AWS - What a canonical request is really?

Question

I'm trying to work directly with the REST API for the S3 service from Amazon and I don't get to understand what a canonical request is.

What I understand is:

• You need an Authorization header or query string parameters (I will use the header)
• This Authorization header contains a hashed HTTP request (the canonical request)
• This HTTP request needs a hashed payload and then is concatenated to a longer string.
• This string is hashed several times.
• The result is the Authentication header.

Then, the questions are:

• The canonical request is the same as the real request?
• A canonical request string is made only once and then used on the next requests?

Answer 1

A canonical request is a just a vocabulary thing.

The canonical request is the same as the real request?

It is a representation of the real request; per your screenshot, it is defined as

CanonicalRequest =
  HTTPRequestMethod + '\n' +
  CanonicalURI + '\n' +
  CanonicalQueryString + '\n' +
  CanonicalHeaders + '\n' +
  SignedHeaders + '\n' +
  HexEncode(Hash(RequestPayload))

of course if you pass that strict into your browser, it will not be understood and it will not be executed so it will be transform (make encoding nice etc ...)

so for example you will get a canonical representation of your request defined as

CanonicalRequest =
  "GET" + '\n' +
  "http://s3.amazonaws.com/examplebucket" + '\n' +
  URI-encode("marker")+"="+URI-encode("someMarker")+"&"+URI-encode("max-keys")+"="+URI-encode("20") + "&" +URI-encode("prefix")+"="+URI-encode("somePrefix") + '\n' +
  Lowercase("host")+":"+Trim("s3.amazonaws.com")+"\n"+Lowercase("x-amz-<something>")+":"+Trim("<the_value>")+ '\n' +
  "host;x-amz-<something (same as above)>" + '\n' +
  HexEncode(Hash(RequestPayload))

Then from this definition, the system will create the "real" request meaning the one that will be executed against the server