Transition SignatureV4 from using raw promise chains to async/await

jeskew · jeskew · commit a026bf681f5f · 2017-11-09T13:05:21.000-08:00
diff --git a/packages/credential-provider-imds/src/fromInstanceMetadata.ts b/packages/credential-provider-imds/src/fromInstanceMetadata.ts
@@ -27,7 +27,7 @@ export function fromInstanceMetadata(
             )).trim()
         } = init;
 
-        return await retry(async () => {
+        return retry(async () => {
             const credsResponse = JSON.parse(
                 await requestFromEc2Imds(timeout, profile)
             );
diff --git a/packages/signature-v4/src/SignatureV4.ts b/packages/signature-v4/src/SignatureV4.ts
@@ -133,119 +133,101 @@ export class SignatureV4 implements RequestSigner {
         }
     }
 
-    presignRequest<StreamType>({
+    public async presignRequest<StreamType>({
         request: originalRequest,
         expiration,
         signingDate = new Date(),
         hoistHeaders = true,
         unsignableHeaders = UNSIGNABLE_HEADERS,
         unsignedPayload = this.unsignedPayload,
     }: PresigningArguments<StreamType>): Promise<HttpRequest<StreamType>> {
-        return Promise.all([this.regionProvider(), this.credentialProvider()])
-            .then(([region, credentials]) => {
-                const {longDate, shortDate} = formatDate(signingDate);
-                const ttl = getTtl(signingDate, expiration);
-                if (ttl > MAX_PRESIGNED_TTL) {
-                    return Promise.reject('Signature version 4 presigned URLs'
-                        + ' must have an expiration date less than one week in'
-                        + ' the future');
-                }
-
-                const scope = createScope(shortDate, region, this.service);
-                const keyPromise = this.getSigningKey(credentials, shortDate);
-
-                const wrapperFn = hoistHeaders
-                    ? moveHeadersToQuery
-                    : ensureRequestHasQuery;
-                const request = wrapperFn(prepareRequest(originalRequest));
-
-                if (credentials.sessionToken) {
-                    request.query[TOKEN_QUERY_PARAM] = credentials.sessionToken;
-                }
-                request.query[ALGORITHM_QUERY_PARAM] = ALGORITHM_IDENTIFIER;
-                request.query[CREDENTIAL_QUERY_PARAM]
-                    = `${credentials.accessKeyId}/${scope}`;
-                request.query[AMZ_DATE_QUERY_PARAM] = longDate;
-                request.query[EXPIRES_QUERY_PARAM] = ttl.toString(10);
-
-                return this.getPayloadHash(request, unsignedPayload)
-                    .then(payloadHash => {
-                        if (this.applyChecksum) {
-                            request.query[SHA256_QUERY_PARAM] = payloadHash;
-                        }
-
-                        const canonicalHeaders = getCanonicalHeaders(
-                            request,
-                            unsignableHeaders
-                        );
-                        request.query[SIGNED_HEADERS_QUERY_PARAM]
-                            = getCanonicalHeaderList(canonicalHeaders);
-                        const canonicalRequest = this.createCanonicalRequest(
-                            request,
-                            canonicalHeaders,
-                            payloadHash
-                        );
-
-                        return this.getSignature(
-                            longDate,
-                            scope,
-                            keyPromise,
-                            canonicalRequest
-                        )
-                    }).then(signature => {
-                        request.query[SIGNATURE_QUERY_PARAM] = signature;
-                        return request;
-                    });
-            });
+        const [region, credentials] = await Promise.all([
+            this.regionProvider(),
+            this.credentialProvider()
+        ]);
+
+        const {longDate, shortDate} = formatDate(signingDate);
+        const ttl = getTtl(signingDate, expiration);
+        if (ttl > MAX_PRESIGNED_TTL) {
+            return Promise.reject('Signature version 4 presigned URLs'
+                + ' must have an expiration date less than one week in'
+                + ' the future');
+        }
+
+        const scope = createScope(shortDate, region, this.service);
+
+        const wrapperFn = hoistHeaders ? moveHeadersToQuery : ensureReqHasQuery;
+        const request = wrapperFn(prepareRequest(originalRequest));
+
+        if (credentials.sessionToken) {
+            request.query[TOKEN_QUERY_PARAM] = credentials.sessionToken;
+        }
+        request.query[ALGORITHM_QUERY_PARAM] = ALGORITHM_IDENTIFIER;
+        request.query[CREDENTIAL_QUERY_PARAM] = `${credentials.accessKeyId}/${scope}`;
+        request.query[AMZ_DATE_QUERY_PARAM] = longDate;
+        request.query[EXPIRES_QUERY_PARAM] = ttl.toString(10);
+
+        const payloadHash = await this.getPayloadHash(request, unsignedPayload);
+        if (this.applyChecksum) {
+            request.query[SHA256_QUERY_PARAM] = payloadHash;
+        }
+
+        const canonicalHeaders = getCanonicalHeaders(request, unsignableHeaders);
+        request.query[SIGNED_HEADERS_QUERY_PARAM] = getCanonicalHeaderList(canonicalHeaders);
+
+        request.query[SIGNATURE_QUERY_PARAM] = await this.getSignature(
+            longDate,
+            scope,
+            this.getSigningKey(credentials, region, shortDate),
+            this.createCanonicalRequest(
+                request,
+                canonicalHeaders,
+                payloadHash
+            )
+        );
+
+        return request;
     }
 
