Skip to content
develop
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
lib
 
 
 
 
src
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

aws-sigv4

A dependency-free, test suite-compliant, AWS Signature Version 4 library in ES2017

NPM npm version ESDoc Dependency Status devDependency Status Coverage Status Code Climate Test Coverage Issue Count Codacy Badge Known Vulnerabilities Greenkeeper badge

  • Master: Build Status
  • Develop: Build Status

Example - ES2017 (Node 7.6+)

const sigv4 = require('aws-sigv4');

const secretAccessKey = process.env.AWS_SECRET_ACCESS_KEY;
const requestDate = sigv4.formatDateTime(new Date());
const stringToSign = 'Test string to sign';

(async () => {
	const signature = await sigv4.sign(
		secretAccessKey,
		requestDate.slice(0, 8),
		'us-east-1',
		'host',
		stringToSign
	);

	console.log(signature);
})();

Example - ES2016 (Node 4, 6, <= 7.5)

const sigv4 = require('aws-sigv4');

const secretAccessKey = process.env.AWS_SECRET_ACCESS_KEY;
const requestDate = sigv4.formatDateTime(new Date());
const stringToSign = 'Test string to sign';

sigv4.sign(
	secretAccessKey,
	requestDate.slice(0, 8),
	'us-east-1',
	'host',
	stringToSign
)
	.then(signature => console.log(signature));

Or, more specifically for S3:

const sigv4 = require('aws-sigv4');

const date = sigv4
	.formatDateTime(new Date())
	.slice(0, 8);
const credential = `${process.env.AWS_ACCESS_KEY_ID}/${date}/${process.env.AWS_REGION}/s3/aws4_request`;
const policy = new Buffer(
	JSON.stringify({
		expiration: new Date(Date.now() + 15 * 60000).toISOString(), // 15 minutes from now
		conditions: [
			{bucket: 'my-bucket-name'},
			{key: 'my-s3-key.mov'},
			{acl: 'private'},
			['starts-with', '$Content-Type', 'video/'],
			['content-length-range', 0, 10 * 1024 * 1024],
			{'x-amz-credential': credential},
			{'x-amz-algorithm': 'AWS4-HMAC-SHA256'},
			{'x-amz-date': date + 'T000000Z'}
		]
	})
)
	.toString('base64');

sigv4.sign(
	process.env.AWS_SECRET_ACCESS_KEY,
	date,
	process.env.AWS_REGION,
	's3',
	policy
)
	.then(signature => console.log(signature));

See Authenticating Requests in Browser-Based Uploads Using POST (AWS Signature Version 4) as the primary use case.