Move test; use snapshot.

r-lib · Jan 23, 2025 · ef07746 · ef07746
1 parent 010301d
commit ef07746
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 0 deletions.
diff --git a/tests/testthat/_snaps/req-auth-aws.md b/tests/testthat/_snaps/req-auth-aws.md
@@ -1,3 +1,31 @@
+# aws_v4_signature calculates correct signature
+
+    Code
+      rawToChar(signature$SigningKey)
+    Output
+      [1] "V\xb5\xcdl\xf3'\xc6,\xba\x96\x96LE;\020\xaa\x97\021\177=\xdc \xc0X\xd9\xc4\a~\a\xebcX"
+
+---
+
+    Code
+      signature$CanonicalRequest
+    Output
+      [1] "POST\n/v0/\n\nhost:example.execute-api.us-east-1.amazonaws.com\n\nhost\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+
+---
+
+    Code
+      signature$string_to_sign
+    Output
+      [1] "AWS4-HMAC-SHA256\n20250121T182222Z\n20250121/us-east-1/execute-api/aws4_request\n40b845bd8e6a316382ca9f73516e236075e4af2e04ebcb5f0d8eff12a040f6a4"
+
+---
+
+    Code
+      signature$Authorization
+    Output
+      [1] "AWS4-HMAC-SHA256 Credential=AKIAIOSFODNN7EXAMPLE/20250121/us-east-1/execute-api/aws4_request,SignedHeaders=host,Signature=db2ef1ec9fd9efa801b8eb6b3e754d9d2d5d46189833a947c5427dd706f9534c"
+
 # validates its inputs
 
     Code

diff --git a/tests/testthat/test-req-auth-aws.R b/tests/testthat/test-req-auth-aws.R
@@ -18,6 +18,31 @@ test_that("can correctly sign a request", {
   expect_no_error(req_perform(req))
 })
 
+test_that('aws_v4_signature calculates correct signature', {
+  req <- request("https://example.execute-api.us-east-1.amazonaws.com/v0/") %>%
+    req_method('POST')
+
+  body_sha256 <- openssl::sha256(req_body_get(req))
+  current_time <- as.POSIXct(1737483742, origin = "1970-01-01", tz = "EST")
+
+  signature <- aws_v4_signature(
+    method = req_method_get(req),
+    url = url_parse(req$url),
+    headers = req$headers,
+    body_sha256 = body_sha256,
+    current_time = current_time,
+    aws_service = 'execute-api',
+    aws_region = 'us-east-1',
+    aws_access_key_id = 'AKIAIOSFODNN7EXAMPLE',
+    aws_secret_access_key = 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY'
+  )
+
+  expect_snapshot(rawToChar(signature$SigningKey))
+  expect_snapshot(signature$CanonicalRequest)
+  expect_snapshot(signature$string_to_sign)
+  expect_snapshot(signature$Authorization)
+})
+
 test_that("signing agrees with glacier example", {
   # Example from
   # https://docs.aws.amazon.com/amazonglacier/latest/dev/amazon-glacier-signing-requests.html