-    signRequest<StreamType>({
+    public async signRequest<StreamType>({
         request: originalRequest,
         signingDate = new Date(),
         unsignableHeaders = UNSIGNABLE_HEADERS,
         unsignedPayload = this.unsignedPayload,
     }: SigningArguments<StreamType>): Promise<HttpRequest<StreamType>> {
-        return Promise.all([this.regionProvider(), this.credentialProvider()])
-            .then(([region, credentials]) => {
-                const request = prepareRequest(originalRequest);
-                const {longDate, shortDate} = formatDate(signingDate);
-                const scope = createScope(shortDate, region, this.service);
-                const keyPromise = this.getSigningKey(credentials, shortDate);
-
-                request.headers[AMZ_DATE_HEADER] = longDate;
-                if (credentials.sessionToken) {
-                    request.headers[TOKEN_HEADER] = credentials.sessionToken;
-                }
-
-                return this.getPayloadHash(request, unsignedPayload)
-                    .then(payloadHash => {
-                        if (this.applyChecksum || payloadHash === UNSIGNED_PAYLOAD) {
-                            request.headers[SHA256_HEADER] = payloadHash;
-                        }
-                        const canonicalHeaders = getCanonicalHeaders(
-                            request,
-                            unsignableHeaders
-                        );
-                        const canonicalRequest =  this.createCanonicalRequest(
-                            request,
-                            canonicalHeaders,
-                            payloadHash
-                        );
-
-                        return this.getSignature(
-                            longDate,
-                            scope,
-                            keyPromise,
-                            canonicalRequest
-                        ).then(signature => {
-                            request.headers[AUTH_HEADER] = `${ALGORITHM_IDENTIFIER} `
-                                + `Credential=${credentials.accessKeyId}/${scope}, `
-                                + `SignedHeaders=${getCanonicalHeaderList(canonicalHeaders)}, `
-                                + `Signature=${signature}`;
-                            return request;
-                        });
-                    });
-            });
+        const [region, credentials] = await Promise.all([
+            this.regionProvider(),
+            this.credentialProvider()
+        ]);
+
+        const request = prepareRequest(originalRequest);
+        const {longDate, shortDate} = formatDate(signingDate);
+        const scope = createScope(shortDate, region, this.service);
+
+        request.headers[AMZ_DATE_HEADER] = longDate;
+        if (credentials.sessionToken) {
+            request.headers[TOKEN_HEADER] = credentials.sessionToken;
+        }
+
+        const payloadHash = await this.getPayloadHash(request, unsignedPayload);
+
+        if (this.applyChecksum || payloadHash === UNSIGNED_PAYLOAD) {
+            request.headers[SHA256_HEADER] = payloadHash;
+        }
+        const canonicalHeaders = getCanonicalHeaders(request, unsignableHeaders);
+        const signature = await this.getSignature(
+            longDate,
+            scope,
+            this.getSigningKey(credentials, region, shortDate),
+            this.createCanonicalRequest(request, canonicalHeaders, payloadHash)
+        );
+
+        request.headers[AUTH_HEADER] = `${ALGORITHM_IDENTIFIER} `
+            + `Credential=${credentials.accessKeyId}/${scope}, `
+            + `SignedHeaders=${getCanonicalHeaderList(canonicalHeaders)}, `
+            + `Signature=${signature}`;
+
+        return request;
     }
 
     private createCanonicalRequest(
@@ -263,20 +245,19 @@ ${sortedHeaders.join(';')}
 ${payloadHash}`;
     }
 
