1CURLOPT_AWS_SIGV4(3)       curl_easy_setopt options       CURLOPT_AWS_SIGV4(3)
2
3
4

NAME

6       CURLOPT_AWS_SIGV4 - V4 signature
7

SYNOPSIS

9       #include <curl/curl.h>
10
11       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_AWS_SIGV4, char *param);
12

DESCRIPTION

14       Provides AWS V4 signature authentication on HTTP(S) header.
15
16       Pass a char * that is the collection of specific arguments are used for
17       creating outgoing authentication headers.  The format of the param  op‐
18       tion is:
19
20       provider1[:provider2[:region[:service]]]
21
22       provider1, provider2
23              The providers arguments are used for generating some authentica‐
24              tion parameters such as "Algorithm", "date", "request type"  and
25              "signed headers".
26
27       region The argument is a geographic area of a resources collection.  It
28              is extracted from the host name specified in the URL if omitted.
29
30       service
31              The argument is a function provided by a cloud.  It is extracted
32              from the host name specified in the URL if omitted.
33
34       NOTE: This call set CURLOPT_HTTPAUTH(3) to CURLAUTH_AWS_SIGV4.  Calling
35       CURLOPT_HTTPAUTH(3) with CURLAUTH_AWS_SIGV4 is the same as calling this
36       with "aws:amz" in parameter.
37
38       Example  with "Test:Try", when curl will do the algorithm, it will gen‐
39       erate "TEST-HMAC-SHA256" for "Algorithm", "x-try-date" and "X-Try-Date"
40       for "date", "test4_request" for "request type", "SignedHeaders=content-
41       type;host;x-try-date" for "signed headers"
42
43       If you use just "test", instead of "test:try", test will be use for ev‐
44       ery strings generated
45

DEFAULT

47       By  default,  the  value  of  this  parameter  is  NULL.   Calling CUR‐
48       LOPT_HTTPAUTH(3) with CURLAUTH_AWS_SIGV4 is the same  as  calling  this
49       with "aws:amz" in parameter.
50

PROTOCOLS

52       HTTP
53

EXAMPLE

55       CURL *curl = curl_easy_init();
56
57       struct curl_slist *list = NULL;
58
59       if(curl) {
60         curl_easy_setopt(curl, CURLOPT_URL,
61                         "https://service.region.example.com/uri");
62         curl_easy_setopt(c, CURLOPT_AWS_SIGV4, "provider1:provider2");
63
64         /* service and region also could be set in CURLOPT_AWS_SIGV4 */
65         /*
66         curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/uri");
67         curl_easy_setopt(c, CURLOPT_AWS_SIGV4,
68                          "provider1:provider2:region:service");
69         */
70
71         curl_easy_setopt(c, CURLOPT_USERPWD, "MY_ACCESS_KEY:MY_SECRET_KEY");
72         curl_easy_perform(curl);
73       }
74

AVAILABILITY

76       Added in 7.75.0
77

RETURN VALUE

79       Returns  CURLE_OK  if the option is supported, and CURLE_UNKNOWN_OPTION
80       if not.
81

NOTES

83       This option overrides the other auth types you might have set  in  CUR‐
84       LOPT_HTTPAUTH(3)  which  should  be highlighted as this makes this auth
85       method special.  This method cannot be combined with other auth types.
86
87       A sha256 checksum of the request payload is used as input to the signa‐
88       ture  calculation.   For  POST requests, this is a checksum of the pro‐
89       vided CURLOPT_POSTFIELDS(3).  Otherwise, it's the checksum of an  empty
90       buffer.   For requests like PUT, you can provide your own checksum in a
91       HTTP header named x-provider2-content-sha256.
92
93       For aws:s3, a x-amz-content-sha256 header is added to every request  if
94       not  already present. For s3 requests with unknown payload, this header
95       takes the special value "UNSIGNED-PAYLOAD".
96

SEE ALSO

98       CURLOPT_HEADEROPT(3), CURLOPT_HTTPHEADER(3),
99
100
101
102libcurl 8.0.1                  February 15, 2023          CURLOPT_AWS_SIGV4(3)
Impressum