Class SignerV4


  • class SignerV4
    extends java.lang.Object
    Signing support for Amazon AWS signing V4

    See http://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html

    • Constructor Summary

      Constructors 
      Constructor Description
      SignerV4()  
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      private static void addHostHeader​(java.net.URL url, java.util.Map<java.lang.String,​java.lang.String> headers)  
      private static void appendQuery​(java.lang.StringBuilder s, java.lang.String key, java.lang.String value)  
      private static java.lang.String canonicalizeHeaderNames​(java.util.Map<java.lang.String,​java.lang.String> headers)  
      private static java.lang.String canonicalizeHeaderString​(java.util.Map<java.lang.String,​java.lang.String> headers)  
      private static java.lang.String canonicalizeQueryString​(java.util.Map<java.lang.String,​java.lang.String> parameters)  
      private static java.lang.String canonicalizeResourcePath​(java.net.URL endpoint)  
      private static java.lang.String canonicalRequest​(java.net.URL endpoint, java.lang.String httpMethod, java.lang.String queryParameters, java.lang.String canonicalizedHeaderNames, java.lang.String canonicalizedHeaders, java.lang.String bodyHash)  
      (package private) static java.lang.String createAuthorizationQuery​(S3Config bucketConfig, java.net.URL url, java.lang.String httpMethod, java.util.Map<java.lang.String,​java.lang.String> headers, java.util.Map<java.lang.String,​java.lang.String> queryParameters, java.lang.String bodyHash)
      Create an AWSV4 authorization for a request, suitable for embedding in query parameters.
      (package private) static java.util.Map<java.lang.String,​java.lang.String> createHeaderAuthorization​(S3Config bucketConfig, java.net.URL url, java.lang.String httpMethod, java.util.Map<java.lang.String,​java.lang.String> headers, java.lang.String bodyHash)
      Sign headers for given bucket, url and HTTP method and add signature in Authorization header.
      private static byte[] createSignature​(S3Config bucketConfig, java.lang.String dateTimeStamp, java.lang.String dateStamp, java.lang.String scope, java.lang.String canonicalRequest)  
      private static java.lang.String dateStamp​(java.util.Date now)  
      private static java.lang.String dateTimeStampISO8601​(java.util.Date now)  
      private static java.lang.String formatAuthorizationHeader​(S3Config bucketConfig, java.lang.String canonicalizedHeaderNames, java.lang.String scope, byte[] signature)  
      private static java.lang.String formatAuthorizationQuery​(java.util.Map<java.lang.String,​java.lang.String> queryParameters)  
      private static byte[] hash​(java.lang.String s)  
      private static java.lang.String scope​(java.lang.String region, java.lang.String dateStamp)  
      private static byte[] sign​(java.lang.String stringData, byte[] key)  
      private static java.lang.String stringToSign​(java.lang.String scheme, java.lang.String algorithm, java.lang.String dateTime, java.lang.String scope, java.lang.String canonicalRequest)  
      private static java.lang.String toHex​(byte[] bytes)  
      private static java.lang.String urlEncode​(java.lang.String url, boolean keepPathSlash)  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • SignerV4

        SignerV4()
    • Method Detail

      • createAuthorizationQuery

        static java.lang.String createAuthorizationQuery​(S3Config bucketConfig,
                                                         java.net.URL url,
                                                         java.lang.String httpMethod,
                                                         java.util.Map<java.lang.String,​java.lang.String> headers,
                                                         java.util.Map<java.lang.String,​java.lang.String> queryParameters,
                                                         java.lang.String bodyHash)
        Create an AWSV4 authorization for a request, suitable for embedding in query parameters.
        Parameters:
        bucketConfig - configuration of S3 storage bucket this request should be signed for
        url - HTTP request URL
        httpMethod - HTTP method
        headers - The HTTP request headers; 'Host' and 'X-Amz-Date' will be added to this set.
        queryParameters - Any query parameters that will be added to the endpoint. The parameters should be specified in canonical format.
        bodyHash - Pre-computed SHA256 hash of the request body content; this value should also be set as the header 'X-Amz-Content-SHA256' for non-streaming uploads.
        Returns:
        The computed authorization string for the request. This value needs to be set as the header 'Authorization' on the subsequent HTTP request.
      • formatAuthorizationQuery

