🔏 aws-sig
Teeny-tiny library for signing requests to Amazon Web Services using the signature v4 signing algorithm. Supports signing requests via Authorization
header or query params.
No serious, it's really small!
🙋 Why?
I wanted something small. Really, really small. Couldn't find a small AWS v4 signing library that worked in a browser using rollup for bundling so... here we are. ¯\_(ツ)_/¯
⚙️ How?
; const config = accessKeyId : "AKIDEXAMPLE" secretAccessKey : "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY" // sessionTokens are optional, but correctly supported sessionToken : "..."; const request = // These can be part of the config object or the request object region : "us-east-1" service : "service" method : "GET" url : "https://my.aws.url.that.i.need.to.hit/look/it-has/a-path-in-it-as-well" // Headers are optional headers : // Single header value "X-Amz-Date" : "20150830T123600Z" // Multiple headers "X-Multiple" : "one" "two" "three" // Body is optional, should be a string body : "..."; const signed = ; /** * signed : { * url : "https://my.aws.url.that.i.need.to.hit/look/it-has/a-path-in-it-as-well" * method : "GET", * headers : { * X-Amz-Date : "20150830T123600Z", * "X-Multiple" : [ "one", "two", "three" ], * Authorization : "...", * }, * body : "...", * } */ // Signing queries is identical, just uses signedQuery() insteadconst config = accessKeyId : "AKIDEXAMPLE" secretAccessKey : "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY" // sessionTokens are optional, but correctly supported sessionToken : "..." // These can be part of the config object or the request object region : "us-east-1" service : "service"; const request = url : "https://my.aws.url.that.i.need.to.hit/look/it-has/a-path-in-it-as-well"; const signed = ; /** * signed : { * url : "https://my.aws.url.that.i.need.to.hit/look/it-has/a-path-in-it-as-well?X-Amz-Algorithm=...&X-Amz-Credential=..." * method : "GET", * headers : {}, * body : undefined, * } */
🛁 What?
Supports query params, date overrides via X-Amz-Date
or Date
headers, multiple header values, and probably some other features.
Tested against API Gateway so far. Your results may vary for other services, S3 seems especially fraught with peril. 💀