finalizeSdkHttpRequestContext.requestBody().isPresent()) { marshalled = marshalled.toBuilder() .contentStreamProvider( finalizeSdkHttpRequestContext.requestBody().get().contentStreamProvider()) .build();
mutableRequest.putHeader(X_AMZ_CONTENT_SHA256, "required"); String contentLength = mutableRequest.firstMatchingHeader(CONTENT_LENGTH) .orElse(null); long originalContentLength; mutableRequest.putHeader("x-amz-decoded-content-length", Long.toString(originalContentLength)); mutableRequest.putHeader(CONTENT_LENGTH, Long.toString( AwsChunkedEncodingInputStream.calculateStreamContentLength(originalContentLength))); return CONTENT_SHA_256;
SdkHttpFullRequest.Builder marshalledRequest = presignableRequest.marshall() .toBuilder() .uri(endpoint); marshalledRequest.method(SdkHttpMethod.GET) .putRawQueryParameter(PARAM_DESTINATION_REGION, destinationRegion) .removeQueryParameter(PARAM_SOURCE_REGION) .build();
SdkHttpFullRequest.Builder marshalledRequest = presignableRequest.marshall() .toBuilder() .uri(endpoint); marshalledRequest.method(SdkHttpMethod.GET) .putRawQueryParameter(PARAM_DESTINATION_REGION, destinationRegion) .removeQueryParameter(PARAM_SOURCE_REGION) .build();
/** * Identifies the static query parameters in Uri resource path for and adds it to * request. * * Returns the updated uriResourcePath. */ @SdkTestInternalApi static String addStaticQueryParametersToRequest(SdkHttpFullRequest.Builder request, String uriResourcePath) { if (request == null || uriResourcePath == null) { return null; } String resourcePath = uriResourcePath; int index = resourcePath.indexOf("?"); if (index != -1) { String queryString = resourcePath.substring(index + 1); resourcePath = resourcePath.substring(0, index); for (String s : queryString.split("[;&]")) { index = s.indexOf("="); if (index != -1) { request.putRawQueryParameter(s.substring(0, index), s.substring(index + 1)); } else { request.putRawQueryParameter(s, (String) null); } } } return resourcePath; }
/** * Identifies the static query parameters in Uri resource path for and adds it to * request. * * Returns the updated uriResourcePath. */ @SdkTestInternalApi static String addStaticQueryParametersToRequest(SdkHttpFullRequest.Builder request, String uriResourcePath) { if (request == null || uriResourcePath == null) { return null; } String resourcePath = uriResourcePath; int index = resourcePath.indexOf("?"); if (index != -1) { String queryString = resourcePath.substring(index + 1); resourcePath = resourcePath.substring(0, index); for (String s : queryString.split("[;&]")) { index = s.indexOf("="); if (index != -1) { request.putRawQueryParameter(s.substring(0, index), s.substring(index + 1)); } else { request.putRawQueryParameter(s, (String) null); } } } return resourcePath; }
protected SdkHttpFullRequest.Builder doPresign(SdkHttpFullRequest request, Aws4SignerRequestParams requestParams, U signingParams) { SdkHttpFullRequest.Builder mutableRequest = request.toBuilder(); long expirationInSeconds = generateExpirationTime(signingParams); addHostHeader(mutableRequest); AwsCredentials sanitizedCredentials = sanitizeCredentials(signingParams.awsCredentials()); if (sanitizedCredentials instanceof AwsSessionCredentials) { // For SigV4 pre-signing URL, we need to add "X-Amz-Security-Token" // as a query string parameter, before constructing the canonical // request. mutableRequest.putRawQueryParameter(SignerConstant.X_AMZ_SECURITY_TOKEN, ((AwsSessionCredentials) sanitizedCredentials).sessionToken()); } // Add the important parameters for v4 signing String timeStamp = requestParams.getFormattedSigningDateTime(); addPreSignInformationToRequest(mutableRequest, sanitizedCredentials, requestParams, timeStamp, expirationInSeconds); String contentSha256 = calculateContentHashPresign(mutableRequest, signingParams); String canonicalRequest = createCanonicalRequest(mutableRequest, contentSha256, signingParams.doubleUrlEncode()); String stringToSign = createStringToSign(canonicalRequest, requestParams); byte[] signingKey = deriveSigningKey(sanitizedCredentials, requestParams); byte[] signature = computeSignature(stringToSign, signingKey); mutableRequest.putRawQueryParameter(SignerConstant.X_AMZ_SIGNATURE, BinaryUtils.toHex(signature)); return mutableRequest; }
protected SdkHttpFullRequest.Builder doPresign(SdkHttpFullRequest request, Aws4SignerRequestParams requestParams, U signingParams) { SdkHttpFullRequest.Builder mutableRequest = request.toBuilder(); long expirationInSeconds = generateExpirationTime(signingParams); addHostHeader(mutableRequest); AwsCredentials sanitizedCredentials = sanitizeCredentials(signingParams.awsCredentials()); if (sanitizedCredentials instanceof AwsSessionCredentials) { // For SigV4 pre-signing URL, we need to add "X-Amz-Security-Token" // as a query string parameter, before constructing the canonical // request. mutableRequest.putRawQueryParameter(SignerConstant.X_AMZ_SECURITY_TOKEN, ((AwsSessionCredentials) sanitizedCredentials).sessionToken()); } // Add the important parameters for v4 signing String timeStamp = requestParams.getFormattedSigningDateTime(); addPreSignInformationToRequest(mutableRequest, sanitizedCredentials, requestParams, timeStamp, expirationInSeconds); String contentSha256 = calculateContentHashPresign(mutableRequest, signingParams); String canonicalRequest = createCanonicalRequest(mutableRequest, contentSha256, signingParams.doubleUrlEncode()); String stringToSign = createStringToSign(canonicalRequest, requestParams); byte[] signingKey = deriveSigningKey(sanitizedCredentials, requestParams); byte[] signature = computeSignature(stringToSign, signingKey); mutableRequest.putRawQueryParameter(SignerConstant.X_AMZ_SIGNATURE, BinaryUtils.toHex(signature)); return mutableRequest; }
private <InputT extends SdkRequest, OutputT, ReturnT> ReturnT execute( ClientExecutionParams<InputT, OutputT> executionParams, ExecutionContext executionContext, HttpResponseHandler<ReturnT> responseHandler) { InputT inputT = (InputT) finalizeSdkRequest(executionContext).request(); InterceptorContext sdkHttpFullRequestContext = finalizeSdkHttpFullRequest(executionParams, executionContext, inputT, clientConfiguration); SdkHttpFullRequest marshalled = (SdkHttpFullRequest) sdkHttpFullRequestContext.httpRequest(); // TODO Pass requestBody as separate arg to invoke if (sdkHttpFullRequestContext.requestBody().isPresent()) { marshalled = marshalled.toBuilder() .contentStreamProvider(sdkHttpFullRequestContext.requestBody().get().contentStreamProvider()) .build(); } return invoke(marshalled, inputT, executionContext, responseHandler, executionParams.getErrorResponseHandler()); }
/** * If necessary, creates a chunk-encoding wrapper on the request payload. */ @Override protected void processRequestPayload(SdkHttpFullRequest.Builder mutableRequest, byte[] signature, byte[] signingKey, Aws4SignerRequestParams signerRequestParams, AwsS3V4SignerParams signerParams) { if (useChunkEncoding(mutableRequest, signerParams)) { if (mutableRequest.contentStreamProvider() != null) { ContentStreamProvider streamProvider = mutableRequest.contentStreamProvider(); mutableRequest.contentStreamProvider(() -> AwsS3V4Signer.this.asChunkEncodedStream( streamProvider.newStream(), signature, signingKey, signerRequestParams )); } } }
protected SdkHttpFullRequest.Builder doSign(SdkHttpFullRequest request, Aws4SignerRequestParams requestParams, T signingParams) { SdkHttpFullRequest.Builder mutableRequest = request.toBuilder(); AwsCredentials sanitizedCredentials = sanitizeCredentials(signingParams.awsCredentials()); if (sanitizedCredentials instanceof AwsSessionCredentials) { addSessionCredentials(mutableRequest, (AwsSessionCredentials) sanitizedCredentials); } addHostHeader(mutableRequest); addDateHeader(mutableRequest, requestParams.getFormattedSigningDateTime()); String contentSha256 = calculateContentHash(mutableRequest, signingParams); mutableRequest.firstMatchingHeader(SignerConstant.X_AMZ_CONTENT_SHA256) .filter(h -> h.equals("required")) .ifPresent(h -> mutableRequest.putHeader(SignerConstant.X_AMZ_CONTENT_SHA256, contentSha256)); String canonicalRequest = createCanonicalRequest(mutableRequest, contentSha256, signingParams.doubleUrlEncode()); String stringToSign = createStringToSign(canonicalRequest, requestParams); byte[] signingKey = deriveSigningKey(sanitizedCredentials, requestParams); byte[] signature = computeSignature(stringToSign, signingKey); mutableRequest.putHeader(SignerConstant.AUTHORIZATION, buildAuthorizationHeader(signature, sanitizedCredentials, requestParams, mutableRequest)); processRequestPayload(mutableRequest, signature, signingKey, requestParams, signingParams); return mutableRequest; }
protected SdkHttpFullRequest.Builder doSign(SdkHttpFullRequest request, Aws4SignerRequestParams requestParams, T signingParams) { SdkHttpFullRequest.Builder mutableRequest = request.toBuilder(); AwsCredentials sanitizedCredentials = sanitizeCredentials(signingParams.awsCredentials()); if (sanitizedCredentials instanceof AwsSessionCredentials) { addSessionCredentials(mutableRequest, (AwsSessionCredentials) sanitizedCredentials); } addHostHeader(mutableRequest); addDateHeader(mutableRequest, requestParams.getFormattedSigningDateTime()); String contentSha256 = calculateContentHash(mutableRequest, signingParams); mutableRequest.firstMatchingHeader(SignerConstant.X_AMZ_CONTENT_SHA256) .filter(h -> h.equals("required")) .ifPresent(h -> mutableRequest.putHeader(SignerConstant.X_AMZ_CONTENT_SHA256, contentSha256)); String canonicalRequest = createCanonicalRequest(mutableRequest, contentSha256, signingParams.doubleUrlEncode()); String stringToSign = createStringToSign(canonicalRequest, requestParams); byte[] signingKey = deriveSigningKey(sanitizedCredentials, requestParams); byte[] signature = computeSignature(stringToSign, signingKey); mutableRequest.putHeader(SignerConstant.AUTHORIZATION, buildAuthorizationHeader(signature, sanitizedCredentials, requestParams, mutableRequest)); processRequestPayload(mutableRequest, signature, signingKey, requestParams, signingParams); return mutableRequest; }
/** * Step 1 of the AWS Signature version 4 calculation. Refer to * http://docs.aws * .amazon.com/general/latest/gr/sigv4-create-canonical-request.html to * generate the canonical request. */ private String createCanonicalRequest(SdkHttpFullRequest.Builder request, String contentSha256, boolean doubleUrlEncode) { String canonicalRequest = request.method().toString() + SignerConstant.LINE_SEPARATOR + // This would optionally double url-encode the resource path getCanonicalizedResourcePath(request.encodedPath(), doubleUrlEncode) + SignerConstant.LINE_SEPARATOR + getCanonicalizedQueryString(request.rawQueryParameters()) + SignerConstant.LINE_SEPARATOR + getCanonicalizedHeaderString(request.headers()) + SignerConstant.LINE_SEPARATOR + getSignedHeadersString(request.headers()) + SignerConstant.LINE_SEPARATOR + contentSha256; LOG.trace(() -> "AWS4 Canonical Request: " + canonicalRequest); return canonicalRequest; }
/** * Step 1 of the AWS Signature version 4 calculation. Refer to * http://docs.aws * .amazon.com/general/latest/gr/sigv4-create-canonical-request.html to * generate the canonical request. */ private String createCanonicalRequest(SdkHttpFullRequest.Builder request, String contentSha256, boolean doubleUrlEncode) { String canonicalRequest = request.method().toString() + SignerConstant.LINE_SEPARATOR + // This would optionally double url-encode the resource path getCanonicalizedResourcePath(request.encodedPath(), doubleUrlEncode) + SignerConstant.LINE_SEPARATOR + getCanonicalizedQueryString(request.rawQueryParameters()) + SignerConstant.LINE_SEPARATOR + getCanonicalizedHeaderString(request.headers()) + SignerConstant.LINE_SEPARATOR + getSignedHeadersString(request.headers()) + SignerConstant.LINE_SEPARATOR + contentSha256; LOG.trace(() -> "AWS4 Canonical Request: " + canonicalRequest); return canonicalRequest; }
/** * Modifies the given {@link SdkHttpFullRequest} with new host if host prefix is enabled and set. */ private static SdkHttpFullRequest modifyEndpointHostIfNeeded(SdkHttpFullRequest originalRequest, SdkClientConfiguration clientConfiguration, ClientExecutionParams executionParams) { if (executionParams.discoveredEndpoint() != null) { URI discoveredEndpoint = executionParams.discoveredEndpoint(); return originalRequest.toBuilder().host(discoveredEndpoint.getHost()).port(discoveredEndpoint.getPort()).build(); } Boolean disableHostPrefixInjection = clientConfiguration.option(SdkAdvancedClientOption.DISABLE_HOST_PREFIX_INJECTION); if ((disableHostPrefixInjection != null && disableHostPrefixInjection.equals(Boolean.TRUE)) || StringUtils.isEmpty(executionParams.hostPrefixExpression())) { return originalRequest; } return originalRequest.toBuilder() .host(executionParams.hostPrefixExpression() + originalRequest.host()) .build(); }
private SdkHttpFullRequest finishMarshalling() { // Content may already be set if the payload is binary data. if (request.contentStreamProvider() == null) { // End the implicit request object if needed. if (!hasExplicitPayloadMember) { jsonGenerator.writeEndObject(); } byte[] content = jsonGenerator.getBytes(); request.contentStreamProvider(() -> new ByteArrayInputStream(content)); if (content.length > 0) { request.putHeader(CONTENT_LENGTH, Integer.toString(content.length)); } } // We skip setting the default content type if the request is streaming as // content-type is determined based on the body of the stream if (!request.headers().containsKey(CONTENT_TYPE) && contentType != null && !hasStreamingInput) { request.putHeader(CONTENT_TYPE, contentType); } return request.build(); }
/** * If necessary, creates a chunk-encoding wrapper on the request payload. */ @Override protected void processRequestPayload(SdkHttpFullRequest.Builder mutableRequest, byte[] signature, byte[] signingKey, Aws4SignerRequestParams signerRequestParams, AwsS3V4SignerParams signerParams) { if (useChunkEncoding(mutableRequest, signerParams)) { if (mutableRequest.contentStreamProvider() != null) { ContentStreamProvider streamProvider = mutableRequest.contentStreamProvider(); mutableRequest.contentStreamProvider(() -> AwsS3V4Signer.this.asChunkEncodedStream( streamProvider.newStream(), signature, signingKey, signerRequestParams )); } } }
private SdkHttpFullRequest finishMarshalling() { // Content may already be set if the payload is binary data. if (request.contentStreamProvider() == null) { // End the implicit request object if needed. if (!hasExplicitPayloadMember) { jsonGenerator.writeEndObject(); } byte[] content = jsonGenerator.getBytes(); request.contentStreamProvider(() -> new ByteArrayInputStream(content)); if (content.length > 0) { request.putHeader(CONTENT_LENGTH, Integer.toString(content.length)); } } // We skip setting the default content type if the request is streaming as // content-type is determined based on the body of the stream if (!request.headers().containsKey(CONTENT_TYPE) && contentType != null && !hasStreamingInput) { request.putHeader(CONTENT_TYPE, contentType); } return request.build(); }