diff options
author | Andrew Dolgov <[email protected]> | 2022-11-23 21:14:33 +0300 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2022-11-23 21:14:33 +0300 |
commit | 0c8af4992cb0f7589dcafaad65ada12753c64594 (patch) | |
tree | 18e83d068c3e7dd2499331de977782b382279396 /vendor/aws/aws-crt-php/src/AWS/CRT/Auth |
initial
Diffstat (limited to 'vendor/aws/aws-crt-php/src/AWS/CRT/Auth')
10 files changed, 337 insertions, 0 deletions
diff --git a/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/AwsCredentials.php b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/AwsCredentials.php new file mode 100644 index 0000000..6f6acee --- /dev/null +++ b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/AwsCredentials.php @@ -0,0 +1,69 @@ +<?php +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +namespace AWS\CRT\Auth; + +use AWS\CRT\NativeResource as NativeResource; +use AWS\CRT\Options as Options; + +/** + * Represents a set of AWS credentials + * + * @param array options: + * - string access_key_id - AWS Access Key Id + * - string secret_access_key - AWS Secret Access Key + * - string session_token - Optional STS session token + * - int expiration_timepoint_seconds - Optional time to expire these credentials + */ +final class AwsCredentials extends NativeResource { + + static function defaults() { + return [ + 'access_key_id' => '', + 'secret_access_key' => '', + 'session_token' => '', + 'expiration_timepoint_seconds' => 0, + ]; + } + + private $access_key_id; + private $secret_access_key; + private $session_token; + private $expiration_timepoint_seconds = 0; + + public function __get($name) { + return $this->$name; + } + + function __construct(array $options = []) { + parent::__construct(); + + $options = new Options($options, self::defaults()); + $this->access_key_id = $options->access_key_id->asString(); + $this->secret_access_key = $options->secret_access_key->asString(); + $this->session_token = $options->session_token ? $options->session_token->asString() : null; + $this->expiration_timepoint_seconds = $options->expiration_timepoint_seconds->asInt(); + + if (strlen($this->access_key_id) == 0) { + throw new \InvalidArgumentException("access_key_id must be provided"); + } + if (strlen($this->secret_access_key) == 0) { + throw new \InvalidArgumentException("secret_access_key must be provided"); + } + + $creds_options = self::$crt->aws_credentials_options_new(); + self::$crt->aws_credentials_options_set_access_key_id($creds_options, $this->access_key_id); + self::$crt->aws_credentials_options_set_secret_access_key($creds_options, $this->secret_access_key); + self::$crt->aws_credentials_options_set_session_token($creds_options, $this->session_token); + self::$crt->aws_credentials_options_set_expiration_timepoint_seconds($creds_options, $this->expiration_timepoint_seconds); + $this->acquire(self::$crt->aws_credentials_new($creds_options)); + self::$crt->aws_credentials_options_release($creds_options); + } + + function __destruct() { + self::$crt->aws_credentials_release($this->release()); + parent::__destruct(); + } +} diff --git a/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/CredentialsProvider.php b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/CredentialsProvider.php new file mode 100644 index 0000000..e9d3588 --- /dev/null +++ b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/CredentialsProvider.php @@ -0,0 +1,23 @@ +<?php +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +namespace AWS\CRT\Auth; + +use AWS\CRT\NativeResource as NativeResource; + +/** + * Base class for credentials providers + */ +abstract class CredentialsProvider extends NativeResource { + + function __construct(array $options = []) { + parent::__construct(); + } + + function __destruct() { + self::$crt->credentials_provider_release($this->release()); + parent::__destruct(); + } +} diff --git a/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/Signable.php b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/Signable.php new file mode 100644 index 0000000..100b56a --- /dev/null +++ b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/Signable.php @@ -0,0 +1,43 @@ +<?php +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +namespace AWS\CRT\Auth; + +use AWS\CRT\IO\InputStream; +use AWS\CRT\NativeResource as NativeResource; + +class Signable extends NativeResource { + + public static function fromHttpRequest($http_message) { + return new Signable(function() use ($http_message) { + return self::$crt->signable_new_from_http_request($http_message->native); + }); + } + + public static function fromChunk($chunk_stream, $previous_signature="") { + if (!($chunk_stream instanceof InputStream)) { + $chunk_stream = new InputStream($chunk_stream); + } + return new Signable(function() use($chunk_stream, $previous_signature) { + return self::$crt->signable_new_from_chunk($chunk_stream->native, $previous_signature); + }); + } + + public static function fromCanonicalRequest($canonical_request) { + return new Signable(function() use($canonical_request) { + return self::$crt->signable_new_from_canonical_request($canonical_request); + }); + } + + protected function __construct($ctor) { + parent::__construct(); + $this->acquire($ctor()); + } + + function __destruct() { + self::$crt->signable_release($this->release()); + parent::__destruct(); + } +}
\ No newline at end of file diff --git a/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/SignatureType.php b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/SignatureType.php new file mode 100644 index 0000000..3d3b99f --- /dev/null +++ b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/SignatureType.php @@ -0,0 +1,15 @@ +<?php +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +namespace AWS\CRT\Auth; + +class SignatureType { + const HTTP_REQUEST_HEADERS = 0; + const HTTP_REQUEST_QUERY_PARAMS = 1; + const HTTP_REQUEST_CHUNK = 2; + const HTTP_REQUEST_EVENT = 3; + const CANONICAL_REQUEST_HEADERS = 4; + const CANONICAL_REQUEST_QUERY_PARAMS = 5; +}
\ No newline at end of file diff --git a/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/SignedBodyHeaderType.php b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/SignedBodyHeaderType.php new file mode 100644 index 0000000..cb3d438 --- /dev/null +++ b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/SignedBodyHeaderType.php @@ -0,0 +1,11 @@ +<?php +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +namespace AWS\CRT\Auth; + +class SignedBodyHeaderType { + const NONE = 0; + const X_AMZ_CONTENT_SHA256 = 1; +}
\ No newline at end of file diff --git a/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/Signing.php b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/Signing.php new file mode 100644 index 0000000..d979db9 --- /dev/null +++ b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/Signing.php @@ -0,0 +1,22 @@ +<?php +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +namespace AWS\CRT\Auth; + +use AWS\CRT\NativeResource; + +abstract class Signing extends NativeResource { + static function signRequestAws($signable, $signing_config, $on_complete) { + return self::$crt->sign_request_aws($signable->native, $signing_config->native, + function($result, $error_code) use ($on_complete) { + $signing_result = SigningResult::fromNative($result); + $on_complete($signing_result, $error_code); + }, null); + } + + static function testVerifySigV4ASigning($signable, $signing_config, $expected_canonical_request, $signature, $ecc_key_pub_x, $ecc_key_pub_y) { + return self::$crt->test_verify_sigv4a_signing($signable, $signing_config, $expected_canonical_request, $signature, $ecc_key_pub_x, $ecc_key_pub_y); + } +} diff --git a/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/SigningAlgorithm.php b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/SigningAlgorithm.php new file mode 100644 index 0000000..dd11059 --- /dev/null +++ b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/SigningAlgorithm.php @@ -0,0 +1,11 @@ +<?php +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +namespace AWS\CRT\Auth; + +class SigningAlgorithm { + const SIGv4 = 0; + const SIGv4_ASYMMETRIC = 1; +} diff --git a/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/SigningConfigAWS.php b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/SigningConfigAWS.php new file mode 100644 index 0000000..8a73df9 --- /dev/null +++ b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/SigningConfigAWS.php @@ -0,0 +1,75 @@ +<?php +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +namespace AWS\CRT\Auth; + +use AWS\CRT\NativeResource as NativeResource; +use AWS\CRT\Options as Options; + +class SigningConfigAWS extends NativeResource { + + public static function defaults() { + return [ + 'algorithm' => SigningAlgorithm::SIGv4, + 'signature_type' => SignatureType::HTTP_REQUEST_HEADERS, + 'credentials_provider' => null, + 'region' => null, + 'service' => null, + 'use_double_uri_encode' => false, + 'should_normalize_uri_path' => false, + 'omit_session_token' => false, + 'signed_body_value' => null, + 'signed_body_header_type' => SignedBodyHeaderType::NONE, + 'expiration_in_seconds' => 0, + 'date' => time(), + 