From b517c0c4160e80c2f8a86f2773e2464e5e9aeb01 Mon Sep 17 00:00:00 2001
From: Ricardo Wurmus <rekado@elephly.net>
Date: Sat, 7 Aug 2021 12:20:10 +0200
Subject: request: Add accessors to delay AWS_* env var lookup.

---
 aws/request.scm | 33 ++++++++++++++++++++++++---------
 1 file changed, 24 insertions(+), 9 deletions(-)

diff --git a/aws/request.scm b/aws/request.scm
index 9d38b58..2a3c151 100644
--- a/aws/request.scm
+++ b/aws/request.scm
@@ -52,12 +52,29 @@
   (make-parameter (or (getenv "AWS_DEFAULT_REGION")
                       "us-west-2")))
 
+(define %get-aws-default-region
+  (lambda ()
+    (or (getenv "AWS_DEFAULT_REGION")
+        (%aws-default-region))))
+
 (define %aws-access-key
   (make-parameter (getenv "AWS_ACCESS_KEY_ID")))
 
+(define %get-aws-access-key
+  (lambda ()
+    (or (%aws-secret-access-key)
+        (getenv "AWS_ACCESS_KEY_ID")
+        (error "No access key available.  Set the AWS_ACCESS_KEY_ID environment variable."))))
+
 (define %aws-secret-access-key
   (make-parameter (getenv "AWS_SECRET_ACCESS_KEY")))
 
+(define %get-aws-secret-access-key
+  (lambda ()
+    (or (%aws-secret-access-key)
+        (getenv "AWS_SECRET_ACCESS_KEY")
+        (error "No secret access key available.  Set the AWS_SECRET_ACCESS_KEY environment variable."))))
+
 (define %algorithm "AWS4-HMAC-SHA256")
 
 (define (sign key msg)
@@ -147,8 +164,8 @@ corresponding value in INPUT."
 
 (define* (compute-signature string-to-sign
                             #:key
-                            (aws-secret-key (%aws-secret-access-key))
-                            (aws-region (%aws-default-region))
+                            (aws-secret-key (%get-aws-secret-access-key))
+                            (aws-region (%get-aws-default-region))
                             aws-service-name)
   "Compute the AWS signature over STRING-TO-SIGN with the provided
 SECRET-KEY, and for the given AWS-SERVICE-NAME.  All arguments are
@@ -172,9 +189,9 @@ strings."
                        canonical-uri
                        payload-hash
                        service-name
-                       (region (%aws-default-region))
-                       (secret-key (%aws-secret-access-key))
-                       (access-key (%aws-access-key)))
+                       (region (%get-aws-default-region))
+                       (secret-key (%get-aws-secret-access-key))
+                       (access-key (%get-aws-access-key)))
   "Given a bunch of headers as an alist, return a new alist of headers
 that includes the authorization and x-amz-date headers.  This can be
 used for presigned URLs."
@@ -259,10 +276,8 @@ used for presigned URLs."
             http operation-name
             xml-namespace
             input)
-    (define region (%aws-default-region))
-    (define access-key
-      (or (%aws-access-key)
-          (error "No access key available.  Set the AWS_ACCESS_KEY_ID environment variable.")))
+    (define region (%get-aws-default-region))
+    (define access-key (%get-aws-access-key))
     (define method
       (assoc-ref http "method"))
     (define host
-- 
cgit v1.2.3