ryanmiville
diff --git a/‎.gitignore
+1 b/‎.gitignore
+1
diff --git a/‎gleam.toml
+3 b/‎gleam.toml
+3
diff --git a/‎manifest.toml
+18 b/‎manifest.toml
+18
diff --git a/‎src/aws_request.gleam
-5 b/‎src/aws_request.gleam
-5
diff --git a/‎src/aws_request/config.gleam
+100 b/‎src/aws_request/config.gleam
+100
diff --git a/‎src/aws_request/internal/endpoint.gleam
+57 b/‎src/aws_request/internal/endpoint.gleam
+57
diff --git a/‎src/aws_request/internal/metadata.gleam
+14 b/‎src/aws_request/internal/metadata.gleam
+14
diff --git a/‎src/aws_request/internal/request_builder.gleam
+52 b/‎src/aws_request/internal/request_builder.gleam
+52
diff --git a/‎src/aws_request/internal/time.gleam
+45 b/‎src/aws_request/internal/time.gleam
+45
@@ -2,3 +2,4 @@
 *.ez
 /build
 erl_crash.dump
+.DS_Store
@@ -14,6 +14,9 @@ version = "1.0.0"
 
 [dependencies]
 gleam_stdlib = ">= 0.34.0 and < 2.0.0"
+envoy = ">= 1.0.1 and < 2.0.0"
+aws4_request = ">= 0.1.1 and < 1.0.0"
+gleam_http = ">= 3.6.0 and < 4.0.0"
 
 [dev-dependencies]
 gleeunit = ">= 1.0.0 and < 2.0.0"
@@ -0,0 +1,18 @@
+# This file was generated by Gleam
+# You typically do not need to edit this file
+
+packages = [
+  { name = "aws4_request", version = "0.1.1", build_tools = ["gleam"], requirements = ["gleam_crypto", "gleam_http", "gleam_stdlib"], otp_app = "aws4_request", source = "hex", outer_checksum = "90B1DB6E2A7F0396CD4713850B14B3A910331B5BA76D051E411D1499AAA2EA9A" },
+  { name = "envoy", version = "1.0.1", build_tools = ["gleam"], requirements = ["gleam_stdlib"], otp_app = "envoy", source = "hex", outer_checksum = "CFAACCCFC47654F7E8B75E614746ED924C65BD08B1DE21101548AC314A8B6A41" },
+  { name = "gleam_crypto", version = "1.3.0", build_tools = ["gleam"], requirements = ["gleam_stdlib"], otp_app = "gleam_crypto", source = "hex", outer_checksum = "ADD058DEDE8F0341F1ADE3AAC492A224F15700829D9A3A3F9ADF370F875C51B7" },
+  { name = "gleam_http", version = "3.6.0", build_tools = ["gleam"], requirements = ["gleam_stdlib"], otp_app = "gleam_http", source = "hex", outer_checksum = "8C07DF9DF8CC7F054C650839A51C30A7D3C26482AC241C899C1CEA86B22DBE51" },
+  { name = "gleam_stdlib", version = "0.40.0", build_tools = ["gleam"], requirements = [], otp_app = "gleam_stdlib", source = "hex", outer_checksum = "86606B75A600BBD05E539EB59FABC6E307EEEA7B1E5865AFB6D980A93BCB2181" },
+  { name = "gleeunit", version = "1.2.0", build_tools = ["gleam"], requirements = ["gleam_stdlib"], otp_app = "gleeunit", source = "hex", outer_checksum = "F7A7228925D3EE7D0813C922E062BFD6D7E9310F0BEE585D3A42F3307E3CFD13" },
+]
+
+[requirements]
+aws4_request = { version = ">= 0.1.1 and < 1.0.0" }
+envoy = { version = ">= 1.0.1 and < 2.0.0" }
+gleam_http = { version = ">= 3.6.0 and < 4.0.0" }
+gleam_stdlib = { version = ">= 0.34.0 and < 2.0.0" }
+gleeunit = { version = ">= 1.0.0 and < 2.0.0" }
@@ -0,0 +1,100 @@
+import envoy
+import gleam/option.{type Option, None}
+import gleam/result
+
+const aws_access_key_id = "AWS_ACCESS_KEY_ID"
+
+const aws_secret_access_key = "AWS_SECRET_ACCESS_KEY"
+
+const aws_session_token = "AWS_SESSION_TOKEN"
+
+const aws_default_region = "AWS_DEFAULT_REGION"
+
+type Env =
+  Result(String, String)
+
+pub type ConfigError {
