On pp. 478-479 of Chapter 16 of my mashup book on online storage APIs, I show how to how to reproduce the calculation of an API signature in Amazon S3 in Python and PHP. Recently, because I now want to access S3 from within the browser, I have figured out how to do the same example using JavaScript. Specifically, the following is a Chickenfoot script that generates the correct signature.  (Note that the code depends on Paul Johnson's sha1.js library. (See his instructions on how to use the library. I had to consult the page to learn about the b64pad variable).):
// reproduce results on pp. 478-479 of // Pro Web 2.0 Mashups // http://docs.amazonwebservices.com/AmazonS3/2006-03-01/RESTAuthentication.html // http://pajhome.org.uk/crypt/md5/instructions.html include("D:\\Document\\JavaScriptLib\\sha1.js"); var AWSAccessKeyId = "0PN5J17HBGZHT7JJ3X82"; var AWSSecretAccessKey = "uV3F3YluFJax1cknvbcGwgjvx4QpvB+leU8dUj2o"; var Expires = '1175139620'; var HTTPVerb = "GET" var ContentMD5 = "" var ContentType = "" var CanonicalizedAmzHeaders = "" var CanonicalizedResource = "/johnsmith/photos/puppy.jpg" var string_to_sign = HTTPVerb + "\n" + ContentMD5 + "\n" + ContentType + "\n" + Expires + "\n" + CanonicalizedAmzHeaders + CanonicalizedResource output(string_to_sign); b64pad = "="; // needed for "strict RFC compliance" var sig = b64_hmac_sha1(AWSSecretAccessKey , string_to_sign); output ("|"+sig+"|");
Post a Comment