-    private createStringToSign(
+    private async createStringToSign(
         longDate: string,
         credentialScope: string,
         canonicalRequest: string
     ): Promise<string> {
         const hash = new this.sha256();
         hash.update(canonicalRequest);
+        const hashedRequest = await hash.digest();
 
-        return hash.digest().then(hashedRequest => (
-`${ALGORITHM_IDENTIFIER}
+        return`${ALGORITHM_IDENTIFIER}
 ${longDate}
 ${credentialScope}
-${toHex(hashedRequest)}`
-        ));
+${toHex(hashedRequest)}`;
     }
 
     private getCanonicalPath(
@@ -290,53 +271,50 @@ ${toHex(hashedRequest)}`
         return path;
     }
 
-    private getPayloadHash<StreamType>(
+    private async getPayloadHash<StreamType>(
         request: HttpRequest<StreamType>,
         unsignedPayload: boolean
     ): Promise<string> {
-
-
         if (unsignedPayload && request.protocol === 'https:') {
-            return Promise.resolve(UNSIGNED_PAYLOAD);
+            return UNSIGNED_PAYLOAD;
         }
 
         return getPayloadHash(request, this.sha256);
     }
 
-    private getSignature(
+    private async getSignature(
         longDate: string,
         credentialScope: string,
         keyPromise: Promise<Uint8Array>,
         canonicalRequest: string
     ): Promise<string> {
-        return this.createStringToSign(
+        const stringToSign = await this.createStringToSign(
             longDate,
             credentialScope,
             canonicalRequest
-        ).then(stringToSign => {
-            return keyPromise.then(key => {
-                const hash = new this.sha256(key);
-                hash.update(stringToSign);
-                return hash.digest();
-            });
-        }).then(toHex);
+        );
+
+        const hash = new this.sha256(await keyPromise);
+        hash.update(stringToSign);
+        return toHex(await hash.digest());
     }
 
     private getSigningKey(
         credentials: Credentials,
+        region: string,
         shortDate: string
     ): Promise<Uint8Array> {
-        return this.regionProvider().then(region => getSigningKey(
+        return getSigningKey(
             this.sha256,
             credentials,
             shortDate,
             region,
             this.service
-        ));
+        );
     }
 }
 
-function ensureRequestHasQuery<StreamType>(
+function ensureReqHasQuery<StreamType>(
     request: HttpRequest<StreamType>
 ): HttpRequest<StreamType> & {query: QueryParameterBag} {
     const {query = {} as QueryParameterBag} = request;
diff --git a/packages/signature-v4/src/getPayloadHash.ts b/packages/signature-v4/src/getPayloadHash.ts
@@ -6,35 +6,28 @@ import {toHex} from '@aws/util-hex-encoding';
 /**
  * @internal
  */
-export function getPayloadHash(
+export async function getPayloadHash(
     {headers, body}: HttpRequest<any>,
     hashConstructor: HashConstructor
 ): Promise<string> {
     if (SHA256_HEADER in headers) {
-        return Promise.resolve(headers[SHA256_HEADER]);
+        return headers[SHA256_HEADER];
     }
 
-    let hashPromise: Promise<Uint8Array>;
-
     if (body == undefined) {
-        hashPromise = Promise.resolve(EMPTY_DATA_SHA_256);
-    } else {
-        const hash = new hashConstructor();
-
-        if (
-            typeof body === 'string'
-            || ArrayBuffer.isView(body)
-            || isArrayBuffer(body)
-        ) {
-            hash.update(body);
-            hashPromise = hash.digest();
-        } else {
-            // As any body that is not a string or binary data is a stream, this
-            // body is unsignable. Attempt to send the request with an unsigned
-            // payload, which may or may not be accepted by the service.
-            return Promise.resolve(UNSIGNED_PAYLOAD);
-        }
+        return toHex(EMPTY_DATA_SHA_256);
+    } else if (
+        typeof body === 'string'
+        || ArrayBuffer.isView(body)
+        || isArrayBuffer(body)
+    ) {
+        const hashCtor = new hashConstructor();
+        hashCtor.update(body);
+        return toHex(await hashCtor.digest());
     }
 
-    return hashPromise.then(toHex);
+    // As any defined body that is not a string or binary data is a stream, this
+    // body is unsignable. Attempt to send the request with an unsigned payload,
+    // which may or may not be accepted by the service.
+    return UNSIGNED_PAYLOAD;
 }