        private static java.lang.String formatAuthorizationQuery​(java.util.Map<java.lang.String,​java.lang.String> queryParameters)
      • appendQuery

        private static void appendQuery​(java.lang.StringBuilder s,
                                        java.lang.String key,
                                        java.lang.String value)
      • createHeaderAuthorization

        static java.util.Map<java.lang.String,​java.lang.String> createHeaderAuthorization​(S3Config bucketConfig,
                                                                                                java.net.URL url,
                                                                                                java.lang.String httpMethod,
                                                                                                java.util.Map<java.lang.String,​java.lang.String> headers,
                                                                                                java.lang.String bodyHash)
        Sign headers for given bucket, url and HTTP method and add signature in Authorization header.
        Parameters:
        bucketConfig - configuration of S3 storage bucket this request should be signed for
        url - HTTP request URL
        httpMethod - HTTP method
        headers - HTTP headers to sign
        bodyHash - Pre-computed SHA256 hash of the request body content; this value should also be set as the header 'X-Amz-Content-SHA256' for non-streaming uploads.
        Returns:
        HTTP headers signd by an Authorization header added to the headers
      • formatAuthorizationHeader

        private static java.lang.String formatAuthorizationHeader​(S3Config bucketConfig,
                                                                  java.lang.String canonicalizedHeaderNames,
                                                                  java.lang.String scope,
                                                                  byte[] signature)
      • addHostHeader

        private static void addHostHeader​(java.net.URL url,
                                          java.util.Map<java.lang.String,​java.lang.String> headers)
      • canonicalizeHeaderNames

        private static java.lang.String canonicalizeHeaderNames​(java.util.Map<java.lang.String,​java.lang.String> headers)
      • canonicalizeHeaderString

        private static java.lang.String canonicalizeHeaderString​(java.util.Map<java.lang.String,​java.lang.String> headers)
      • dateStamp

        private static java.lang.String dateStamp​(java.util.Date now)
      • dateTimeStampISO8601

        private static java.lang.String dateTimeStampISO8601​(java.util.Date now)
      • scope

        private static java.lang.String scope​(java.lang.String region,
                                              java.lang.String dateStamp)
      • canonicalizeQueryString

        private static java.lang.String canonicalizeQueryString​(java.util.Map<java.lang.String,​java.lang.String> parameters)
      • canonicalRequest

        private static java.lang.String canonicalRequest​(java.net.URL endpoint,
                                                         java.lang.String httpMethod,
                                                         java.lang.String queryParameters,
                                                         java.lang.String canonicalizedHeaderNames,
                                                         java.lang.String canonicalizedHeaders,
                                                         java.lang.String bodyHash)
      • canonicalizeResourcePath

        private static java.lang.String canonicalizeResourcePath​(java.net.URL endpoint)
      • hash

        private static byte[] hash​(java.lang.String s)
      • sign

        private static byte[] sign​(java.lang.String stringData,
                                   byte[] key)
      • stringToSign

        private static java.lang.String stringToSign​(java.lang.String scheme,
                                                     java.lang.String algorithm,
                                                     java.lang.String dateTime,
                                                     java.lang.String scope,
                                                     java.lang.String canonicalRequest)
      • toHex

        private static java.lang.String toHex​(byte[] bytes)
      • urlEncode

        private static java.lang.String urlEncode​(java.lang.String url,
                                                  boolean keepPathSlash)
      • createSignature

        private static byte[] createSignature​(S3Config bucketConfig,
                                              java.lang.String dateTimeStamp,
                                              java.lang.String dateStamp,
                                              java.lang.String scope,
                                              java.lang.String canonicalRequest)