Created
July 8, 2018 10:27
-
-
Save reytech-dev/38ef2489ba3ea5c583dd1386ae140cb9 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////// | |
// This script is made and tested for GET requests, please change the required params for other types of requests // | |
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////// | |
// e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 - sha256 of empty input | |
date_default_timezone_set("UTC"); | |
// Region where the space is hosted (amsterdam) | |
$region = "ams3"; | |
// Host of the space without protocol | |
$host = "bucketname".$region."digitaloceanspaces.com"; | |
// AWS Signature version (AWS4) and the signing algorithm (sha256) | |
$requestAlgo = "AWS4-HMAC-SHA256"; | |
// The service name | |
$service = "s3"; | |
// Type for the current request | |
$requestType = "aws4_request"; | |
// Request method (GET, PUT, POST, HEAD, DELETE) | |
$method = "GET"; | |
// Request uri | |
$uri = "/example.txt"; | |
// Parameters for the request, must be url encoded | |
$queryString = urlencode(""); | |
// List of all headers which are used for signing the request. This list is without values and separated with ";" | |
$signedHeaders = "host;x-amz-content-sha256;x-amz-date"; | |
// sha256 hash of the request payload. If it is a GET request the sha256 hash of an empty string is required (e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855) | |
$hashedPayload = hash('sha256', "", false); | |
// Formatted date based on ISO8601 "YYYYMMDDTHHMMSSZ" | |
$dateIso8601 = date('Ymd\THis\Z', strtotime("now")); | |
// Readable date formatted like "YYYYMMDD" | |
$dateReadable = date('Ymd', strtotime("now")); | |
// Headers which are sent with the request. The $signedHeaders list is based on the $headers list. This list is with values and with "\n" separated | |
$headers = "host:" . $host . PHP_EOL . "x-amz-content-sha256:" . $hashedPayload . PHP_EOL . "x-amz-date:" . $dateIso8601 . PHP_EOL; | |
// The key for your API access | |
$secretKey = "fillme"; | |
// The secret of the key for your API access. It's only visible when the KEY gets generated, afterwards you can't get this secret anymore and there is a new access key required | |
$secret = "fillme"; | |
// Gluing the request params together | |
$canonicalRequest = | |
// GET,POST,PUT,HEAD,DELETE | |
$method . PHP_EOL | |
// "/" or "/example.txt" or "/subdir/filename.png" | |
. $uri . PHP_EOL | |
// urlencode(Action=DescribeRegions&Version=2013-10-15) | |
. $queryString . PHP_EOL | |
// host:bucketname.region.digitaloceanspaces.com\nx-amz-content-sha256:hashedContent\nx-amz-date:YYYYMMDDTHHMMSSZ | |
. $headers . PHP_EOL | |
// host;x-amz-content-sha256;x-amz-date | |
. $signedHeaders . PHP_EOL | |
// e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 | |
. $hashedPayload; | |
// Hash the canonical request and return the hexa representation | |
$hash = hash('sha256', $canonicalRequest, false); | |
// The request string which has to be signed | |
$stringToSign = $requestAlgo . PHP_EOL | |
. $dateIso8601 . PHP_EOL | |
. $dateReadable . "/" . $region . "/" . $service . "/" . $requestType . PHP_EOL | |
. $hash; | |
// Create the key for the date | |
$dateKey = hash_hmac('sha256', $dateReadable, "AWS4" . $secret, true); | |
// Create the region key with the datekey | |
$dateRegionKey = hash_hmac('sha256', $region, $dateKey, true); | |
// Create the service key with the region key | |
$dateRegionServiceKey = hash_hmac('sha256', "s3", $dateRegionKey, true); | |
// Create the signing key with the region key | |
$signingKey = hash_hmac('sha256', "aws4_request", $dateRegionServiceKey, true); | |
// Create the signature with the signing key and return the hex representation | |
$signature = hash_hmac('sha256', $stringToSign, $signingKey, false); | |
$authorization = $requestAlgo . " Credential=" . $secretKey . "/" . $dateReadable . "/" . $region . "/" . $service . "/" . $requestType . ",SignedHeaders=" . $signedHeaders . ",Signature=" . $signature; | |
// POSTMAN | |
echo "#####################################################################" . PHP_EOL; | |
echo "# Authorization: " . $authorization . PHP_EOL; | |
echo "# x-amz-content-sha256: " . $hashedPayload . PHP_EOL; | |
echo "# x-amz-date: " . $dateIso8601 . PHP_EOL; | |
echo "#####################################################################" . PHP_EOL; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment