private HttpRequest signForTemporaryAccess(HttpRequest request, long timeInSeconds) { HttpRequest.Builder<?> builder = request.toBuilder().filters(ImmutableSet.<HttpRequestFilter> of()); String key = temporaryUrlKeySupplier.get(); if (key == null) { throw new UnsupportedOperationException(); } long expiresInSeconds = unixEpochTimestampProvider.get() + timeInSeconds; builder.addQueryParam("temp_url_sig", createSignature(key, createStringToSign(request.getMethod().toUpperCase(), request, expiresInSeconds))); builder.addQueryParam("temp_url_expires", "" + expiresInSeconds); return builder.build(); }
private HttpRequest signForTemporaryAccess(HttpRequest request, long timeInSeconds) { HttpRequest.Builder<?> builder = request.toBuilder().filters(ImmutableSet.<HttpRequestFilter> of()); String key = temporaryUrlKeySupplier.get(); if (key == null) { throw new UnsupportedOperationException(); } long expiresInSeconds = unixEpochTimestampProvider.get() + timeInSeconds; builder.addQueryParam("temp_url_sig", createSignature(key, createStringToSign(request.getMethod().toUpperCase(), request, expiresInSeconds))); builder.addQueryParam("temp_url_expires", "" + expiresInSeconds); return builder.build(); }
private HttpRequest signForTemporaryAccess(HttpRequest request, long timeInSeconds) { HttpRequest.Builder<?> builder = request.toBuilder().filters(ImmutableSet.<HttpRequestFilter> of()); String key = temporaryUrlKeySupplier.get(); if (key == null) { throw new UnsupportedOperationException(); } long expiresInSeconds = unixEpochTimestampProvider.get() + timeInSeconds; builder.addQueryParam("temp_url_sig", createSignature(key, createStringToSign(request.getMethod().toUpperCase(), request, expiresInSeconds))); builder.addQueryParam("temp_url_expires", "" + expiresInSeconds); return builder.build(); }
@Override public HttpRequest signForTemporaryAccess(HttpRequest request, long timeInSeconds) { // Update the 'DATE' header String dateString = request.getFirstHeaderOrNull(HttpHeaders.DATE); if (dateString == null) { dateString = timeStampProvider.get(); } Date date = dateService.rfc1123DateParse(dateString); String expiration = String.valueOf(TimeUnit.MILLISECONDS.toSeconds(date.getTime()) + timeInSeconds); HttpRequest.Builder<?> builder = request.toBuilder() .removeHeader(HttpHeaders.AUTHORIZATION) .replaceHeader(HttpHeaders.DATE, expiration); String stringToSign = createStringToSign(builder.build()); String signature = sign(stringToSign); HttpRequest ret = builder .addQueryParam(HttpHeaders.EXPIRES, expiration) .addQueryParam("AWSAccessKeyId", creds.get().identity) // Signature MUST be the last parameter because if it isn't, even encoded '+' values in the // signature will be converted to a space by a subsequent addQueryParameter. // See HttpRequestTest.testAddBase64AndUrlEncodedQueryParams for more details. .addQueryParam(S3Constants.TEMPORARY_SIGNATURE_PARAM, signature) .removeHeader(HttpHeaders.DATE) // remove signer created by RestAnnotationProcessor .filters(ImmutableList.<HttpRequestFilter>of()) .build(); return ret; } }
@Override public HttpRequest signForTemporaryAccess(HttpRequest request, long timeInSeconds) { // Update the 'DATE' header String dateString = request.getFirstHeaderOrNull(HttpHeaders.DATE); if (dateString == null) { dateString = timeStampProvider.get(); } Date date = dateService.rfc1123DateParse(dateString); String expiration = String.valueOf(TimeUnit.MILLISECONDS.toSeconds(date.getTime()) + timeInSeconds); HttpRequest.Builder<?> builder = request.toBuilder() .removeHeader(HttpHeaders.AUTHORIZATION) .replaceHeader(HttpHeaders.DATE, expiration); String stringToSign = createStringToSign(builder.build()); String signature = sign(stringToSign); HttpRequest ret = builder .addQueryParam(HttpHeaders.EXPIRES, expiration) .addQueryParam("AWSAccessKeyId", creds.get().identity) // Signature MUST be the last parameter because if it isn't, even encoded '+' values in the // signature will be converted to a space by a subsequent addQueryParameter. // See HttpRequestTest.testAddBase64AndUrlEncodedQueryParams for more details. .addQueryParam(S3Constants.TEMPORARY_SIGNATURE_PARAM, signature) .removeHeader(HttpHeaders.DATE) // remove signer created by RestAnnotationProcessor .filters(ImmutableList.<HttpRequestFilter>of()) .build(); return ret; } }
private HttpRequest signForTemporaryAccess(HttpRequest request, long timeInSeconds) { Credentials currentCreds = checkNotNull(creds.get(), "credential supplier returned null"); // accessKey is of the form tenantName:accessKeyId (not tenantId) String accessKeyId = currentCreds.identity.substring(currentCreds.identity.indexOf(':') + 1); String secretKey = currentCreds.credential; String tenantId = access.get().getToken().getTenant().get().getId(); HttpRequest.Builder<?> builder = request.toBuilder(); // HP Cloud does not use X-Auth-Token for temporary signed URLs and // leaking this allows clients arbitrary privileges until token timeout. builder.filters(filter(request.getFilters(), not(instanceOf(AuthenticateRequest.class)))); long expiresInSeconds = unixEpochTimestampProvider.get() + timeInSeconds; String signature = createSignature(secretKey, createStringToSign(request.getMethod().toUpperCase(), request, expiresInSeconds)); builder.addQueryParam("temp_url_sig", String.format("%s:%s:%s", tenantId, accessKeyId, signature)); builder.addQueryParam("temp_url_expires", "" + expiresInSeconds); return builder.build(); }
private HttpRequest signForTemporaryAccess(HttpRequest request, long timeInSeconds) { HttpRequest.Builder<?> builder = request.toBuilder().filters(ImmutableSet.<HttpRequestFilter> of()); String key = temporaryUrlKeySupplier.get(); if (key == null) { throw new UnsupportedOperationException(); } long expiresInSeconds = unixEpochTimestampProvider.get() + timeInSeconds; builder.addQueryParam("temp_url_sig", createSignature(key, createStringToSign(request.getMethod().toUpperCase(), request, expiresInSeconds))); builder.addQueryParam("temp_url_expires", "" + expiresInSeconds); return builder.build(); }
public T fromHttpRequest(HttpRequest in) { return super.fromHttpMessage(in) .method(in.getMethod()) .endpoint(in.getEndpoint()) .filters(in.getFilters()); } }
public T fromHttpRequest(HttpRequest in) { return super.fromHttpMessage(in) .method(in.getMethod()) .endpoint(in.getEndpoint()) .filters(in.getFilters()); } }
public T fromHttpRequest(HttpRequest in) { return super.fromHttpMessage(in) .method(in.getMethod()) .endpoint(in.getEndpoint()) .filters(in.getFilters()); } }
public T fromHttpRequest(HttpRequest in) { return super.fromHttpMessage(in) .method(in.getMethod()) .endpoint(in.getEndpoint()) .filters(in.getFilters()); } }
public T fromHttpRequest(HttpRequest in) { return super.fromHttpMessage(in) .method(in.getMethod()) .endpoint(in.getEndpoint()) .filters(in.getFilters()); } }
public T fromHttpRequest(HttpRequest in) { return super.fromHttpMessage(in) .method(in.getMethod()) .endpoint(in.getEndpoint()) .filters(in.getFilters()); } }