Package com.google.auth.oauth2
Class AwsRequestSigner
java.lang.Object
com.google.auth.oauth2.AwsRequestSigner
Internal utility that signs AWS API requests based on the AWS Signature Version 4 signing
process.
- See Also:
-
Nested Class Summary
Nested Classes -
Field Summary
Fields -
Constructor Summary
ConstructorsModifierConstructorDescriptionprivate
AwsRequestSigner
(AwsSecurityCredentials awsSecurityCredentials, String httpMethod, String url, String region, String requestPayload, Map<String, String> additionalHeaders, AwsDates awsDates) Internal constructor. -
Method Summary
Modifier and TypeMethodDescriptionprivate String
calculateAwsV4Signature
(String serviceName, String secret, String date, String region, String stringToSign) Task 3: Calculate the signature for AWS Signature Version 4.private String
Task 1: Create a canonical request for Signature Version 4.private String
createStringToSign
(String canonicalRequestHash, String xAmzDate, String credentialScope) Task 2: Create a string to sign for Signature Version 4.private String
generateAuthorizationHeader
(List<String> sortedHeaderNames, String accessKeyId, String credentialScope, String signature) Task 4: Format the signature to be added to the HTTP request.getCanonicalHeaders
(String defaultDate) private static String
getHexEncodedSha256Hash
(byte[] bytes) (package private) static AwsRequestSigner.Builder
newBuilder
(AwsSecurityCredentials awsSecurityCredentials, String httpMethod, String url, String region) (package private) AwsRequestSignature
sign()
Signs the specified AWS API request.private static byte[]
sign
(byte[] key, byte[] value)
-
Field Details
-
HASHING_ALGORITHM
- See Also:
-
AWS_REQUEST_TYPE
- See Also:
-
awsSecurityCredentials
-
additionalHeaders
-
httpMethod
-
region
-
requestPayload
-
uri
-
dates
-
-
Constructor Details
-
AwsRequestSigner
private AwsRequestSigner(AwsSecurityCredentials awsSecurityCredentials, String httpMethod, String url, String region, @Nullable String requestPayload, @Nullable Map<String, String> additionalHeaders, @Nullable AwsDates awsDates) Internal constructor.- Parameters:
awsSecurityCredentials
- AWS security credentialshttpMethod
- the HTTP request methodurl
- the request URLregion
- the targeted regionrequestPayload
- the request payloadadditionalHeaders
- a map of additional HTTP headers to be included with the signed request
-
-
Method Details
-
sign
AwsRequestSignature sign()Signs the specified AWS API request.- Returns:
- the
AwsRequestSignature
-
createCanonicalRequestHash
private String createCanonicalRequestHash(Map<String, String> headers, List<String> sortedHeaderNames) Task 1: Create a canonical request for Signature Version 4. -
createStringToSign
private String createStringToSign(String canonicalRequestHash, String xAmzDate, String credentialScope) Task 2: Create a string to sign for Signature Version 4. -
calculateAwsV4Signature
private String calculateAwsV4Signature(String serviceName, String secret, String date, String region, String stringToSign) Task 3: Calculate the signature for AWS Signature Version 4.- Parameters:
date
- the date used in the hashing process in YYYYMMDD format
-
generateAuthorizationHeader
private String generateAuthorizationHeader(List<String> sortedHeaderNames, String accessKeyId, String credentialScope, String signature) Task 4: Format the signature to be added to the HTTP request. -
getCanonicalHeaders
-
sign
private static byte[] sign(byte[] key, byte[] value) -
getHexEncodedSha256Hash
-
newBuilder
static AwsRequestSigner.Builder newBuilder(AwsSecurityCredentials awsSecurityCredentials, String httpMethod, String url, String region)
-