Merge pull request #35 from taylorfinnell/fix-time-skew-error

Fix time skew error

shard.yml

@@ -1,6 +1,6 @@
 name: awscr-signer
-version: 0.5.0
-crystal: 0.24.1
+version: 0.5.1
+crystal: 0.24.2
 
 authors:
   - Taylor Finnell <[email protected]>

src/awscr-signer/signers/v2.cr

@@ -6,26 +6,28 @@ module Awscr
       class V2
         include Interface
 
-        def initialize(service : String, region : String, aws_access_key : String, aws_secret_key : String)
-          @scope = Signer::Scope.new(region, service)
+        def initialize(@service : String, @region : String, @aws_access_key : String, @aws_secret_key : String)
           @credentials = Signer::Credentials.new(aws_access_key, aws_secret_key)
         end
 
         def sign(string : String)
-          sig = Signer::V2::Signature.new(@scope, string, @credentials)
+          scope = Signer::Scope.new(@region, @service)
+          sig = Signer::V2::Signature.new(scope, string, @credentials)
           sig.to_s
         end
 
         # Sign an HTTP::Request
         def sign(request : HTTP::Request)
+          scope = Signer::Scope.new(@region, @service)
+
           # Replace "Date" with X-Amz-Date.
           # Only if X-Amz-Date is not already set. AWS prefers
           # X-Amz-Date
           if date = request.headers.delete("X-Amz-Date")
             request.headers["Date"] ||= date
           else
             # Default it to the given scope time, if not set
-            request.headers["Date"] ||= @scope.date.rfc1123z
+            request.headers["Date"] ||= scope.date.rfc1123z
           end
 
           canonical_request = Signer::V2::Request.new(request.method,
@@ -39,14 +41,16 @@ module Awscr
             canonical_request.headers.add(Signer::Header.new(k, v))
           end
 
-          signature = Signer::V2::Signature.new(@scope, canonical_request.to_s, @credentials)
+          signature = Signer::V2::Signature.new(scope, canonical_request.to_s, @credentials)
 
           request.headers["Authorization"] = [
             "AWS ", @credentials.key, ":", signature,
           ].join
         end
 
         def presign(request, expires = nil)
+          scope = Signer::Scope.new(@region, @service)
+
           expires ||= Time.utc_now.epoch + 86_400
 
           canonical_request = Signer::V2::Request.new(request.method,
@@ -60,7 +64,7 @@ module Awscr
             canonical_request.headers.add(Signer::Header.new(k, v))
           end
 
-          signature = Signer::V2::Signature.new(@scope, canonical_request.to_s, @credentials)
+          signature = Signer::V2::Signature.new(scope, canonical_request.to_s, @credentials)
 
           request.query_params.add("AWSAccessKeyId", @credentials.key)
           request.query_params.add("Signature", signature.to_s)

src/awscr-signer/signers/v4.cr

@@ -14,13 +14,13 @@ module Awscr
       class V4
         include Interface
 
-        def initialize(service : String, region : String, aws_access_key : String, aws_secret_key : String)
-          @scope = Signer::Scope.new(region, service)
+        def initialize(@service : String, @region : String, @aws_access_key : String, @aws_secret_key : String)
           @credentials = Signer::Credentials.new(aws_access_key, aws_secret_key)
         end
 
         def sign(string : String)
-          sig = Signer::V4::Signature.new(@scope, string, @credentials, compute_digest: false)
+          scope = Signer::Scope.new(@region, @service)
+          sig = Signer::V4::Signature.new(scope, string, @credentials, compute_digest: false)
           sig.to_s
         end
 
@@ -34,9 +34,10 @@ module Awscr
         end
 
         private def querystring_impl(request)
+          scope = Signer::Scope.new(@region, @service)
           request.query_params.add("X-Amz-Algorithm", Signer::ALGORITHM)
-          request.query_params.add("X-Amz-Credential", "#{@credentials.key}/#{@scope}")
-          request.query_params.add("X-Amz-Date", @scope.date.iso8601)
+          request.query_params.add("X-Amz-Credential", "#{@credentials.key}/#{scope}")
+          request.query_params.add("X-Amz-Date", scope.date.iso8601)
 
           canonical_request = Signer::V4::Request.new(request.method,
             URI.parse(request.path), request.body)
@@ -51,20 +52,21 @@ module Awscr
 
           canonical_request.query.add("X-Amz-SignedHeaders", "#{canonical_request.headers.keys.join(";")}")
 
-          signature = Signer::V4::Signature.new(@scope, canonical_request.to_s, @credentials)
+          signature = Signer::V4::Signature.new(scope, canonical_request.to_s, @credentials)
           request.query_params.add("X-Amz-SignedHeaders", "#{canonical_request.headers.keys.join(";")}")
           request.query_params.add("X-Amz-Signature", signature.to_s)
         end
 
         private def header_impl(request, add_sha)
+          scope = Signer::Scope.new(@region, @service)
           # Replace "Date" with X-Amz-Date.
           # Only if X-Amz-Date is not already set. AWS prefers
           # X-Amz-Date
           if date = request.headers.delete("Date")
             request.headers["X-Amz-Date"] ||= date
           else
             # Default it to the given scope time, if not set
-            request.headers["X-Amz-Date"] ||= @scope.date.iso8601
+            request.headers["X-Amz-Date"] ||= scope.date.iso8601
           end
 
           canonical_request = Signer::V4::Request.new(request.method,
@@ -86,10 +88,10 @@ module Awscr
               canonical_request.digest)
           end
 
-          signature = Signer::V4::Signature.new(@scope, canonical_request.to_s, @credentials)
+          signature = Signer::V4::Signature.new(scope, canonical_request.to_s, @credentials)
 
           request.headers["Authorization"] = [
-            [Signer::ALGORITHM, "Credential=#{@credentials.key}/#{@scope}"].join(" "),
+            [Signer::ALGORITHM, "Credential=#{@credentials.key}/#{scope}"].join(" "),
             "SignedHeaders=#{canonical_request.headers.keys.join(";")}",
             "Signature=#{signature}",
           ].join(", ")

src/awscr-signer/version.cr

@@ -1,7 +1,7 @@
 module Awscr
   MAJOR = "0"
   MINOR = "5"
-  PATCH = "0"
+  PATCH = "1"
 
   VERSION = [MAJOR, MINOR, PATCH].join(".")
 end