declare local var.awsAccessKey STRING;
declare local var.awsSecretKey STRING;
declare local var.awsS3Bucket STRING;
declare local var.awsRegion STRING;
declare local var.canonicalHeaders STRING;
declare local var.signedHeaders STRING;
declare local var.canonicalRequest STRING;
declare local var.canonicalQuery STRING;
declare local var.stringToSign STRING;
declare local var.dateStamp STRING;
declare local var.signature STRING;
declare local var.scope STRING;
set var.awsAccessKey = "AKIAIYV3R5KWHXJKD4QQ";
set var.awsSecretKey = "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";
set var.awsS3Bucket = "demo-s3-fiddle-origin";
set var.awsRegion = "us-east-2";
if (req.method == "GET" && !req.backend.is_shield) {
set = digest.hash_sha256("");
set = strftime({"%Y%m%dT%H%M%SZ"}, now);
set = var.awsS3Bucket ".s3." var.awsRegion ".amazonaws.com";
set bereq.url = querystring.remove(bereq.url);
set bereq.url = regsuball(urlencode(urldecode(bereq.url.path)), {"%2F"}, "/");
set var.dateStamp = strftime({"%Y%m%d"}, now);
set var.canonicalHeaders = ""
"host:" LF
"x-amz-content-sha256:" LF
"x-amz-date:" LF
;
set var.canonicalQuery = "";
set var.signedHeaders = "host;x-amz-content-sha256;x-amz-date";
set var.canonicalRequest = ""
"GET" LF
bereq.url.path LF
var.canonicalQuery LF
var.canonicalHeaders LF
var.signedHeaders LF
digest.hash_sha256("")
;
set var.scope = var.dateStamp "/" var.awsRegion "/s3/aws4_request";
set var.stringToSign = ""
"AWS4-HMAC-SHA256" LF
LF
var.scope LF
regsub(digest.hash_sha256(var.canonicalRequest),"^0x", "")
;
set var.signature = digest.awsv4_hmac(
var.awsSecretKey,
var.dateStamp,
var.awsRegion,
"s3",
var.stringToSign
);
set = "AWS4-HMAC-SHA256 "
"Credential=" var.awsAccessKey "/" var.scope ", "
"SignedHeaders=" var.signedHeaders ", "
"Signature=" + regsub(var.signature,"^0x", "")
;
unset ;
unset ;
unset ;
unset ;
}