Package: ibmiam

import "../ibm-cos-sdk-go/aws/signer/ibmiam"

Variables

var SignRequestHandler = writable

SignRequestHandler is a named request handler the SDK will use to sign service client request with using the IBM IAM signature.

Value:

request.NamedHandler{ Name: signRequestHandlerLog, Fn: Sign, }

Function Summary collapse

Function Details

func Sign(req *request.Request)

Sign signs IBM IAM requests with the token type, access token and service instance id request is made to, and time the request is signed at.

Returns a list of HTTP headers that were included in the signature or an error if signing the request failed. Generally for signed requests this value is not needed as the full request context will be captured by the http.Request value. It is included for reference though.



29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
// File 'aws/signer/ibmiam/ibmiam.go', line 29

func Sign(req *request.Request) { // Sets the logger for the Request to be signed logger := req.Config.Logger if !req.Config.LogLevel.Matches(aws.LogDebug) { logger = nil } // Obtains the IBM IAM Credentials Object // The objects includes: // IBM IAM Token // IBM IAM Service Instance ID value, err := req.Config.Credentials.Get() if err != nil { if logger != nil { logger.Log(debugLog, signRequestHandlerLog, "CREDENTIAL GET ERROR", err) } req.Error = err req.SignedHeaderVals = nil return } // Check the type of the Token // If does not exist, return with an error in the request if value.TokenType == "" { err = errTokenTypeNotSet if logger != nil { logger.Log(debugLog, err) } req.Error = err req.SignedHeaderVals = nil return } // Checks the Access Token // If does not exist, return with an error in the request if value.AccessToken == "" { err = errAccessTokenNotSet if logger != nil { logger.Log(debugLog, err) } req.Error = err req.SignedHeaderVals = nil return } // Get the Service Instance ID from the IBM IAM Credentials object serviceInstanceID := req.HTTPRequest.Header.Get("ibm-service-instance-id") if serviceInstanceID == "" && value.ServiceInstanceID != "" { // Log the Service Instance ID if logger != nil { logger.Log(debugLog, "Setting the 'ibm-service-instance-id' from the Credentials") } req.HTTPRequest.Header.Set("ibm-service-instance-id", value.ServiceInstanceID) } // Use the IBM IAM Token Bearer as the Authorization Header authString := value.TokenType + " " + value.AccessToken req.HTTPRequest.Header.Set("Authorization", authString) if logger != nil { logger.Log(debugLog, signRequestHandlerLog, "Set Header Authorization", authString) } }