DragonFly On-Line Manual Pages

Search: Section:  

CURLOPT_AWS_SIGV4(3)                libcurl               CURLOPT_AWS_SIGV4(3)


NAME

       CURLOPT_AWS_SIGV4 - V4 signature


SYNOPSIS

       #include <curl/curl.h>

       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_AWS_SIGV4, char *param);


DESCRIPTION

       Provides AWS V4 signature authentication on HTTP(S) header.

       Pass a char * that is the collection of specific arguments are used for
       creating outgoing authentication headers.  The format of the param
       option is:

       provider1[:provider2[:region[:service]]]

       provider1, provider2
              The providers arguments are used for generating some
              authentication parameters such as "Algorithm", "date", "request
              type" and "signed headers".

       region The argument is a geographic area of a resources collection.  It
              is extracted from the host name specified in the URL if omitted.

       service
              The argument is a function provided by a cloud.  It is extracted
              from the host name specified in the URL if omitted.

       NOTE: This call set CURLOPT_HTTPAUTH(3) to CURLAUTH_AWS_SIGV4.  Calling
       CURLOPT_HTTPAUTH(3) with CURLAUTH_AWS_SIGV4 is the same as calling this
       with "aws:amz" in parameter.

       Example with "Test:Try", when curl will do the algorithm, it will
       generate "TEST-HMAC-SHA256" for "Algorithm", "x-try-date" and "X-Try-
       Date" for "date", "test4_request" for "request type",
       "SignedHeaders=content-type;host;x-try-date" for "signed headers"

       If you use just "test", instead of "test:try", test will be use for
       every strings generated


DEFAULT

       By default, the value of this parameter is NULL.  Calling
       CURLOPT_HTTPAUTH(3) with CURLAUTH_AWS_SIGV4 is the same as calling this
       with "aws:amz" in parameter.


PROTOCOLS

       HTTP


EXAMPLE

       CURL *curl = curl_easy_init();

       struct curl_slist *list = NULL;

       if(curl) {
         curl_easy_setopt(curl, CURLOPT_URL,
                         "https://service.region.example.com/uri");
         curl_easy_setopt(c, CURLOPT_AWS_SIGV4, "provider1:provider2");

         /* service and region also could be set in CURLOPT_AWS_SIGV4 */
         /*
         curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/uri");
         curl_easy_setopt(c, CURLOPT_AWS_SIGV4,
                          "provider1:provider2:region:service");
         */

         curl_easy_setopt(c, CURLOPT_USERPWD, "MY_ACCESS_KEY:MY_SECRET_KEY");
         curl_easy_perform(curl);
       }


AVAILABILITY

       Added in 7.75.0


RETURN VALUE

       Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION
       if not.


NOTES

       This option overrides the other auth types you might have set in
       CURLOPT_HTTPAUTH(3) which should be highlighted as this makes this auth
       method special.  This method cannot be combined with other auth types.

       A sha256 checksum of the request payload is used as input to the
       signature calculation.  For POST requests, this is a checksum of the
       provided CURLOPT_POSTFIELDS(3).  Otherwise, it's the checksum of an
       empty buffer.  For requests like PUT, you can provide your own checksum
       in an HTTP header named x-provider2-content-sha256.

       For aws:s3, a x-amz-content-sha256 header is added to every request if
       not already present. For s3 requests with unknown payload, this header
       takes the special value "UNSIGNED-PAYLOAD".


SEE ALSO

       CURLOPT_HEADEROPT(3), CURLOPT_HTTPHEADER(3),

ibcurl 8.1.2                    April 27, 2023            CURLOPT_AWS_SIGV4(3)

Search: Section: