gl-store-s3.js/node_modules/aws-sdk/lib/signers/v4_credentials.js

101 lines
2.1 KiB
JavaScript

var AWS = require('../core');
/**
* @api private
*/
var cachedSecret = {};
/**
* @api private
*/
var cacheQueue = [];
/**
* @api private
*/
var maxCacheEntries = 50;
/**
* @api private
*/
var v4Identifier = 'aws4_request';
/**
* @api private
*/
module.exports = {
/**
* @api private
*
* @param date [String]
* @param region [String]
* @param serviceName [String]
* @return [String]
*/
createScope: function createScope(date, region, serviceName) {
return [
date.substr(0, 8),
region,
serviceName,
v4Identifier
].join('/');
},
/**
* @api private
*
* @param credentials [Credentials]
* @param date [String]
* @param region [String]
* @param service [String]
* @param shouldCache [Boolean]
* @return [String]
*/
getSigningKey: function getSigningKey(
credentials,
date,
region,
service,
shouldCache
) {
var credsIdentifier = AWS.util.crypto
.hmac(credentials.secretAccessKey, credentials.accessKeyId, 'base64');
var cacheKey = [credsIdentifier, date, region, service].join('_');
shouldCache = shouldCache !== false;
if (shouldCache && (cacheKey in cachedSecret)) {
return cachedSecret[cacheKey];
}
var kDate = AWS.util.crypto.hmac(
'AWS4' + credentials.secretAccessKey,
date,
'buffer'
);
var kRegion = AWS.util.crypto.hmac(kDate, region, 'buffer');
var kService = AWS.util.crypto.hmac(kRegion, service, 'buffer');
var signingKey = AWS.util.crypto.hmac(kService, v4Identifier, 'buffer');
if (shouldCache) {
cachedSecret[cacheKey] = signingKey;
cacheQueue.push(cacheKey);
if (cacheQueue.length > maxCacheEntries) {
// remove the oldest entry (not the least recently used)
delete cachedSecret[cacheQueue.shift()];
}
}
return signingKey;
},
/**
* @api private
*
* Empties the derived signing key cache. Made available for testing purposes
* only.
*/
emptyCache: function emptyCache() {
cachedSecret = {};
cacheQueue = [];
}
};