request: Move credential-scope to separate procedure. master
authorRicardo Wurmus <rekado@elephly.net>
Tue, 10 Aug 2021 17:04:28 +0000 (19:04 +0200)
committerRicardo Wurmus <rekado@elephly.net>
Tue, 10 Aug 2021 17:04:28 +0000 (19:04 +0200)
aws/request.scm

index d82df4c0db414a1797f01c2a831d812a78b23277..f67d1ef7ec26e65281f83135ff881972ebb70711 100644 (file)
@@ -182,6 +182,12 @@ strings."
          (signing-key (sign kservice "aws4_request")))
     (hexify (sign signing-key string-to-sign))))
 
+(define (credential-scope date-stamp region service-name)
+  (string-join (list date-stamp
+                     region
+                     service-name
+                     "aws4_request") "/"))
+
 (define* (sign-headers headers
                        #:key
                        (method "GET")
@@ -238,15 +244,14 @@ used for presigned URLs."
                              signed-headers
                              payload-hash)
                        "\n"))
-         (credential-scope
-          (string-join (list date-stamp
-                             region
-                             service-name
-                             "aws4_request") "/"))
+         (scope
+          (credential-scope date-stamp
+                            region
+                            service-name))
          (string-to-sign
           (string-join (list %algorithm
                              amz-date
-                             credential-scope
+                             scope
                              (hexify (sha256 (string->utf8 canonical-request))))
                        "\n"))
          (signature
@@ -262,7 +267,7 @@ used for presigned URLs."
     ;; signed-headers values, as noted earlier.  Order here is not
     ;; significant.
     (cons `(authorization . (,(string->symbol %algorithm)
-                             (Credential . ,(string-append access-key "/" credential-scope))
+                             (Credential . ,(string-append access-key "/" scope))
                              (SignedHeaders . ,signed-headers)
                              (Signature . ,signature)))
           (filter cdr headers))))