Package com.google.auth.oauth2
Class AwsRequestSigner
- java.lang.Object
-
- com.google.auth.oauth2.AwsRequestSigner
-
class AwsRequestSigner extends java.lang.Object
Internal utility that signs AWS API requests based on the AWS Signature Version 4 signing process.- See Also:
- AWS Signature V4
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description (package private) static class
AwsRequestSigner.Builder
-
Field Summary
Fields Modifier and Type Field Description private java.util.Map<java.lang.String,java.lang.String>
additionalHeaders
private static java.lang.String
AWS_REQUEST_TYPE
private AwsSecurityCredentials
awsSecurityCredentials
private AwsDates
dates
private static java.lang.String
HASHING_ALGORITHM
private java.lang.String
httpMethod
private java.lang.String
region
private java.lang.String
requestPayload
private java.net.URI
uri
-
Constructor Summary
Constructors Modifier Constructor Description private
AwsRequestSigner(AwsSecurityCredentials awsSecurityCredentials, java.lang.String httpMethod, java.lang.String url, java.lang.String region, java.lang.String requestPayload, java.util.Map<java.lang.String,java.lang.String> additionalHeaders, AwsDates awsDates)
Internal constructor.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private java.lang.String
calculateAwsV4Signature(java.lang.String serviceName, java.lang.String secret, java.lang.String date, java.lang.String region, java.lang.String stringToSign)
Task 3: Calculate the signature for AWS Signature Version 4.private java.lang.String
createCanonicalRequestHash(java.util.Map<java.lang.String,java.lang.String> headers, java.util.List<java.lang.String> sortedHeaderNames)
Task 1: Create a canonical request for Signature Version 4.private java.lang.String
createStringToSign(java.lang.String canonicalRequestHash, java.lang.String xAmzDate, java.lang.String credentialScope)
Task 2: Create a string to sign for Signature Version 4.private java.lang.String
generateAuthorizationHeader(java.util.List<java.lang.String> sortedHeaderNames, java.lang.String accessKeyId, java.lang.String credentialScope, java.lang.String signature)
Task 4: Format the signature to be added to the HTTP request.private java.util.Map<java.lang.String,java.lang.String>
getCanonicalHeaders(java.lang.String defaultDate)
private static java.lang.String
getHexEncodedSha256Hash(byte[] bytes)
(package private) static AwsRequestSigner.Builder
newBuilder(AwsSecurityCredentials awsSecurityCredentials, java.lang.String httpMethod, java.lang.String url, java.lang.String region)
(package private) AwsRequestSignature
sign()
Signs the specified AWS API request.private static byte[]
sign(byte[] key, byte[] value)
-
-
-
Field Detail
-
HASHING_ALGORITHM
private static final java.lang.String HASHING_ALGORITHM
- See Also:
- Constant Field Values
-
AWS_REQUEST_TYPE
private static final java.lang.String AWS_REQUEST_TYPE
- See Also:
- Constant Field Values
-
awsSecurityCredentials
private final AwsSecurityCredentials awsSecurityCredentials
-
additionalHeaders
private final java.util.Map<java.lang.String,java.lang.String> additionalHeaders
-
httpMethod
private final java.lang.String httpMethod
-
region
private final java.lang.String region
-
requestPayload
private final java.lang.String requestPayload
-
uri
private final java.net.URI uri
-
dates
private final AwsDates dates
-
-
Constructor Detail
-
AwsRequestSigner
private AwsRequestSigner(AwsSecurityCredentials awsSecurityCredentials, java.lang.String httpMethod, java.lang.String url, java.lang.String region, @Nullable java.lang.String requestPayload, @Nullable java.util.Map<java.lang.String,java.lang.String> additionalHeaders, @Nullable AwsDates awsDates)
Internal constructor.- Parameters:
awsSecurityCredentials
- AWS security credentialshttpMethod
- the HTTP request methodurl
- the request URLregion
- the targeted regionrequestPayload
- the request payloadadditionalHeaders
- a map of additional HTTP headers to be included with the signed request
-
-
Method Detail
-
sign
AwsRequestSignature sign()
Signs the specified AWS API request.- Returns:
- the
AwsRequestSignature
-
createCanonicalRequestHash
private java.lang.String createCanonicalRequestHash(java.util.Map<java.lang.String,java.lang.String> headers, java.util.List<java.lang.String> sortedHeaderNames)
Task 1: Create a canonical request for Signature Version 4.
-
createStringToSign
private java.lang.String createStringToSign(java.lang.String canonicalRequestHash, java.lang.String xAmzDate, java.lang.String credentialScope)
Task 2: Create a string to sign for Signature Version 4.
-
calculateAwsV4Signature
private java.lang.String calculateAwsV4Signature(java.lang.String serviceName, java.lang.String secret, java.lang.String date, java.lang.String region, java.lang.String stringToSign)
Task 3: Calculate the signature for AWS Signature Version 4.- Parameters:
date
- the date used in the hashing process in YYYYMMDD format
-
generateAuthorizationHeader
private java.lang.String generateAuthorizationHeader(java.util.List<java.lang.String> sortedHeaderNames, java.lang.String accessKeyId, java.lang.String credentialScope, java.lang.String signature)
Task 4: Format the signature to be added to the HTTP request.
-
getCanonicalHeaders
private java.util.Map<java.lang.String,java.lang.String> getCanonicalHeaders(java.lang.String defaultDate)
-
sign
private static byte[] sign(byte[] key, byte[] value)
-
getHexEncodedSha256Hash
private static java.lang.String getHexEncodedSha256Hash(byte[] bytes)
-
newBuilder
static AwsRequestSigner.Builder newBuilder(AwsSecurityCredentials awsSecurityCredentials, java.lang.String httpMethod, java.lang.String url, java.lang.String region)
-
-