+  ConfigError(message: String)
+}
+
+pub opaque type ConfigBuilder {
+  ConfigBuilder(
+    access_key_id: Env,
+    secret_access_key: Env,
+    session_token: Env,
+    region: Env,
+    endpoint: Option(String),
+    proto: String,
+    port: Int,
+  )
+}
+
+pub type Config {
+  Config(
+    access_key_id: String,
+    secret_access_key: String,
+    region: String,
+    session_token: Option(String),
+    endpoint: Option(String),
+  )
+}
+
+pub fn new() -> ConfigBuilder {
+  let access_key_id = env(aws_access_key_id)
+  let secret_access_key = env(aws_secret_access_key)
+  let region = env(aws_default_region)
+  let session_token = env(aws_session_token)
+
+  ConfigBuilder(
+    access_key_id:,
+    secret_access_key:,
+    session_token:,
+    region:,
+    endpoint: None,
+    proto: "https",
+    port: 443,
+  )
+}
+
+pub fn with_region(builder: ConfigBuilder, region: String) {
+  ConfigBuilder(..builder, region: Ok(region))
+}
+
+pub fn with_credentials(
+  builder: ConfigBuilder,
+  access_key_id: String,
+  secret_access_key: String,
+) {
+  ConfigBuilder(
+    ..builder,
+    access_key_id: Ok(access_key_id),
+    secret_access_key: Ok(secret_access_key),
+  )
+}
+
+pub fn with_session_token(builder: ConfigBuilder, session_token: String) {
+  ConfigBuilder(..builder, session_token: Ok(session_token))
+}
+
+pub fn build(builder: ConfigBuilder) -> Result(Config, ConfigError) {
+  builder |> do_build |> result.map_error(ConfigError)
+}
+
+fn do_build(builder: ConfigBuilder) -> Result(Config, String) {
+  use access_key_id <- result.try(builder.access_key_id)
+  use secret_access_key <- result.try(builder.secret_access_key)
+  use region <- result.map(builder.region)
+  let session_token = option.from_result(builder.session_token)
+  Config(
+    access_key_id:,
+    secret_access_key:,
+    region:,
+    session_token:,
+    endpoint: builder.endpoint,
+  )
+}
+
+fn env(name: String) -> Env {
+  envoy.get(name)
+  |> result.replace_error(name <> "not set")
+}
@@ -0,0 +1,57 @@
+import aws_request/config.{type Config}
+import aws_request/internal/metadata.{type Metadata, Global}
+import gleam/option.{None, Some}
+import gleam/string
+
+pub type Endpoint {
+  Endpoint(
+    hostname: String,
+    protocol: String,
+    signing_region: String,
+    signing_name: String,
+  )
+}
+
+pub fn from(config: Config, metadata: Metadata) -> Endpoint {
+  case config.endpoint {
+    Some(ep) -> {
+      let #(protocol, hostname) = split_scheme(ep)
+      Endpoint(hostname, protocol, config.region, metadata.signing_name)
+    }
+    None -> resolve(config, metadata)
+  }
+}
+
+fn split_scheme(uri: String) {
+  case uri {
+    "https://" <> host -> #("https", host)
+    "http://" <> host -> #("http", host)
+    other -> #("https", other)
+  }
+}
+
+fn resolve(config: Config, metadata: Metadata) -> Endpoint {
+  case config.region, metadata.global {
+    "local", _ ->
+      Endpoint("localhost:8000", "http", "us-east-1", metadata.signing_name)
+    _, Some(Global(region, hostname)) ->
+      Endpoint(hostname, "https", region, metadata.signing_name)
+    region, None ->
+      Endpoint(
+        default(config, metadata),
+        "https",
+        region,
