{"id":32196401,"url":"https://github.com/jacobemcken/aws-simple-sign","last_synced_at":"2026-04-01T19:37:33.297Z","repository":{"id":198788793,"uuid":"701550368","full_name":"jacobemcken/aws-simple-sign","owner":"jacobemcken","description":"A Clojure library for pre-signing S3 URLs and signing HTTP requests for AWS.","archived":false,"fork":false,"pushed_at":"2026-03-20T10:43:22.000Z","size":110,"stargazers_count":27,"open_issues_count":3,"forks_count":6,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-03-21T01:03:04.751Z","etag":null,"topics":["aws","babashka","clojure","presignedurl"],"latest_commit_sha":null,"homepage":"","language":"Clojure","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jacobemcken.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2023-10-06T22:24:05.000Z","updated_at":"2026-03-20T10:43:25.000Z","dependencies_parsed_at":"2024-01-13T23:29:01.801Z","dependency_job_id":"108e4429-62b2-4075-a4a8-ffda3e7df9fe","html_url":"https://github.com/jacobemcken/aws-simple-sign","commit_stats":null,"previous_names":["jacobemcken/aws-simple-sign"],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/jacobemcken/aws-simple-sign","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jacobemcken%2Faws-simple-sign","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jacobemcken%2Faws-simple-sign/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jacobemcken%2Faws-simple-sign/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jacobemcken%2Faws-simple-sign/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jacobemcken","download_url":"https://codeload.github.com/jacobemcken/aws-simple-sign/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jacobemcken%2Faws-simple-sign/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31291159,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-01T13:12:26.723Z","status":"ssl_error","status_checked_at":"2026-04-01T13:12:25.102Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","babashka","clojure","presignedurl"],"created_at":"2025-10-22T02:33:20.425Z","updated_at":"2026-04-01T19:37:33.286Z","avatar_url":"https://github.com/jacobemcken.png","language":"Clojure","funding_links":[],"categories":[],"sub_categories":[],"readme":"# aws-simple-sign\n\nA Clojure library for pre-signing S3 URLs and signing HTTP requests for AWS.\nThe library only depends on Java core (no external Java dependencies),\nmaking it lightweight.\n\n[![bb compatible](https://raw.githubusercontent.com/babashka/babashka/master/logo/badge.svg)](https://book.babashka.org#badges)\n\nIf you stumble upon problems,\nfeel free to reach out either by creating an issue\nor ping me via Clojurian Slack.\n\n\n## Usage\n\nInclude the dependency in your project:\n\n[![Clojars Project](https://img.shields.io/clojars/v/dk.emcken/aws-simple-sign.svg?include_prereleases)](https://clojars.org/dk.emcken/aws-simple-sign)\n\nFor general usage with small examples see below.\nFor a more in depth tutorial about using S3 (including presigned URLs),\ncheckout the blog post [Local S3 storage with MinIO for your Clojure dev environment][5].\n\n\n### AWS Credentials\n\nThe library needs \"client\" information containing credentials etc.\n\nBoth [Cognitect AWS API client][1] and [awyeah][2] can produce compatible clients.\nThese clients will look for credentials in all the usual places\nhonoring how [AWS specific environment variables][3] and configuration,\nexcept for endpoint which needs to be provided in code (see `:endpoint-override` below).\n\n\u003e 💡 Only `awyeah-api` works with [Babashka][4] at the time of writing.\n\nThe following example uses the `awyeah-api` lib.\n```clojure\n(require '[com.grzm.awyeah.client.api :as aws])\n\n(def client\n  (aws/client {:api :s3\n           ;; :endpoint-override is commented out\n           ;; and usually only relevant for non-Amazon or local setups\n           #_#_:endpoint-override {:protocol :http\n                                   :hostname \"localhost\"\n                                   :port 9000}}))\n```\n\nAlternatively, the same data structure can be provided manually:\n\n```clojure\n(def client\n  {:credentials #:aws{:access-key-id \"some-access-key\"\n                      :secret-access-key \"wild_secr3t\"\n                      :session-token \"FwoG...\"}\n   :region \"us-east-1\"\n   :endpoint {:protocol :https\n              :hostname \"s3.amazonaws.com\"}})\n```\n\n\n### Presigned URL's\n\nTo generate a pre-signed URL for a S3 object:\n\n```clojure\n(require '[aws-simple-sign.core :as aws])\n\n(aws/generate-presigned-url client \"somebucket\" \"someobject.txt\" {})\n\"https://somebucket.s3.us-east-1.amazonaws.com/someobject.txt?X-Amz-Security-Token=FwoG...\"\n```\n\nBy default, the URLs returned will use \"virtual hosted-style\".\nBut having an S3 bucket with dots (`.`) in the name, the SSL certificate cannot be verified.\nThis can cause many types of errors depending on the code consuming the URL, but one could be:\n\n\u003e No subject alternative DNS name matching\n\nTo avoid this problem, it is possible to generate URLs using \"path style\" instead.\nThis, of course, has its own disadvantages\nbut can be a way out when it is impossible to rename the bucket.\n\n```clojure\n(aws/generate-presigned-url client \"somebucket\" \"someobject.txt\" {:path-style true})\n\"https://s3.us-east-1.amazonaws.com/somebucket/someobject.txt?X-Amz-Security-Token=FwoG...\"\n```\n\nFor more information about \"virtual hosted vs. path style\" in the official announcements:\n- 08 MAY 2019 https://aws.amazon.com/blogs/aws/amazon-s3-path-deprecation-plan-the-rest-of-the-story/\n- 22 SEP 2020 https://aws.amazon.com/blogs/storage/update-to-amazon-s3-path-deprecation-plan/\n\n\n#### Override response headers\n\nIt is possible to override response headers using the following:\n\n```clojure\n(generate-presigned-url client \"somebucket\" \"someobject.csv\" {:override-response-headers {\"Response-Content-Type\" \"text/csv\"}})\n\"https://s3.us-east-1.amazonaws.com/somebucket/someobject.csv?response-content-type=text%2Fcsv\u0026X-Amz-Security-Token=FwoG...\"\n```\n\nKeywords can be used instead of string header names:\n`{:response-content-type \"text/csv\"}`\n\n\n### Signed HTTP requests\n\nThe following example illustrates how signing can be used from within a Babashka script:\n\n```clojure\n(require '[aws-simple-sign.core :as aws])\n(require '[babashka.http-client :as http])\n\n(let [request {:url \"https://someurl/some-api-endpoint\"\n               :method :post\n               :headers {\"accept\" \"application/json\"}\n               :body \"{\\\"somekey\\\": \\\"with some value\\\"}\"}\n      signed-request (aws/sign-request client request {:region \"us-west-1\"})]\n\n  (http/post (:url signed-request)\n             (-\u003e signed-request\n                 (select-keys [:body :headers]))))\n```\n\n#### Payload hash\n\nIf the request `body` is a `String`, a payload hash is calculated automatically,\nwhile non-`String` bodies will leave the payload unsigned.\nIf the body data is an `InputStream` with text,\nconsider converting it to a string prior calling `sign-request`\nto avoid the \"consumeable once\" problem.\n(Not recommended for binary data and large amounts of data):\n\n```clojure\n(aws/sign-request client (update request :body slurp) {})\n```\n\nAlternatively, provide the payload-hash manually:\n```clojure\n(aws/sign-request client request {:payload-hash \"b4c9a289323b21a01c3e940f150eb9b8c542587f1abfd8f0e1cc1ffc5e475514\"})\n\n; or calculate from InputStream - remember the stream will be consumed (not reuseable)\n(aws/sign-request client request {:payload-hash (aws/hash-input some-input-stream)})\n```\n\n\n[1]: https://github.com/cognitect-labs/aws-api\n[2]: https://github.com/grzm/awyeah-api\n[3]: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html\n[4]: https://github.com/babashka/babashka\n[5]: https://www.emcken.dk/programming/2025/04/21/local-s3-storage-with-minio-for-clojure-dev-env/","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjacobemcken%2Faws-simple-sign","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjacobemcken%2Faws-simple-sign","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjacobemcken%2Faws-simple-sign/lists"}