AWS SDK

AWS4-ECDSA-P256-SHA256

20150830T123600Z

20150830/service/aws4_request

POST /?Param1=value1 HTTP/1.1

Host:example.amazonaws.com

POST

/

host:example.amazonaws.com

x-amz-date:20150830T123600Z

x-amz-region-set:us-east-1

host;x-amz-date;x-amz-region-set

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/header-signed-request.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/header-signed-request.txt

new file mode 100644

index 0000000..c0e50a0

@@ -0,0 +1,6 @@

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-vanilla/header-string-to-sign.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/header-string-to-sign.txt

similarity index 99%

rename from tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-vanilla/header-string-to-sign.txt

rename to tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/header-string-to-sign.txt

index d5650cb..f8adf13 100644

@@ -1,4 +1,4 @@

AWS4-ECDSA-P256-SHA256

20150830T123600Z

20150830/service/aws4_request

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/public-key.json b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/public-key.json

new file mode 100644

index 0000000..379dcb2

@@ -0,0 +1,4 @@

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-vanilla/query-canonical-request.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/query-canonical-request.txt

similarity index 99%

rename from tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-vanilla/query-canonical-request.txt

rename to tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/query-canonical-request.txt

index e48ce07..5ea8e3c 100644

@@ -1,7 +1,7 @@

POST

/

X-Amz-Algorithm=AWS4-ECDSA-P256-SHA256&X-Amz-Credential=AKIDEXAMPLE%2F20150830%2Fservice%2Faws4_request&X-Amz-Date=20150830T123600Z&X-Amz-Expires=3600&X-Amz-Region-Set=us-east-1&X-Amz-SignedHeaders=host

host:example.amazonaws.com

host

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/query-signature.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/query-signature.txt

new file mode 100644

index 0000000..ea8e3b4

@@ -0,0 +1 @@

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/query-signed-request.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/query-signed-request.txt

new file mode 100644

index 0000000..616973f

@@ -0,0 +1,3 @@

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-vanilla/query-string-to-sign.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/query-string-to-sign.txt

similarity index 99%

rename from tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-vanilla/query-string-to-sign.txt

rename to tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/query-string-to-sign.txt

index 34e3382..711c162 100644

@@ -1,4 +1,4 @@

AWS4-ECDSA-P256-SHA256

20150830T123600Z

20150830/service/aws4_request

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/request.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-vanilla/request.txt

new file mode 100644

index 0000000..3f0a82a

@@ -0,0 +1,2 @@

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/context.json b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/context.json

new file mode 100644

index 0000000..0db1df1

@@ -0,0 +1,12 @@

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-x-www-form-urlencoded-parameters/header-canonical-request.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/header-canonical-request.txt

similarity index 62%

rename from tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-x-www-form-urlencoded-parameters/header-canonical-request.txt

rename to tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/header-canonical-request.txt

index 05ab787..62639b2 100644

@@ -1,12 +1,12 @@

POST

/

content-length:13

content-type:application/x-www-form-urlencoded; charset=utf-8

host:example.amazonaws.com

x-amz-date:20150830T123600Z

x-amz-region-set:us-east-1

content-length;content-type;host;x-amz-content-sha256;x-amz-date;x-amz-region-set

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/header-signature.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/header-signature.txt

new file mode 100644

index 0000000..006ec2e

@@ -0,0 +1 @@

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/header-signed-request.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/header-signed-request.txt

new file mode 100644

index 0000000..87a11f2

@@ -0,0 +1,10 @@

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/header-string-to-sign.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/header-string-to-sign.txt

new file mode 100644

index 0000000..c047afb

@@ -0,0 +1,4 @@

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/public-key.json b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/public-key.json

new file mode 100644

index 0000000..379dcb2

@@ -0,0 +1,4 @@

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-x-www-form-urlencoded-parameters/query-canonical-request.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/query-canonical-request.txt

similarity index 85%

rename from tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-x-www-form-urlencoded-parameters/query-canonical-request.txt

rename to tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/query-canonical-request.txt

index fcc454f..6933a8c 100644

@@ -1,9 +1,9 @@

POST

/

X-Amz-Algorithm=AWS4-ECDSA-P256-SHA256&X-Amz-Credential=AKIDEXAMPLE%2F20150830%2Fservice%2Faws4_request&X-Amz-Date=20150830T123600Z&X-Amz-Expires=3600&X-Amz-Region-Set=us-east-1&X-Amz-SignedHeaders=content-length%3Bcontent-type%3Bhost

content-length:13

content-type:application/x-www-form-urlencoded; charset=utf-8

host:example.amazonaws.com

content-length;content-type;host

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/query-signature.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/query-signature.txt

new file mode 100644

index 0000000..34a2e12

@@ -0,0 +1 @@

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/query-signed-request.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/query-signed-request.txt

new file mode 100644

index 0000000..197b99e

@@ -0,0 +1,6 @@

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/query-string-to-sign.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/query-string-to-sign.txt

new file mode 100644

index 0000000..9d2bc74

@@ -0,0 +1,4 @@

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4-test-suite/post-x-www-form-urlencoded-parameters/post-x-www-form-urlencoded-parameters.req b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/request.txt

similarity index 80%

rename from tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4-test-suite/post-x-www-form-urlencoded-parameters/post-x-www-form-urlencoded-parameters.req

rename to tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded-parameters/request.txt

index 36015f1..8289eaa 100644

@@ -1,6 +1,6 @@

POST / HTTP/1.1

Content-Type:application/x-www-form-urlencoded; charset=utf-8

Host:example.amazonaws.com

Param1=value1

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/context.json b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/context.json

new file mode 100644

index 0000000..0db1df1

@@ -0,0 +1,12 @@

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-x-www-form-urlencoded/header-canonical-request.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/header-canonical-request.txt

similarity index 61%

rename from tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-x-www-form-urlencoded/header-canonical-request.txt

rename to tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/header-canonical-request.txt

index 69009dc..797632b 100644

@@ -1,12 +1,12 @@

POST

/

content-length:13

content-type:application/x-www-form-urlencoded

host:example.amazonaws.com

x-amz-date:20150830T123600Z

x-amz-region-set:us-east-1

content-length;content-type;host;x-amz-content-sha256;x-amz-date;x-amz-region-set

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/header-signature.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/header-signature.txt

new file mode 100644

index 0000000..f5a641c

@@ -0,0 +1 @@

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/header-signed-request.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/header-signed-request.txt

new file mode 100644

index 0000000..7bd94a7

@@ -0,0 +1,10 @@

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/header-string-to-sign.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/header-string-to-sign.txt

new file mode 100644

index 0000000..8d25ba9

@@ -0,0 +1,4 @@

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/public-key.json b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/public-key.json

new file mode 100644

index 0000000..379dcb2

@@ -0,0 +1,4 @@

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-x-www-form-urlencoded/query-canonical-request.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/query-canonical-request.txt

similarity index 99%

rename from tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-x-www-form-urlencoded/query-canonical-request.txt

rename to tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/query-canonical-request.txt

index 9ed065b..563ff58 100644

@@ -1,9 +1,9 @@

POST

/

X-Amz-Algorithm=AWS4-ECDSA-P256-SHA256&X-Amz-Credential=AKIDEXAMPLE%2F20150830%2Fservice%2Faws4_request&X-Amz-Date=20150830T123600Z&X-Amz-Expires=3600&X-Amz-Region-Set=us-east-1&X-Amz-SignedHeaders=content-length%3Bcontent-type%3Bhost

content-length:13

content-type:application/x-www-form-urlencoded

host:example.amazonaws.com

content-length;content-type;host

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/query-signature.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/query-signature.txt

new file mode 100644

index 0000000..0c77daf

@@ -0,0 +1 @@

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/query-signed-request.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/query-signed-request.txt

new file mode 100644

index 0000000..71d6de9

@@ -0,0 +1,6 @@

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-x-www-form-urlencoded/query-string-to-sign.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/query-string-to-sign.txt

similarity index 99%

rename from tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-sig-v4a-test-suite/post-x-www-form-urlencoded/query-string-to-sign.txt

rename to tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/query-string-to-sign.txt

index bef3143..cc7a224 100644

@@ -1,4 +1,4 @@

AWS4-ECDSA-P256-SHA256

20150830T123600Z

20150830/service/aws4_request

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/request.txt b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/aws-signing-test-suite/v4a/post-x-www-form-urlencoded/request.txt

new file mode 100644

index 0000000..760b2d3

@@ -0,0 +1,6 @@

 No newline at end of file

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/src/http_request/canonical_request.rs b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/src/http_request/canonical_request.rs

index 9bd636f..b53f33f 100644

@@ -346,67 +346,78 @@ impl CanonicalRequest<'_> {

            params.push((Cow::Borrowed(k), Cow::Borrowed(v)));

        }

        if let SignatureValues::QueryParams(values) = values {

            add_param(&mut params, param::X_AMZ_DATE, &values.date_time);

            add_param(&mut params, param::X_AMZ_EXPIRES, &values.expires);

            #[cfg(feature = "sigv4a")]

            if let Some(regions) = values.region_set {

                add_param(&mut params, sigv4a::param::X_AMZ_REGION_SET, regions);

            }

            add_param(&mut params, param::X_AMZ_ALGORITHM, values.algorithm);

            add_param(&mut params, param::X_AMZ_CREDENTIAL, &values.credential);

            add_param(

                &mut params,

                param::X_AMZ_SIGNED_HEADERS,

                values.signed_headers.as_str(),

            );

            if let Some(security_token) = values.security_token {

                add_param(

                    &mut params,

                    settings

                        .session_token_name_override

                        .unwrap_or(param::X_AMZ_SECURITY_TOKEN),

                    security_token,

                );

            }

        }

        params.sort();

        let mut query = QueryWriter::new(uri);

        query.clear_params();

        for (key, value) in params {

        }

        let query = query.build_query();

        if query.is_empty() {

            None

        } else {

            Some(query)

        }

    }

    fn insert_host_header(

        canonical_headers: &mut HeaderMap<HeaderValue>,

        uri: &Uri,

    ) -> HeaderValue {

        match canonical_headers.get(&HOST) {

            Some(header) => header.clone(),

            None => {

                let port = uri.port();

                let scheme = uri.scheme();

                let authority = uri

                    .authority()

                    .expect("request uri authority must be set for signing")

                    .as_str();

                let host = uri

                    .host()

                    .expect("request uri host must be set for signing");

                // Check if port is default (80 for HTTP, 443 for HTTPS) and if so exclude it from the

                // Host header when signing since RFC 2616 indicates that the default port should not be

                // sent in the Host header (and Hyper strips default ports if they are present)

@@ -642,310 +653,320 @@ impl<'a> StringToSign<'a> {

            service,

            hashed_creq,

            signature_version: SignatureVersion::V4a,

        }

    }

}

impl fmt::Display for StringToSign<'_> {

    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {

        write!(

            f,

            "{}\n{}\n{}\n{}",

            self.algorithm,

            format_date_time(self.time),

            match self.signature_version {

                SignatureVersion::V4 => self.scope.to_string(),

                SignatureVersion::V4a => self.scope.v4a_display(),

            },

            self.hashed_creq

        )

    }

}

#[cfg(test)]

mod tests {

    use crate::date_time::test_parsers::parse_date_time;

    use crate::http_request::canonical_request::{

        normalize_header_value, trim_all, CanonicalRequest, SigningScope, StringToSign,

    };

    use crate::http_request::test;

    use crate::http_request::{

        PayloadChecksumKind, SessionTokenMode, SignableBody, SignableRequest, SignatureLocation,

        SigningParams, SigningSettings,

    };

    use crate::sign::v4;

    use crate::sign::v4::sha256_hex_string;

    use aws_credential_types::Credentials;

    use aws_smithy_http::query_writer::QueryWriter;

    use aws_smithy_runtime_api::client::identity::Identity;

    use http0::{HeaderValue, Uri};

    use pretty_assertions::assert_eq;

    use proptest::{prelude::*, proptest};

    use std::borrow::Cow;

    use std::time::Duration;

    fn signing_params(identity: &Identity, settings: SigningSettings) -> SigningParams<'_> {

        v4::signing_params::Builder::default()

            .identity(identity)

            .region("test-region")

            .name("testservicename")

            .time(parse_date_time("20210511T154045Z").unwrap())

            .settings(settings)

            .build()

            .unwrap()

            .into()

    }

    #[test]

    fn test_repeated_header() {

        req.headers.push((

            "x-amz-object-attributes".to_string(),

            "Checksum".to_string(),

        ));

        req.headers.push((

            "x-amz-object-attributes".to_string(),

            "ObjectSize".to_string(),

        ));

        let req = SignableRequest::from(&req);

        let settings = SigningSettings {

            payload_checksum_kind: PayloadChecksumKind::XAmzSha256,

            session_token_mode: SessionTokenMode::Exclude,

            ..Default::default()

        };

        let identity = Credentials::for_tests().into();

        let signing_params = signing_params(&identity, settings);

        let creq = CanonicalRequest::from(&req, &signing_params).unwrap();

        assert_eq!(

            creq.values.signed_headers().to_string(),

            "host;x-amz-content-sha256;x-amz-date;x-amz-object-attributes"

        );

        assert_eq!(

            creq.header_values_for("x-amz-object-attributes"),

            "Checksum,ObjectSize",

        );

    }

    #[test]

    fn test_host_header_properly_handles_ports() {

        fn host_header_test_setup(endpoint: String) -> String {

            req.uri = endpoint;

            let req = SignableRequest::from(&req);

            let settings = SigningSettings {

                payload_checksum_kind: PayloadChecksumKind::XAmzSha256,

                session_token_mode: SessionTokenMode::Exclude,

                ..Default::default()

            };

            let identity = Credentials::for_tests().into();

            let signing_params = signing_params(&identity, settings);

            let creq = CanonicalRequest::from(&req, &signing_params).unwrap();

            creq.header_values_for("host")

        }

        // HTTP request with 80 port should not be signed with that port

        let http_80_host_header = host_header_test_setup("http://localhost:80".into());

        assert_eq!(http_80_host_header, "localhost",);

        // HTTP request with non-80 port should be signed with that port

        let http_1234_host_header = host_header_test_setup("http://localhost:1234".into());

        assert_eq!(http_1234_host_header, "localhost:1234",);

        // HTTPS request with 443 port should not be signed with that port

        let https_443_host_header = host_header_test_setup("https://localhost:443".into());

        assert_eq!(https_443_host_header, "localhost",);

        // HTTPS request with non-443 port should be signed with that port

        let https_1234_host_header = host_header_test_setup("https://localhost:1234".into());

        assert_eq!(https_1234_host_header, "localhost:1234",);

    }

    #[test]

    fn test_set_xamz_sha_256() {

        let req = SignableRequest::from(&req);

        let settings = SigningSettings {

            payload_checksum_kind: PayloadChecksumKind::XAmzSha256,

            session_token_mode: SessionTokenMode::Exclude,

            ..Default::default()

        };

        let identity = Credentials::for_tests().into();

        let mut signing_params = signing_params(&identity, settings);

        let creq = CanonicalRequest::from(&req, &signing_params).unwrap();

        assert_eq!(

            creq.values.content_sha256(),

            "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"

        );

        // assert that the sha256 header was added

        assert_eq!(

            creq.values.signed_headers().as_str(),

            "host;x-amz-content-sha256;x-amz-date"

        );

        signing_params.set_payload_checksum_kind(PayloadChecksumKind::NoHeader);

        let creq = CanonicalRequest::from(&req, &signing_params).unwrap();

        assert_eq!(creq.values.signed_headers().as_str(), "host;x-amz-date");

    }

    #[test]

    fn test_unsigned_payload() {

        req.set_body(SignableBody::UnsignedPayload);

        let req: SignableRequest<'_> = SignableRequest::from(&req);

        let settings = SigningSettings {

            payload_checksum_kind: PayloadChecksumKind::XAmzSha256,

            ..Default::default()

        };

        let identity = Credentials::for_tests().into();

        let signing_params = signing_params(&identity, settings);

        let creq = CanonicalRequest::from(&req, &signing_params).unwrap();

        assert_eq!(creq.values.content_sha256(), "UNSIGNED-PAYLOAD");

        assert!(creq.to_string().ends_with("UNSIGNED-PAYLOAD"));

    }

    #[test]

    fn test_precomputed_payload() {

        let payload_hash = "44ce7dd67c959e0d3524ffac1771dfbba87d2b6b4b4e99e42034a8b803f8b072";

        req.set_body(SignableBody::Precomputed(String::from(payload_hash)));

        let req = SignableRequest::from(&req);

        let settings = SigningSettings {

            payload_checksum_kind: PayloadChecksumKind::XAmzSha256,

            ..Default::default()

        };

        let identity = Credentials::for_tests().into();

        let signing_params = signing_params(&identity, settings);

        let creq = CanonicalRequest::from(&req, &signing_params).unwrap();

        assert_eq!(creq.values.content_sha256(), payload_hash);

        assert!(creq.to_string().ends_with(payload_hash));

    }

    #[test]

    fn test_generate_scope() {

        let expected = "20150830/us-east-1/iam/aws4_request\n";

        let scope = SigningScope {

            time: parse_date_time("20150830T123600Z").unwrap(),

            region: "us-east-1",

            service: "iam",

        };

        assert_eq!(format!("{}\n", scope), expected);

    }

    #[test]

    fn test_string_to_sign() {

        let time = parse_date_time("20150830T123600Z").unwrap();

        let encoded = sha256_hex_string(creq.as_bytes());

        let actual = StringToSign::new_v4(time, "us-east-1", "service", &encoded);

        assert_eq!(expected_sts, actual.to_string());

    }

    #[test]

    fn test_digest_of_canonical_request() {

        let expected = "816cd5b414d056048ba4f7c5386d6e0533120fb1fcfa93762cf0fc39e2cf19e0";

        let actual = sha256_hex_string(creq.as_bytes());

        assert_eq!(expected, actual);

    }

    #[test]

    fn test_double_url_encode_path() {

        let req = SignableRequest::from(&req);

        let identity = Credentials::for_tests().into();

        let signing_params = signing_params(&identity, SigningSettings::default());

        let creq = CanonicalRequest::from(&req, &signing_params).unwrap();

        let actual = format!("{}", creq);

        assert_eq!(actual, expected);

    }

    #[test]

    fn test_double_url_encode() {

        let req = SignableRequest::from(&req);

        let identity = Credentials::for_tests().into();

        let signing_params = signing_params(&identity, SigningSettings::default());

        let creq = CanonicalRequest::from(&req, &signing_params).unwrap();

        let actual = format!("{}", creq);

        assert_eq!(actual, expected);

    }

    #[test]

    fn test_tilde_in_uri() {

        let req = http0::Request::builder()

            .uri("https://s3.us-east-1.amazonaws.com/my-bucket?list-type=2&prefix=~objprefix&single&k=&unreserved=-_.~").body("").unwrap().into();

        let req = SignableRequest::from(&req);

        let identity = Credentials::for_tests().into();

        let signing_params = signing_params(&identity, SigningSettings::default());

        let creq = CanonicalRequest::from(&req, &signing_params).unwrap();

        assert_eq!(

            Some("k=&list-type=2&prefix=~objprefix&single=&unreserved=-_.~"),

            creq.params.as_deref(),

        );

    }

    #[test]

    fn test_signing_urls_with_percent_encoded_query_strings() {

        let all_printable_ascii_chars: String = (32u8..127).map(char::from).collect();

        let uri = Uri::from_static("https://s3.us-east-1.amazonaws.com/my-bucket");

        let mut query_writer = QueryWriter::new(&uri);

        query_writer.insert("list-type", "2");

        query_writer.insert("prefix", &all_printable_ascii_chars);

        let req = http0::Request::builder()

            .uri(query_writer.build_uri())

            .body("")

            .unwrap()

            .into();

        let req = SignableRequest::from(&req);

        let identity = Credentials::for_tests().into();

        let signing_params = signing_params(&identity, SigningSettings::default());

        let creq = CanonicalRequest::from(&req, &signing_params).unwrap();

        let expected = "list-type=2&prefix=%20%21%22%23%24%25%26%27%28%29%2A%2B%2C-.%2F0123456789%3A%3B%3C%3D%3E%3F%40ABCDEFGHIJKLMNOPQRSTUVWXYZ%5B%5C%5D%5E_%60abcdefghijklmnopqrstuvwxyz%7B%7C%7D~";

        let actual = creq.params.unwrap();

        assert_eq!(expected, actual);

    }

    #[test]

    fn test_omit_session_token() {

        let req = SignableRequest::from(&req);

        let settings = SigningSettings {

            session_token_mode: SessionTokenMode::Include,

            ..Default::default()

        };

        let identity = Credentials::for_tests_with_session_token().into();

        let mut signing_params = signing_params(&identity, settings);

        let creq = CanonicalRequest::from(&req, &signing_params).unwrap();

        assert_eq!(

            creq.values.signed_headers().as_str(),

            "host;x-amz-date;x-amz-security-token"

        );

        assert_eq!(

            creq.headers.get("x-amz-security-token").unwrap(),

            "notarealsessiontoken"

        );

        signing_params.set_session_token_mode(SessionTokenMode::Exclude);

        let creq = CanonicalRequest::from(&req, &signing_params).unwrap();

        assert_eq!(

            creq.headers.get("x-amz-security-token").unwrap(),

            "notarealsessiontoken"

        );

        assert_eq!(creq.values.signed_headers().as_str(), "host;x-amz-date");

    }

    // It should exclude authorization, user-agent, x-amzn-trace-id, and transfer-encoding headers from presigning

    #[test]

    fn non_presigning_header_exclusion() {

diff --git a/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/src/http_request/sign.rs b/tmp-codegen-diff/aws-sdk/sdk/aws-sigv4/src/http_request/sign.rs

index c4bbbee..363fc2c 100644

@@ -6,60 +6,62 @@

use super::error::SigningError;

use super::{PayloadChecksumKind, SignatureLocation};

use crate::http_request::canonical_request::header;

use crate::http_request::canonical_request::param;

use crate::http_request::canonical_request::{CanonicalRequest, StringToSign};

use crate::http_request::error::CanonicalRequestError;

use crate::http_request::SigningParams;

use crate::sign::v4;

#[cfg(feature = "sigv4a")]

use crate::sign::v4a;

use crate::{SignatureVersion, SigningOutput};

use http0::Uri;

use std::borrow::Cow;

use std::fmt::{Debug, Formatter};

use std::str;

const LOG_SIGNABLE_BODY: &str = "LOG_SIGNABLE_BODY";

/// Represents all of the information necessary to sign an HTTP request.

#[derive(Debug)]

#[non_exhaustive]

pub struct SignableRequest<'a> {

    method: &'a str,

    uri: Uri,

    headers: Vec<(&'a str, &'a str)>,

    body: SignableBody<'a>,

}

impl<'a> SignableRequest<'a> {

    /// Creates a new `SignableRequest`.

    pub fn new(

        method: &'a str,

        uri: impl Into<Cow<'a, str>>,

        headers: impl Iterator<Item = (&'a str, &'a str)>,

        body: SignableBody<'a>,

    ) -> Result<Self, SigningError> {

        let uri = uri

            .into()

            .parse()

            .map_err(|e| SigningError::from(CanonicalRequestError::from(e)))?;

        let headers = headers.collect();

        Ok(Self {

            method,

            uri,

            headers,

            body,

        })

    }

    /// Returns the signable URI

    pub(crate) fn uri(&self) -> &Uri {

        &self.uri

    }

    /// Returns the signable HTTP method

    pub(crate) fn method(&self) -> &str {

        self.method

    }

    /// Returns the request headers

@@ -478,436 +480,324 @@ fn add_header(map: &mut Vec<Header>, key: &'static str, value: &str, sensitive:

        sensitive,

    });

}

// add signature to authorization header

// Authorization: algorithm Credential=access key ID/credential scope, SignedHeaders=SignedHeaders, Signature=signature

fn build_authorization_header(

    access_key: &str,

    creq: &CanonicalRequest<'_>,

    sts: StringToSign<'_>,

    signature: &str,

    signature_version: SignatureVersion,

) -> String {

    let scope = match signature_version {

        SignatureVersion::V4 => sts.scope.to_string(),

        SignatureVersion::V4a => sts.scope.v4a_display(),

    };

    format!(

        "{} Credential={}/{}, SignedHeaders={}, Signature={}",

        sts.algorithm,

        access_key,

        scope,

        creq.values.signed_headers().as_str(),

        signature

    )

}

#[cfg(test)]

mod tests {

    use crate::date_time::test_parsers::parse_date_time;

    use crate::http_request::sign::{add_header, SignableRequest};

    use crate::http_request::{

        SigningSettings,

    };

    use crate::sign::v4;

    use aws_credential_types::Credentials;

    use http0::{HeaderValue, Request};

    use pretty_assertions::assert_eq;

    use proptest::proptest;

    use std::borrow::Cow;

    use std::iter;

    macro_rules! assert_req_eq {

        (http: $expected:expr, $actual:expr) => {

            let mut expected = ($expected).map(|_b|"body");

            let mut actual = ($actual).map(|_b|"body");

            make_headers_comparable(&mut expected);

            make_headers_comparable(&mut actual);

            assert_eq!(format!("{:?}", expected), format!("{:?}", actual));

        };

        ($expected:tt, $actual:tt) => {

            assert_req_eq!(http: ($expected).as_http_request(), $actual);

        };

    }

    pub(crate) fn make_headers_comparable<B>(request: &mut Request<B>) {

        for (_name, value) in request.headers_mut() {

            value.set_sensitive(false);

        }

    }

    #[cfg(feature = "sigv4a")]