-
Notifications
You must be signed in to change notification settings - Fork 22
Expand file tree
/
Copy pathcreateCurlForS3UsingIAMCreds.js
More file actions
117 lines (101 loc) · 3.67 KB
/
createCurlForS3UsingIAMCreds.js
File metadata and controls
117 lines (101 loc) · 3.67 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
const crypto = require("crypto");
const fetchData = (fetchURL) => {
fetch(fetchURL, {
headers,
})
.then((response) => {
console.log("Buckets:", response);
const reader = response.body.getReader();
let result = "";
let done, value;
(async () => {
// console.log(await reader.read() );
while (!done) {
const data = await reader.read();
done = data.done;
value = data.value;
result += new TextDecoder().decode(value);
}
console.log("Result:", result);
})();
})
.catch((error) => {
console.error(
"Error:",
error.response ? error.response.data : error.message
);
});
};
const createCURLCommand = (fetchURL, headers) => {
const curlCommand = `curl -X GET '${fetchURL}' \\\n-H 'Authorization: ${headers["Authorization"]}' \\\n-H 'x-amz-date: ${headers["x-amz-date"]}' \\\n-H 'x-amz-security-token: ${headers["x-amz-security-token"]}' \\\n-H 'x-amz-content-sha256: ${headers["x-amz-content-sha256"]}'`;
console.log("CURL command is:- \n\n\n", curlCommand);
};
const data = {
AccessKeyId: "ASIA.....",
Expiration: 1.727944934e9,
SecretKey: "MAb....",
SessionToken: "c6o6tw=",
};
const accessKeyId = data.AccessKeyId;
const secretAccessKey = data.SecretKey;
const sessionToken = data.SessionToken;
const region = "ap-south-1";
const service = "s3";
// Generate the current date and timestamp in the required formats
const date = new Date();
const amzDate = date.toISOString().replace(/[:-]|\.\d{3}/g, ""); // Format: YYYYMMDD'T'HHMMSS'Z'
const dateStamp = date.toISOString().slice(0, 10).replace(/-/g, ""); // Format: YYYYMMDD
// Create a canonical request
const canonicalUri = "/";
const canonicalQuerystring = "max-buckets=10";
const canonicalHeaders = `host:s3.${region}.amazonaws.com\nx-amz-content-sha256:UNSIGNED-PAYLOAD\nx-amz-date:${amzDate}\nx-amz-security-token:${sessionToken}\n`;
const signedHeaders =
"host;x-amz-content-sha256;x-amz-date;x-amz-security-token";
const payloadHash = "UNSIGNED-PAYLOAD";
const canonicalRequest = [
"GET",
canonicalUri,
canonicalQuerystring,
canonicalHeaders,
signedHeaders,
payloadHash,
].join("\n");
// Create the string to sign
const credentialScope = `${dateStamp}/${region}/${service}/aws4_request`;
const stringToSign = [
"AWS4-HMAC-SHA256",
amzDate,
credentialScope,
crypto.createHash("sha256").update(canonicalRequest).digest("hex"),
].join("\n");
// Create the signing key
const kDate = crypto
.createHmac("sha256", `AWS4${secretAccessKey}`)
.update(dateStamp)
.digest();
const kRegion = crypto.createHmac("sha256", kDate).update(region).digest();
const kService = crypto.createHmac("sha256", kRegion).update(service).digest();
const signingKey = crypto
.createHmac("sha256", kService)
.update("aws4_request")
.digest();
// Create the signature
const signature = crypto
.createHmac("sha256", signingKey)
.update(stringToSign)
.digest("hex");
// Create the authorization header
const authorizationHeader = [
`AWS4-HMAC-SHA256 Credential=${accessKeyId}/${credentialScope},`,
`SignedHeaders=${signedHeaders},`,
`Signature=${signature}`,
].join(" ");
const headers = {
Authorization: authorizationHeader,
"x-amz-date": amzDate,
"x-amz-security-token": sessionToken,
"x-amz-content-sha256": payloadHash,
};
const fetchURL = `https://s3.${region}.amazonaws.com/?${canonicalQuerystring}`;
// fetchData(fetchURL);
createCURLCommand(fetchURL, headers);