2
0
mirror of https://codeberg.org/kiss-community/repo synced 2024-12-23 07:40:11 -07:00
repo/core/curl/files/CURLOPT_AWS_SIGV4.3
2024-08-02 20:52:59 -05:00

90 lines
3.3 KiB
Groff

.\" generated by cd2nroff 0.1 from CURLOPT_AWS_SIGV4.md
.TH CURLOPT_AWS_SIGV4 3 "2024-08-02" libcurl
.SH NAME
CURLOPT_AWS_SIGV4 \- V4 signature
.SH SYNOPSIS
.nf
#include <curl/curl.h>
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_AWS_SIGV4, char *param);
.fi
.SH DESCRIPTION
Provides AWS V4 signature authentication on HTTP(S) header.
Pass a char pointer that is the collection of specific arguments are used for
creating outgoing authentication headers. The format of the \fIparam\fP option
is:
.IP provider1[:provider2[:region[:service]]]
.IP "provider1, provider2"
The providers arguments are used for generating some authentication parameters
such as "Algorithm", "date", "request type" and "signed headers".
.IP region
The argument is a geographic area of a resources collection.
It is extracted from the hostname specified in the URL if omitted.
.IP service
The argument is a function provided by a cloud. It is extracted from the
hostname specified in the URL if omitted.
.PP
NOTE: This call set \fICURLOPT_HTTPAUTH(3)\fP to CURLAUTH_AWS_SIGV4. Calling
\fICURLOPT_HTTPAUTH(3)\fP with CURLAUTH_AWS_SIGV4 is the same as calling this with
\fB"aws:amz"\fP in parameter.
Example with "Test:Try", when curl uses the algorithm, it generates
\fB"TEST\-HMAC\-SHA256"\fP for "Algorithm", \fB"x\-try\-date"\fP and \fB"X\-Try\-Date"\fP
for "date", \fB"test4_request"\fP for "request type",
\fB"SignedHeaders=content\-type;host;x\-try\-date"\fP for "signed headers"
If you use just "test", instead of "test:try", test is used for every
generated string.
Setting \fICURLOPT_HTTPAUTH(3)\fP with the CURLAUTH_AWS_SIGV4 bit set is the same as
setting this option with a \fB"aws:amz"\fP parameter.
.SH DEFAULT
NULL
.SH PROTOCOLS
This functionality affects http only
.SH EXAMPLE
.nf
int main(void)
{
CURL *curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_URL,
"https://service.region.example.com/uri");
curl_easy_setopt(curl, CURLOPT_AWS_SIGV4, "provider1:provider2");
/* service and region can also be set in CURLOPT_AWS_SIGV4 */
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/uri");
curl_easy_setopt(curl, CURLOPT_AWS_SIGV4,
"provider1:provider2:region:service");
curl_easy_setopt(curl, CURLOPT_USERPWD, "MY_ACCESS_KEY:MY_SECRET_KEY");
curl_easy_perform(curl);
}
}
.fi
.SH NOTES
This option overrides the other auth types you might have set in
\fICURLOPT_HTTPAUTH(3)\fP which should be highlighted as this makes this auth method
special. This method cannot be combined with other auth types.
A sha256 checksum of the request payload is used as input to the signature
calculation. For POST requests, this is a checksum of the provided
\fICURLOPT_POSTFIELDS(3)\fP. Otherwise, it is the checksum of an empty buffer. For
requests like PUT, you can provide your own checksum in an HTTP header named
\fBx\-provider2\-content\-sha256\fP.
For \fBaws:s3\fP, a \fBx\-amz\-content\-sha256\fP header is added to every request if
not already present. For s3 requests with unknown payload, this header takes
the special value "UNSIGNED\-PAYLOAD".
.SH AVAILABILITY
Added in curl 7.75.0
.SH RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
.SH SEE ALSO
.BR CURLOPT_HEADEROPT (3),
.BR CURLOPT_HTTPAUTH (3),
.BR CURLOPT_HTTPHEADER (3),
.BR CURLOPT_PROXYAUTH (3)