Refine search
private AWS4Signer createNewSignerWithRegion(String signingRegion) { AWS4Signer signer = new AWS4Signer(true); signer.setRegionName(signingRegion); signer.setServiceName(SERVICE_NAME); return signer; }
/** * Step 3 of the AWS Signature version 4 calculation. It involves deriving * the signing key and computing the signature. Refer to * http://docs.aws.amazon * .com/general/latest/gr/sigv4-calculate-signature.html */ protected final byte[] computeSignature(String stringToSign, byte[] signingKey, AWS4SignerRequestParams signerRequestParams) { return sign(stringToSign.getBytes(Charset.forName("UTF-8")), signingKey, SigningAlgorithm.HmacSHA256); }
if (isAnonymous(credentials)) { return; AWSCredentials sanitizedCredentials = sanitizeCredentials(credentials); if (sanitizedCredentials instanceof AWSSessionCredentials) { addSessionCredentials(request, (AWSSessionCredentials) sanitizedCredentials); addHostHeader(request); request.addHeader(X_AMZ_DATE, signerParams.getFormattedSigningDateTime()); String contentSha256 = calculateContentHash(request); final String canonicalRequest = createCanonicalRequest(request, contentSha256); final String stringToSign = createStringToSign(canonicalRequest, signerParams); final byte[] signingKey = deriveSigningKey(sanitizedCredentials, signerParams); final byte[] signature = computeSignature(stringToSign, signingKey, signerParams); buildAuthorizationHeader(request, signature, sanitizedCredentials, signerParams));
if (isAnonymous(credentials)) { return; long expirationInSeconds = generateExpirationDate(userSpecifiedExpirationDate); addHostHeader(request); AWSCredentials sanitizedCredentials = sanitizeCredentials(credentials); if (sanitizedCredentials instanceof AWSSessionCredentials) { addPreSignInformationToRequest(request, sanitizedCredentials, signerRequestParams, timeStamp, expirationInSeconds); final String contentSha256 = calculateContentHashPresign(request); final String canonicalRequest = createCanonicalRequest(request, contentSha256); final String stringToSign = createStringToSign(canonicalRequest, signerRequestParams); final byte[] signingKey = deriveSigningKey(sanitizedCredentials, signerRequestParams); final byte[] signature = computeSignature(stringToSign, signingKey, signerRequestParams); request.addParameter(X_AMZ_SIGNATURE, BinaryUtils.toHex(signature));
final AWSCredentials sanitizedCredentials = sanitizeCredentials(credentials); if (sanitizedCredentials instanceof AWSSessionCredentials) { addSessionCredentials(request, (AWSSessionCredentials) sanitizedCredentials); addHostHeader(request); final long dateMilli = getDateFromRequest(request); final String dateStamp = getDateStamp(dateMilli); final String scope = getScope(request, dateStamp); final String contentSha256 = calculateContentHash(request); final String timeStamp = getTimeStamp(dateMilli); request.addHeader("X-Amz-Date", timeStamp); final HeaderSigningResult headerSigningResult = computeSignature( request, dateStamp, "Credential=" + signingCredentials; final String signedHeadersAuthorizationHeader = "SignedHeaders=" + getSignedHeadersString(request); final String signatureAuthorizationHeader = "Signature=" + BinaryUtils.toHex(headerSigningResult.getSignature()); processRequestPayload(request, headerSigningResult);
"Requests that are pre-signed by SigV4 algorithm are valid for at most 7 days. " + "The expiration date set on the current request [" + getTimeStamp(expiration.getTime()) + "] has exceeded this limit."); addHostHeader(request); final AWSCredentials sanitizedCredentials = sanitizeCredentials(credentials); final long dateMilli = getDateFromRequest(request); final String dateStamp = getDateStamp(dateMilli); final String scope = getScope(request, dateStamp); final String timeStamp = getTimeStamp(dateMilli); request.addParameter("X-Amz-Algorithm", ALGORITHM); request.addParameter("X-Amz-Date", timeStamp); request.addParameter("X-Amz-SignedHeaders", getSignedHeadersString(request)); request.addParameter("X-Amz-Expires", Long.toString(expirationInSeconds)); request.addParameter("X-Amz-Credential", signingCredentials); final String contentSha256 = calculateContentHashPresign(request); final HeaderSigningResult headerSigningResult = computeSignature(request, dateStamp, timeStamp, ALGORITHM, contentSha256, sanitizedCredentials); request.addParameter("X-Amz-Signature",
/** * Calculate the hash of the request's payload. Subclass could override this * method to provide different values for "x-amz-content-sha256" header or * do any other necessary set-ups on the request headers. (e.g. aws-chunked * uses a pre-defined header value, and needs to change some headers * relating to content-encoding and content-length.) */ protected String calculateContentHash(SignableRequest<?> request) { InputStream payloadStream = getBinaryRequestPayloadStream(request); ReadLimitInfo info = request.getReadLimitInfo(); payloadStream.mark(info == null ? -1 : info.getReadLimit()); String contentSha256 = BinaryUtils.toHex(hash(payloadStream)); try { payloadStream.reset(); } catch (IOException e) { throw new SdkClientException( "Unable to reset stream after calculating AWS4 signature", e); } return contentSha256; }
/** * Step 2 of the AWS Signature version 4 calculation. Refer to * http://docs.aws * .amazon.com/general/latest/gr/sigv4-create-string-to-sign.html. */ protected String createStringToSign(String canonicalRequest, AWS4SignerRequestParams signerParams) { final StringBuilder stringToSignBuilder = new StringBuilder( signerParams.getSigningAlgorithm()); stringToSignBuilder.append(LINE_SEPARATOR) .append(signerParams.getFormattedSigningDateTime()) .append(LINE_SEPARATOR) .append(signerParams.getScope()) .append(LINE_SEPARATOR) .append(BinaryUtils.toHex(hash(canonicalRequest))); final String stringToSign = stringToSignBuilder.toString(); if (log.isDebugEnabled()) log.debug("AWS4 String to Sign: '\"" + stringToSign + "\""); return stringToSign; }
request.setResourcePath(resourcePath); AWS4Signer aws4Signer=new AWS4Signer(); String host = uri.getHost(); aws4Signer.setServiceName(host); aws4Signer.sign(request, awsCredentials);
keyPath + "\n" + priorChunkSignature + "\n" + BinaryUtils.toHex(aws4Signer.hash(nonsigExtension)) + "\n" + BinaryUtils.toHex(aws4Signer.hash(chunkData)); final String chunkSignature = BinaryUtils.toHex(aws4Signer.sign(chunkStringToSign, kSigning, SigningAlgorithm.HmacSHA256)); priorChunkSignature = chunkSignature;
requestForPresigning.setHttpMethod(HttpMethodName.GET); AWS4Signer signer = new AWS4Signer(); signer.setServiceName(serviceName); signer.presignRequest(requestForPresigning, awsCredentials, null);
@SuppressWarnings("checkstyle:hiddenfield") protected final HeaderSigningResult computeSignature( Request<?> request, String dateStamp, String timeStamp, String algorithm, String contentSha256, AWSCredentials sanitizedCredentials) { final String regionName = extractRegionName(request.getEndpoint()); final String serviceName = extractServiceName(request.getEndpoint()); final String scope = dateStamp + "/" + regionName + "/" + serviceName + "/" + TERMINATOR; final String stringToSign = getStringToSign(algorithm, timeStamp, scope, getCanonicalRequest(request, contentSha256)); // AWS4 uses a series of derived keys, formed by hashing different // pieces of data final byte[] kSecret = ("AWS4" + sanitizedCredentials.getAWSSecretKey()) .getBytes(StringUtils.UTF8); final byte[] kDate = sign(dateStamp, kSecret, SigningAlgorithm.HmacSHA256); final byte[] kRegion = sign(regionName, kDate, SigningAlgorithm.HmacSHA256); final byte[] kService = sign(serviceName, kRegion, SigningAlgorithm.HmacSHA256); final byte[] kSigning = sign(TERMINATOR, kService, SigningAlgorithm.HmacSHA256); final byte[] signature = sign(stringToSign.getBytes(StringUtils.UTF8), kSigning, SigningAlgorithm.HmacSHA256); return new HeaderSigningResult(timeStamp, scope, kSigning, signature); }
/** * No-args constructor. */ public Signer() { super(false); super.setServiceName(Config.PARA); super.setRegionName("us-east-1"); }
/** * Calculate the hash of the request's payload. In case of pre-sign, the * existing code would generate the hash of an empty byte array and returns * it. This method can be overridden by sub classes to provide different * values (e.g) For S3 pre-signing, the content hash calculation is * different from the general implementation. * */ protected String calculateContentHashPresign(SignableRequest<?> request) { return calculateContentHash(request); }
private void init() { exceptionUnmarshallers = new ArrayList<JsonErrorUnmarshaller>(); exceptionUnmarshallers.add(new JsonErrorUnmarshaller()); signer = new AWS4Signer(); signer.setServiceName(SERVICE_NAME); setServiceNameIntern(SERVICE_NAME); HandlerChainFactory chainFactory = new HandlerChainFactory(); requestHandler2s.addAll(chainFactory.newRequestHandlerChain("/com.ivona.services/tts/request.handlers")); requestHandler2s.addAll(chainFactory.newRequestHandlerChain("/com.ivona.services/tts/request.handler2s")); }
@Test public void testPresigners2() throws Exception { final AWSCredentials credentials = new AnonymousAWSCredentials(); final Request<?> request = generateBasicRequest(); final Calendar c = new GregorianCalendar(); c.set(1981, 1, 16, 6, 30, 0); c.setTimeZone(TimeZone.getTimeZone("UTC")); signer.overrideDate(c.getTime()); signer.setServiceName("demo"); signer.presignRequest(request, credentials, null); assertNull(request.getParameters().get("X-Amz-Credential")); assertNull(request.getParameters().get("X-Amz-Date")); assertNull(request.getParameters().get("X-Amz-Expires")); assertNull(request.getParameters().get("X-Amz-Security-Token")); }
@Test public void getTimeStamp() { final Date now = new Date(); final String timeStamp = new AWS4Signer().getTimeStamp(now.getTime()); final String old = getOldTimeStamp(now); assertEquals(old, timeStamp); }
@Test public void getDateStamp() { final Date now = new Date(); final String dateStamp = new AWS4Signer().getDateStamp(now.getTime()); final String old = getOldDateStamp(now); assertEquals(old, dateStamp); } }
/** * Tests that if passed anonymous credentials, signer will not generate a * signature */ @Test public void testAnonymous() throws Exception { final AWSCredentials credentials = new AnonymousAWSCredentials(); final Request<?> request = generateBasicRequest(); final Calendar c = new GregorianCalendar(); c.set(1981, 1, 16, 6, 30, 0); c.setTimeZone(TimeZone.getTimeZone("UTC")); signer.overrideDate(c.getTime()); signer.sign(request, credentials); assertNull(request.getHeaders().get("Authorization")); }
requestForPresigning.setHttpMethod(HttpMethodName.GET); AWS4Signer signer = new AWS4Signer(); signer.presignRequest(requestForPresigning, awsCredentials, null);