Class AwsRequestSigner

java.lang.Object
com.google.auth.oauth2.AwsRequestSigner

class AwsRequestSigner extends Object
Internal utility that signs AWS API requests based on the AWS Signature Version 4 signing process.
See Also:
  • Field Details

  • Constructor Details

    • AwsRequestSigner

      private AwsRequestSigner(AwsSecurityCredentials awsSecurityCredentials, String httpMethod, String url, String region, @Nullable String requestPayload, @Nullable Map<String,String> additionalHeaders, @Nullable AwsDates awsDates)
      Internal constructor.
      Parameters:
      awsSecurityCredentials - AWS security credentials
      httpMethod - the HTTP request method
      url - the request URL
      region - the targeted region
      requestPayload - the request payload
      additionalHeaders - a map of additional HTTP headers to be included with the signed request
  • Method Details

    • sign

      Signs the specified AWS API request.
      Returns:
      the AwsRequestSignature
    • createCanonicalRequestHash

      private String createCanonicalRequestHash(Map<String,String> headers, List<String> sortedHeaderNames)
      Task 1: Create a canonical request for Signature Version 4.
    • createStringToSign

      private String createStringToSign(String canonicalRequestHash, String xAmzDate, String credentialScope)
      Task 2: Create a string to sign for Signature Version 4.
    • calculateAwsV4Signature

      private String calculateAwsV4Signature(String serviceName, String secret, String date, String region, String stringToSign)
      Task 3: Calculate the signature for AWS Signature Version 4.
      Parameters:
      date - the date used in the hashing process in YYYYMMDD format
    • generateAuthorizationHeader

      private String generateAuthorizationHeader(List<String> sortedHeaderNames, String accessKeyId, String credentialScope, String signature)
      Task 4: Format the signature to be added to the HTTP request.
    • getCanonicalHeaders

      private Map<String,String> getCanonicalHeaders(String defaultDate)
    • sign

      private static byte[] sign(byte[] key, byte[] value)
    • getHexEncodedSha256Hash

      private static String getHexEncodedSha256Hash(byte[] bytes)
    • newBuilder

      static AwsRequestSigner.Builder newBuilder(AwsSecurityCredentials awsSecurityCredentials, String httpMethod, String url, String region)