+        metadata.signing_name,
+      )
+  }
+}
+
+fn default(config: Config, metadata: Metadata) {
+  string.concat([
+    metadata.endpoint_prefix,
+    ".",
+    config.region,
+    ".",
+    "amazonaws.com",
+  ])
+}
@@ -0,0 +1,14 @@
+import gleam/option.{type Option}
+
+pub type Metadata {
+  Metadata(
+    endpoint_prefix: String,
+    service_id: String,
+    signing_name: String,
+    global: Option(Global),
+  )
+}
+
+pub type Global {
+  Global(credential_scope: String, hostname: String)
+}
@@ -0,0 +1,52 @@
+import aws4_request
+import aws_request/internal/endpoint.{type Endpoint}
+import aws_request/internal/time
+import gleam/bit_array
+import gleam/http.{type Header}
+import gleam/http/request.{type Request, Request}
+import gleam/option.{type Option}
+
+pub type RequestBuilder {
+  RequestBuilder(
+    access_key_id: String,
+    secret_access_key: String,
+    service_id: String,
+    endpoint: Endpoint,
+  )
+}
+
+fn sign_v4(builder: RequestBuilder, request: Request(BitArray)) {
+  let date_time = time.utc_now() |> time.to_parts
+  aws4_request.sign(
+    request,
+    date_time,
+    builder.access_key_id,
+    builder.secret_access_key,
+    builder.endpoint.signing_region,
+    builder.endpoint.signing_name,
+  )
+}
+
+pub fn build(
+  builder: RequestBuilder,
+  method: http.Method,
+  path: String,
+  headers: List(Header),
+  query: Option(String),
+  body: Option(BitArray),
+) -> Request(BitArray) {
+  let assert Ok(request) = request.to(url(builder.endpoint) <> path)
+  let headers = [#("host", builder.endpoint.hostname), ..headers]
+
+  let body = option.unwrap(body, bit_array.from_string(""))
+  let request =
+    request.Request(..request, headers: headers, query: query)
+    |> request.set_method(method)
+    |> request.set_body(body)
+
+  sign_v4(builder, request)
+}
+
+fn url(endpoint: Endpoint) -> String {
+  endpoint.protocol <> "://" <> endpoint.hostname <> "/"
+}
@@ -0,0 +1,45 @@
+import gleam/option
+
+pub opaque type Time {
+  Time(wall_time: Int, monotonic_time: option.Option(Int))
+}
+
+pub type Date {
+  Date(year: Int, month: Int, day: Int)
+}
+
+pub type DayTime {
+  DayTime(hour: Int, minute: Int, second: Int, millisecond: Int)
+}
+
+pub fn to_parts(value: Time) -> #(#(Int, Int, Int), #(Int, Int, Int)) {
+  let #(#(year, month, day), #(hour, minute, second, _)) = do_to_parts(value)
+  #(#(year, month, day), #(hour, minute, second))
+}
+
+fn do_to_parts(value: Time) -> #(#(Int, Int, Int), #(Int, Int, Int, Int)) {
+  case value {
+    Time(wall_time: t, monotonic_time: _) -> {
+      let #(date, time) = ffi_to_parts(t, 0)
+      #(date, time)
+    }
+  }
+}
+
+pub fn utc_now() -> Time {
+  let now = ffi_now()
+  let monotonic_now = ffi_monotonic_now()
+  Time(now, option.Some(monotonic_now))
+}
+
+@external(erlang, "time_ffi", "now")
+@external(javascript, "./time_ffi.mjs", "now")
+fn ffi_now() -> Int
+
+@external(erlang, "time_ffi", "monotonic_now")
+@external(javascript, "./time_ffi.mjs", "monotonic_now")
+fn ffi_monotonic_now() -> Int
+
+@external(erlang, "time_ffi", "to_parts")
+@external(javascript, "./time_ffi.mjs", "to_parts")
+fn ffi_to_parts(a: Int, b: Int) -> #(#(Int, Int, Int), #(Int, Int, Int, Int))