|
||||||
|
region: []const u8 = "aws-global",
|
||||||
|
// https://github.com/awslabs/aws-c-auth/blob/ace1311f8ef6ea890b26dd376031bed2721648eb/include/aws/auth/signing_config.h#L38
|
||||||
|
algorithm: enum { v4, v4a } = .v4,
|
||||||
|
// https://github.com/awslabs/aws-c-auth/blob/ace1311f8ef6ea890b26dd376031bed2721648eb/include/aws/auth/signing_config.h#L24
|
||||||
|
// config_type: ?? // CRT only has one value. We'll ignore for now
|
||||||
|
// https://github.com/awslabs/aws-c-auth/blob/ace1311f8ef6ea890b26dd376031bed2721648eb/include/aws/auth/signing_config.h#L49
|
||||||
|
signature_type: enum {
|
||||||
|
headers, // we only support this
|
||||||
|
query_params,
|
||||||
|
request_chunk,
|
||||||
|
request_event, // not implemented by CRT
|
||||||
|
canonical_request_headers,
|
||||||
|
canonical_request_query_params,
|
||||||
|
} = .headers,
|
||||||
|
signing_time: ?i64 = null, // Used for testing. If null, will use current time
|
||||||
|
|
||||||
|
// In the CRT, should_sign_header is a function to allow header filtering.
|
||||||
|
// The _ud would be a anyopaque user defined data for the function to use
|
||||||
|
// .should_sign_header = null,
|
||||||
|
// .should_sign_header_ud = null,
|
||||||
|
|
||||||
|
// In the CRT, this is only used if the body has been precalculated. We don't have
|
||||||
|
// this use case, and we'll ignore
|
||||||
|
// .signed_body_value = c.aws_byte_cursor_from_c_str(""),
|
||||||
|
signed_body_header: enum { sha256, none } = .sha256, // https://github.com/awslabs/aws-c-auth/blob/ace1311f8ef6ea890b26dd376031bed2721648eb/include/aws/auth/signing_config.h#L131
|
||||||
|
|
||||||
|
// This is more complex in the CRT. We'll just take the creds. Someone
|
||||||
|
// else can use a provider and get them in advance
|
||||||
|
// https://github.com/awslabs/aws-c-auth/blob/ace1311f8ef6ea890b26dd376031bed2721648eb/include/aws/auth/signing_config.h#L225-L251
|
||||||
|
// If non-zero and the signing transform is query param, then signing will add X-Amz-Expires to the query
|
||||||
|
// string, equal to the value specified here. If this value is zero or if header signing is being used then
|
||||||
|
// this parameter has no effect.
|
||||||
|
expiration_in_seconds: u64 = 0,
|
||||||
|
};
|
||||||
|
|
||||||
|
pub const SigningError = error{
|
||||||
|
NotImplemented,
|
||||||
|
};
|
||||||
|
|
||||||
|
pub fn signRequest(allocator: std.mem.Allocator, http_request: base.Request, config: Config) SigningError!void {
|
||||||
|
_ = allocator;
|
||||||
|
_ = http_request;
|
||||||
|
try validateConfig(config);
|
||||||
|
log.debug("Signing with access key: {s}", .{config.credentials.access_key});
|
||||||
|
}
|
||||||
|
|
||||||
|
fn validateConfig(config: Config) SigningError!void {
|
||||||
|
_ = config;
|
||||||
|
return SigningError.NotImplemented;
|
||||||
|
}
|
|
@ -37,10 +37,7 @@ const Tests = enum {
|
||||||
};
|
};
|
||||||
|
|
||||||
pub fn main() anyerror!void {
|
pub fn main() anyerror!void {
|
||||||
const c_allocator = std.heap.c_allocator;
|
var gpa = std.heap.GeneralPurposeAllocator(.{}){};
|
||||||
var gpa = std.heap.GeneralPurposeAllocator(.{}){
|
|
||||||
.backing_allocator = c_allocator,
|
|
||||||
};
|
|
||||||
defer _ = gpa.deinit();
|
defer _ = gpa.deinit();
|
||||||
const allocator = gpa.allocator();
|
const allocator = gpa.allocator();
|
||||||
var tests = std.ArrayList(Tests).init(allocator);
|
var tests = std.ArrayList(Tests).init(allocator);
|
||||||
|
|
Loading…
Reference in New Issue
Block a user