Google Git
Sign in
apache / opendal-reqsign

Signing HTTP requests without heavy SDKs.

Mirrored from https://github.com/apache/opendal-reqsign.git
Clone this repo:

Branches

Tags

More...
  1. 5236a93 ci: Switch from --nocapture to --no-capture (#626) by Kingsword · 2 days ago main
  2. 6ebbd81 ci: Update GitHub Action to ASF approved patterns (#623) by Kingsword · 3 days ago
  3. 65bcece *: Add ASF headers for all code files (#622) by Kingsword · 3 days ago
  4. 542768b chore(deps): Update windows-sys requirement from 0.60.2 to 0.61.0 (#619) by dependabot[bot] · 5 days ago
  5. e82712c chore(deps): Bump actions/github-script from 7 to 8 (#618) by dependabot[bot] · 5 days ago

reqsign   Build Status Latest Version Crate Downloads

Signing API requests without effort.

Most API is simple. But they could be complicated when they are hidden from complex abstraction. reqsign bring the simple API back: build, sign, send.

Quick Start

Option 1: Use Default Signer (Recommended)

The simplest way to use reqsign is with the default signers provided by each service:

use anyhow::Result;
use reqsign::aws;

#[tokio::main]
async fn main() -> Result<()> {
    // Create a default signer for S3 in us-east-1
    // This will automatically:
    // - Load credentials from environment variables, config files, or IAM roles
    // - Set up the default HTTP client and file reader
    let signer = aws::default_signer("s3", "us-east-1");
    
    // Build your request
    let mut req = http::Request::builder()
        .method("GET")
        .uri("https://s3.amazonaws.com/testbucket")
        .body(())
        .unwrap()
        .into_parts()
        .0;
    
    // Sign the request
    signer.sign(&mut req, None).await?;
    
    // Send the request with your preferred HTTP client
    println!("Request has been signed!");
    Ok(())
}

Option 2: Custom Assembly

For more control over the components, you can manually assemble the signer:

use anyhow::Result;
use reqsign::{Context, Signer};
use reqsign_aws_v4::{DefaultCredentialProvider, RequestSigner};
use reqsign_file_read_tokio::TokioFileRead;
use reqsign_http_send_reqwest::ReqwestHttpSend;

#[tokio::main]
async fn main() -> Result<()> {
    // Build your own context with specific implementations
    let ctx = Context::new()
        .with_file_read(TokioFileRead)
        .with_http_send(ReqwestHttpSend::default())
        .with_env(reqsign::OsEnv);
    
    // Configure credential provider
    let credential_provider = DefaultCredentialProvider::new();
    
    // Configure request signer for S3
    let request_signer = RequestSigner::new("s3", "us-east-1");
    
    // Assemble the signer
    let signer = Signer::new(ctx, credential_provider, request_signer);
    
    // Build and sign the request
    let mut req = http::Request::builder()
        .method("GET")
        .uri("https://s3.amazonaws.com/testbucket")
        .body(())
        .unwrap()
        .into_parts()
        .0;
    
    // Sign the request
    signer.sign(&mut req, None).await?;
    
    println!("Request has been signed!");
    Ok(())
}

Customizing Default Signers

You can also customize the default signers using the with_* methods:

use reqsign::aws;
use reqsign_aws_v4::StaticCredentialProvider;

// Start with default signer and customize specific components
let signer = aws::default_signer("s3", "us-east-1")
    .with_credential_provider(StaticCredentialProvider::new(
        "my-access-key",
        "my-secret-key",
        None,  // Optional session token
    ));

More Services Examples

Azure Storage

use reqsign::azure;

// Default signer for Azure Storage
let signer = azure::default_signer();

// With custom credentials
use reqsign_azure_storage::StaticCredentialProvider;
let signer = azure::default_signer()
    .with_credential_provider(StaticCredentialProvider::new(
        "account-name",
        "account-key",
    ));

Google Cloud

use reqsign::google;

// Default signer for Google Cloud Storage
let signer = google::default_signer("storage.googleapis.com");

Aliyun OSS

use reqsign::aliyun;

// Default signer for Aliyun OSS
let signer = aliyun::default_signer();

Features

  • Pure rust with minimal dependencies.
  • Test again official SDK and services.
  • Supported services
    • Aliyun OSS: reqsign-aliyun-oss
    • AWS services (SigV4): reqsign-aws-v4
    • Azure Storage services: reqsign-azure-storage
    • Google services: reqsign-google
    • Huawei Cloud OBS: reqsign-huaweicloud-obs
    • Oracle Cloud: reqsign-oracle
    • Tencent COS: reqsign-tencent-cos

Contributing

Check out the CONTRIBUTING.md guide for more details on getting started with contributing to this project.

Getting help

Submit issues for bug report or asking questions in discussion.

Acknowledge

Inspired a lot from:

License