· 7 years ago · Mar 09, 2018, 10:32 AM
1gs.include('jshashes');
2
3var method = 'GET';
4var service = 'ec2';
5var host = 'ec2.amazonaws.com';
6var region = 'us-east-1';
7var endpoint = 'https://ec2.amazonaws.com';
8var access_key = 'ACCESSKEY';
9var secret_key = 'SECRET/KEY';
10var request_parameters = 'AWSAccessKeyId' + access_key + 'Action=RunInstances&&ImageId=ami-b770fbd8';
11
12function getSignatureKey(key, date, region, service){
13 var newKey = "AWS4" + key;
14 var kDate = new Hashes.SHA256().b64_hmac(newKey, date);
15 var kRegion = new Hashes.SHA256().b64_hmac(kDate, region);
16 var kService = new Hashes.SHA256().b64_hmac(kRegion, service);
17 var kSigning = new Hashes.SHA256().b64_hmac(kService, "aws4_request");
18
19 return kSigning;
20}
21
22var gdt = new GlideDateTime();
23var datestamp = gdt.getDate().getByFormat('yyyyMMdd') + 'T' +
24gdt.getTime().getByFormat('HHmmss') + 'Z';
25var amzdate = gdt.getDate().getByFormat('yyyyMMdd')+"";
26
27var canonical_uri = '/';
28
29var canonical_querystring = request_parameters;
30
31var canonical_headers = 'host:' + host + 'n' + 'x-amz-date:' + amzdate + 'n'
32var signed_headers = 'host;x-amz-date';
33
34var payload_hash = new Hashes.SHA256().hex("");
35
36var canonical_request = method + 'n' + canonical_uri + 'n' + canonical_querystring + 'n' + canonical_headers + 'n' + signed_headers + 'n' + payload_hash;
37
38var algorithm = 'AWS4-HMAC-SHA256';
39var credential_scope = datestamp + '/' + region + '/' + service + '/' + 'aws4_request';
40var string_to_sign = algorithm + 'n' + amzdate + 'n' + credential_scope + 'n' + new Hashes.SHA256().hex(canonical_request);
41
42var signing_key = getSignatureKey(secret_key, datestamp, region, service);
43//Python
44//var signature = hmac.new(signing_key, (string_to_sign).encode('utf-8'), hashlib.sha256).hexdigest()
45var signature = new Hashes.SHA256().hex_hmac(signing_key, string_to_sign);
46
47var authorization_header = algorithm + ' ' + 'Credential=' + access_key + '/' + credential_scope + ', ' + 'SignedHeaders=' + signed_headers + ', ' + 'Signature=' + signature
48
49var headers = {'x-amz-date':amzdate, 'Authorization':authorization_header}
50
51var request_url = endpoint + '?' + canonical_querystring
52
53var httpRequest = new GlideHTTPRequest(request_url);
54httpRequest.setRequestHeader(headers);
55var res = httpRequest.get();
56gs.print(res.statusCode);
57gs.print(res.allHeaders);
58gs.print(res.body);