Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- function getSignatureKey(key, date, region, service) {
- const kDate = AWS.util.crypto.hmac('AWS4' + key, date, 'buffer');
- const kRegion = AWS.util.crypto.hmac(kDate, region, 'buffer');
- const kService = AWS.util.crypto.hmac(kRegion, service, 'buffer');
- const kCredentials = AWS.util.crypto.hmac(kService, 'aws4_request', 'buffer');
- return kCredentials;
- }
- function getSignedUrl(host, region, credentials) {
- const datetime = AWS.util.date.iso8601(new Date()).replace(/[:\-]|\.\d{3}/g, '');
- const date = datetime.substr(0, 8);
- // date is in format of YYYYMMDD - for example 20190605
- console.log('date', date);
- const method = 'GET';
- const protocol = 'wss';
- const uri = '/mqtt';
- const service = 'iotdevicegateway';
- const algorithm = 'AWS4-HMAC-SHA256';
- let credentialScope = date + '/' + region + '/' + service + '/' + 'aws4_request';
- let canonicalQuerystring = 'X-Amz-Algorithm=' + algorithm;
- canonicalQuerystring += '&X-Amz-Credential=' + encodeURIComponent(credentials.accessKeyId + '/' + credentialScope);
- canonicalQuerystring += '&X-Amz-Date=' + datetime;
- canonicalQuerystring += '&X-Amz-SignedHeaders=host';
- const canonicalHeaders = 'host:' + host + '\n';
- const payloadHash = AWS.util.crypto.sha256('', 'hex');
- const canonicalRequest = method + '\n' + uri + '\n' + canonicalQuerystring + '\n' + canonicalHeaders + '\nhost\n' + payloadHash;
- const stringToSign = algorithm + '\n' + datetime + '\n' + credentialScope + '\n' + AWS.util.crypto.sha256(canonicalRequest, 'hex');
- const signingKey = getSignatureKey(credentials.secretAccessKey, date, region, service);
- const signature = AWS.util.crypto.hmac(signingKey, stringToSign, 'hex');
- canonicalQuerystring += '&X-Amz-Signature=' + signature;
- if (credentials.sessionToken) {
- canonicalQuerystring += '&X-Amz-Security-Token=' + encodeURIComponent(credentials.sessionToken);
- }
- const requestUrl = protocol + '://' + host + uri + '?' + canonicalQuerystring;
- return requestUrl;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement