def presign(method, options = {})
now = Time.now.utc
one_week = 60 * 60 * 24 * 7
if options[:expires] - now.to_i > one_week
msg = "presigned URLs using sigv4 may not expire more than one week out"
raise ArgumentError, msg
end
now = now.strftime("%Y%m%dT%H%M%SZ")
request = build_request(method, options)
request.headers.clear
request.headers['host'] = request.host
signed_headers = 'Host'
if options[:acl]
request.add_param("X-Amz-Acl", options[:acl].to_s.gsub(/_/, '-'))
end
if options[:content_md5]
request.add_param("Content-MD5", options[:content_md5])
end
request_params = Core::Signers::S3::QUERY_PARAMS.map do |p|
param = p.tr("-","_").to_sym
if options.key?(param)
request.add_param(p, options[param])
end
end
token = client.credential_provider.session_token
request.add_param("X-Amz-Algorithm", "AWS4-HMAC-SHA256")
request.add_param("X-Amz-Date", now)
request.add_param("X-Amz-SignedHeaders", signed_headers)
request.add_param("X-Amz-Expires", seconds_away(options[:expires]))
request.add_param('X-Amz-Security-Token', token) if token
request.add_param("X-Amz-Credential", signer.credential(now))
request.add_param("X-Amz-Signature", signature(request, now))
build_uri(request, options)
end