66#include "aws/s3/private/s3_client_impl.h"
77#include "aws/s3/private/s3express_credentials_provider_impl.h"
88#include <aws/auth/credentials.h>
9+ #include <aws/s3/private/s3_request_messages.h>
910#include <aws/s3/private/s3_util.h>
1011#include <aws/s3/s3_client.h>
1112
13+ #include <aws/cal/hash.h>
1214#include <aws/common/clock.h>
1315#include <aws/common/lru_cache.h>
1416#include <aws/common/uri.h>
1820#include <aws/io/channel_bootstrap.h>
1921#include <aws/io/event_loop.h>
2022
21- #include <aws/cal/hash.h>
22-
2323#include <inttypes.h>
2424
2525static struct aws_byte_cursor s_create_session_path_query = AWS_BYTE_CUR_INIT_FROM_STRING_LITERAL ("/?session=" );
@@ -394,7 +394,8 @@ static void s_on_request_finished(
394394
395395static struct aws_http_message * s_create_session_request_new (
396396 struct aws_allocator * allocator ,
397- struct aws_byte_cursor host_value ) {
397+ struct aws_byte_cursor host_value ,
398+ struct aws_http_headers * headers ) {
398399 struct aws_http_message * request = aws_http_message_new_request (allocator );
399400
400401 struct aws_http_header host_header = {
@@ -414,6 +415,20 @@ static struct aws_http_message *s_create_session_request_new(
414415 goto error ;
415416 }
416417
418+ for (size_t header_index = 0 ; header_index < g_s3_create_session_allowed_headers_count ; ++ header_index ) {
419+ struct aws_byte_cursor header_name = g_s3_create_session_allowed_headers [header_index ];
420+ struct aws_byte_cursor header_value ;
421+ if (aws_http_headers_get (headers , header_name , & header_value ) == AWS_OP_SUCCESS && header_value .len > 0 ) {
422+ struct aws_http_header header = {
423+ .name = header_name ,
424+ .value = header_value ,
425+ };
426+ if (aws_http_message_add_header (request , header )) {
427+ goto error ;
428+ }
429+ }
430+ }
431+
417432 if (aws_http_message_set_request_method (request , aws_http_method_get )) {
418433 goto error ;
419434 }
@@ -450,24 +465,39 @@ static struct aws_s3express_session_creator *s_aws_s3express_session_creator_des
450465/**
451466 * Encode the hash key to be [host_value][hash_of_credentials]
452467 * hash_of_credentials is the sha256 of [access_key][secret_access_key]
468+ * TODO: Update docs
453469 **/
454470struct aws_string * aws_encode_s3express_hash_key_new (
455471 struct aws_allocator * allocator ,
456472 const struct aws_credentials * original_credentials ,
457473 struct aws_byte_cursor host_value ,
458474 struct aws_http_headers * headers ) {
459475 (void )headers ;
460- struct aws_byte_buf combine_key_buf ;
476+ struct aws_byte_buf combined_hash_buf ;
461477
462478 /* 1. Combine access_key and secret_access_key into one buffer */
463479 struct aws_byte_cursor access_key = aws_credentials_get_access_key_id (original_credentials );
464480 struct aws_byte_cursor secret_access_key = aws_credentials_get_secret_access_key (original_credentials );
465- aws_byte_buf_init (& combine_key_buf , allocator , access_key .len + secret_access_key .len );
466- aws_byte_buf_write_from_whole_cursor (& combine_key_buf , access_key );
467- aws_byte_buf_write_from_whole_cursor (& combine_key_buf , secret_access_key );
481+ aws_byte_buf_init (& combined_hash_buf , allocator , access_key .len + secret_access_key .len );
482+ aws_byte_buf_write_from_whole_cursor (& combined_hash_buf , access_key );
483+ aws_byte_buf_write_from_whole_cursor (& combined_hash_buf , secret_access_key );
484+
485+ /* Write the allowed headers into hash */
486+ struct aws_byte_cursor collon = aws_byte_cursor_from_c_str (":" );
487+ struct aws_byte_cursor comma = aws_byte_cursor_from_c_str ("," );
488+ for (size_t header_index = 0 ; header_index < g_s3_create_session_allowed_headers_count ; ++ header_index ) {
489+ struct aws_byte_cursor header_name = g_s3_create_session_allowed_headers [header_index ];
490+ struct aws_byte_cursor header_value ;
491+ if (aws_http_headers_get (headers , header_name , & header_value ) == AWS_OP_SUCCESS && header_value .len > 0 ) {
492+ aws_byte_buf_write_from_whole_cursor (& combined_hash_buf , comma );
493+ aws_byte_buf_write_from_whole_cursor (& combined_hash_buf , header_name );
494+ aws_byte_buf_write_from_whole_cursor (& combined_hash_buf , collon );
495+ aws_byte_buf_write_from_whole_cursor (& combined_hash_buf , header_value );
496+ }
497+ }
468498
469499 /* 2. Get sha256 digest from the combined key */
470- struct aws_byte_cursor combine_key = aws_byte_cursor_from_buf (& combine_key_buf );
500+ struct aws_byte_cursor combine_key = aws_byte_cursor_from_buf (& combined_hash_buf );
471501 struct aws_byte_buf digest_buf ;
472502 aws_byte_buf_init (& digest_buf , allocator , AWS_SHA256_LEN );
473503 aws_sha256_compute (allocator , & combine_key , & digest_buf , 0 );
@@ -481,7 +511,7 @@ struct aws_string *aws_encode_s3express_hash_key_new(
481511
482512 /* Clean up */
483513 aws_byte_buf_clean_up (& result_buffer );
484- aws_byte_buf_clean_up (& combine_key_buf );
514+ aws_byte_buf_clean_up (& combined_hash_buf );
485515 aws_byte_buf_clean_up (& digest_buf );
486516
487517 return result ;
@@ -493,7 +523,8 @@ static struct aws_s3express_session_creator *s_session_creator_new(
493523 const struct aws_credentials_properties_s3express * s3express_properties ) {
494524
495525 struct aws_s3express_credentials_provider_impl * impl = provider -> impl ;
496- struct aws_http_message * request = s_create_session_request_new (provider -> allocator , s3express_properties -> host );
526+ struct aws_http_message * request =
527+ s_create_session_request_new (provider -> allocator , s3express_properties -> host , s3express_properties -> headers );
497528 if (!request ) {
498529 return NULL ;
499530 }
0 commit comments