'should_sign_header' => null, + ]; + } + + private $options; + + public function __construct(array $options = []) { + parent::__construct(); + $this->options = $options = new Options($options, self::defaults()); + $sc = $this->acquire(self::$crt->signing_config_aws_new()); + self::$crt->signing_config_aws_set_algorithm($sc, $options->algorithm->asInt()); + self::$crt->signing_config_aws_set_signature_type($sc, $options->signature_type->asInt()); + if ($credentials_provider = $options->credentials_provider->asObject()) { + self::$crt->signing_config_aws_set_credentials_provider( + $sc, + $credentials_provider->native); + } + self::$crt->signing_config_aws_set_region( + $sc, $options->region->asString()); + self::$crt->signing_config_aws_set_service( + $sc, $options->service->asString()); + self::$crt->signing_config_aws_set_use_double_uri_encode( + $sc, $options->use_double_uri_encode->asBool()); + self::$crt->signing_config_aws_set_should_normalize_uri_path( + $sc, $options->should_normalize_uri_path->asBool()); + self::$crt->signing_config_aws_set_omit_session_token( + $sc, $options->omit_session_token->asBool()); + self::$crt->signing_config_aws_set_signed_body_value( + $sc, $options->signed_body_value->asString()); + self::$crt->signing_config_aws_set_signed_body_header_type( + $sc, $options->signed_body_header_type->asInt()); + self::$crt->signing_config_aws_set_expiration_in_seconds( + $sc, $options->expiration_in_seconds->asInt()); + self::$crt->signing_config_aws_set_date($sc, $options->date->asInt()); + if ($should_sign_header = $options->should_sign_header->asCallable()) { + self::$crt->signing_config_aws_set_should_sign_header_fn($sc, $should_sign_header); + } + } + + function __destruct() + { + self::$crt->signing_config_aws_release($this->release()); + parent::__destruct(); + } + + public function __get($name) { + return $this->options->get($name); + } +}
\ No newline at end of file diff --git a/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/SigningResult.php b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/SigningResult.php new file mode 100644 index 0000000..b8a4ab5 --- /dev/null +++ b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/SigningResult.php @@ -0,0 +1,33 @@ +<?php +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +namespace AWS\CRT\Auth; + +use AWS\CRT\NativeResource; +use AWS\CRT\HTTP\Request; + +class SigningResult extends NativeResource { + protected function __construct($native) { + parent::__construct(); + + $this->acquire($native); + } + + function __destruct() { + // No destruction necessary, SigningResults are transient, just release + $this->release(); + parent::__destruct(); + } + + public static function fromNative($ptr) { + return new SigningResult($ptr); + } + + public function applyToHttpRequest(&$http_request) { + self::$crt->signing_result_apply_to_http_request($this->native, $http_request->native); + // Update http_request from native + $http_request = Request::unmarshall($http_request->toBlob()); + } +}
\ No newline at end of file diff --git a/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/StaticCredentialsProvider.php b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/StaticCredentialsProvider.php new file mode 100644 index 0000000..8dc6249 --- /dev/null +++ b/vendor/aws/aws-crt-php/src/AWS/CRT/Auth/StaticCredentialsProvider.php @@ -0,0 +1,35 @@ +<?php +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ +namespace AWS\CRT\Auth; + +/** + * Provides a static set of AWS credentials + * + * @param array options: + * - string access_key_id - AWS Access Key Id + * - string secret_access_key - AWS Secret Access Key + * - string session_token - Optional STS session token + */ +final class StaticCredentialsProvider extends CredentialsProvider { + + private $credentials; + + public function __get($name) { + return $this->$name; + } + + function __construct(array $options = []) { + parent::__construct(); + $this->credentials = new AwsCredentials($options); + + $provider_options = self::$crt->credentials_provider_static_options_new(); + self::$crt->credentials_provider_static_options_set_access_key_id($provider_options, $this->credentials->access_key_id); + self::$crt->credentials_provider_static_options_set_secret_access_key($provider_options, $this->credentials->secret_access_key); + self::$crt->credentials_provider_static_options_set_session_token($provider_options, $this->credentials->session_token); + $this->acquire(self::$crt->credentials_provider_static_new($provider_options)); + self::$crt->credentials_provider_static_options_release($provider_options); + } +} |