Skip to content
/ aws-sig Public

πŸ” AWS sigv4, optimized for size

License

MIT license
7 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tivac/aws-sig

BranchesTags

Repository files navigation

πŸ” aws-sig NPM Version NPM License NPM Downloads Build Status

Teeny-tiny library for signing requests to Amazon Web Services using the signature v4 signing algorithm. Supports signing requests via Authorization header or query params.

No serious, it's really small!

Bundle Size Gzipped Bundle Size

πŸ™‹ Why?

I wanted something small. Really, really small. Couldn't find a small AWS v4 signing library that worked in a browser using rollup for bundling so... here we are. Β―\_(ツ)_/Β―

βš™οΈ How?

import { signedHeaders, signedQuery } from "aws-sig";

const config = {
    accessKeyId     : "AKIDEXAMPLE",
    secretAccessKey : "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY",

    // sessionTokens are optional, but correctly supported
    sessionToken    : "..."
};

const request = {
    // These can be part of the config object or the request object
    region  : "us-east-1",
    service : "service",
    
    method : "GET",
    url    : "https://my.aws.url.that.i.need.to.hit/look/it-has/a-path-in-it-as-well",
    
    // Headers are optional
    headers : {
        // Single header value
        "X-Amz-Date" : "20150830T123600Z",
        
        // Multiple headers
        "X-Multiple" : [ "one", "two", "three" ]
    }
    // Body is optional, should be a string
    body : "..."
};

const signed = signedHeaders(request, config);

/**
 * signed : {
 *     url : "https://my.aws.url.that.i.need.to.hit/look/it-has/a-path-in-it-as-well"
 *     method : "GET",
 *     headers : {
 *         X-Amz-Date : "20150830T123600Z",
 *         "X-Multiple" : [ "one", "two", "three" ],
 *         Authorization : "...",
 *     },
 *     body : "...",
 * }
 */

// Signing queries is identical, just uses signedQuery() instead
const config = {
    accessKeyId     : "AKIDEXAMPLE",
    secretAccessKey : "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY",

    // sessionTokens are optional, but correctly supported
    sessionToken    : "...",

    // These can be part of the config object or the request object
    region  : "us-east-1",
    service : "service",
};

const request = {
    url    : "https://my.aws.url.that.i.need.to.hit/look/it-has/a-path-in-it-as-well",
};

const signed = signedQuery(request, config);

/**
 * signed : {
 *     url : "https://my.aws.url.that.i.need.to.hit/look/it-has/a-path-in-it-as-well?X-Amz-Algorithm=...&X-Amz-Credential=..."
 *     method : "GET",
 *     headers : {},
 *     body : undefined,
 * }
 */

πŸ› What?

Supports query params, date overrides via X-Amz-Date or Date headers, multiple header values, and probably some other features.

Tested against API Gateway so far. Your results may vary for other services, S3 seems especially fraught with peril. πŸ’€

About

πŸ” AWS sigv4, optimized for size

Topics

aws sigv4

Resources

Readme

License

MIT license
Activity

Stars

7 stars

Watchers

4 watching

Forks

3 forks
Report repository

Releases 3

Added X-Amz-Date creation Latest
Jun 15, 2020
+ 2 releases

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages