Package org.eclipse.jgit.lfs.server.s3
Class SignerV4
- java.lang.Object
-
- org.eclipse.jgit.lfs.server.s3.SignerV4
-
class SignerV4 extends java.lang.Object
Signing support for Amazon AWS signing V4See http://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html
-
-
Field Summary
Fields Modifier and Type Field Description private static java.lang.String
ALGORITHM
private static java.lang.String
DATE_STRING_FORMAT
private static java.lang.String
HEX
private static java.lang.String
HMACSHA256
private static java.lang.String
ISO8601_BASIC_FORMAT
private static java.lang.String
S3
private static java.lang.String
SCHEME
private static java.lang.String
TERMINATOR
(package private) static java.lang.String
UNSIGNED_PAYLOAD
private static java.lang.String
UTC
private static java.lang.String
X_AMZ_ALGORITHM
(package private) static java.lang.String
X_AMZ_CONTENT_SHA256
private static java.lang.String
X_AMZ_CREDENTIAL
private static java.lang.String
X_AMZ_DATE
(package private) static java.lang.String
X_AMZ_EXPIRES
private static java.lang.String
X_AMZ_SIGNATURE
private static java.lang.String
X_AMZ_SIGNED_HEADERS
(package private) static java.lang.String
X_AMZ_STORAGE_CLASS
-
Constructor Summary
Constructors Constructor Description SignerV4()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description private static void
addHostHeader(java.net.URL url, java.util.Map<java.lang.String,java.lang.String> headers)
private static void
appendQuery(java.lang.StringBuilder s, java.lang.String key, java.lang.String value)
private static java.lang.String
canonicalizeHeaderNames(java.util.Map<java.lang.String,java.lang.String> headers)
private static java.lang.String
canonicalizeHeaderString(java.util.Map<java.lang.String,java.lang.String> headers)
private static java.lang.String
canonicalizeQueryString(java.util.Map<java.lang.String,java.lang.String> parameters)
private static java.lang.String
canonicalizeResourcePath(java.net.URL endpoint)
private static java.lang.String
canonicalRequest(java.net.URL endpoint, java.lang.String httpMethod, java.lang.String queryParameters, java.lang.String canonicalizedHeaderNames, java.lang.String canonicalizedHeaders, java.lang.String bodyHash)
(package private) static java.lang.String
createAuthorizationQuery(S3Config bucketConfig, java.net.URL url, java.lang.String httpMethod, java.util.Map<java.lang.String,java.lang.String> headers, java.util.Map<java.lang.String,java.lang.String> queryParameters, java.lang.String bodyHash)
Create an AWSV4 authorization for a request, suitable for embedding in query parameters.(package private) static java.util.Map<java.lang.String,java.lang.String>
createHeaderAuthorization(S3Config bucketConfig, java.net.URL url, java.lang.String httpMethod, java.util.Map<java.lang.String,java.lang.String> headers, java.lang.String bodyHash)
Sign headers for given bucket, url and HTTP method and add signature in Authorization header.private static byte[]
createSignature(S3Config bucketConfig, java.lang.String dateTimeStamp, java.lang.String dateStamp, java.lang.String scope, java.lang.String canonicalRequest)
private static java.lang.String
dateStamp(java.util.Date now)
private static java.lang.String
dateTimeStampISO8601(java.util.Date now)
private static java.lang.String
formatAuthorizationHeader(S3Config bucketConfig, java.lang.String canonicalizedHeaderNames, java.lang.String scope, byte[] signature)
private static java.lang.String
formatAuthorizationQuery(java.util.Map<java.lang.String,java.lang.String> queryParameters)
private static byte[]
hash(java.lang.String s)
private static java.lang.String
scope(java.lang.String region, java.lang.String dateStamp)
private static byte[]
sign(java.lang.String stringData, byte[] key)
private static java.lang.String
stringToSign(java.lang.String scheme, java.lang.String algorithm, java.lang.String dateTime, java.lang.String scope, java.lang.String canonicalRequest)
private static java.lang.String
toHex(byte[] bytes)
private static java.lang.String
urlEncode(java.lang.String url, boolean keepPathSlash)
-
-
-
Field Detail
-
UNSIGNED_PAYLOAD
static final java.lang.String UNSIGNED_PAYLOAD
- See Also:
- Constant Field Values
-
ALGORITHM
private static final java.lang.String ALGORITHM
- See Also:
- Constant Field Values
-
DATE_STRING_FORMAT
private static final java.lang.String DATE_STRING_FORMAT
- See Also:
- Constant Field Values
-
HEX
private static final java.lang.String HEX
- See Also:
- Constant Field Values
-
HMACSHA256
private static final java.lang.String HMACSHA256
- See Also:
- Constant Field Values
-
ISO8601_BASIC_FORMAT
private static final java.lang.String ISO8601_BASIC_FORMAT
- See Also:
- Constant Field Values
-
S3
private static final java.lang.String S3
- See Also:
- Constant Field Values
-
SCHEME
private static final java.lang.String SCHEME
- See Also:
- Constant Field Values
-
TERMINATOR
private static final java.lang.String TERMINATOR
- See Also:
- Constant Field Values
-
UTC
private static final java.lang.String UTC
- See Also:
- Constant Field Values
-
X_AMZ_ALGORITHM
private static final java.lang.String X_AMZ_ALGORITHM
- See Also:
- Constant Field Values
-
X_AMZ_CREDENTIAL
private static final java.lang.String X_AMZ_CREDENTIAL
- See Also:
- Constant Field Values
-
X_AMZ_DATE
private static final java.lang.String X_AMZ_DATE
- See Also:
- Constant Field Values
-
X_AMZ_SIGNATURE
private static final java.lang.String X_AMZ_SIGNATURE
- See Also:
- Constant Field Values
-
X_AMZ_SIGNED_HEADERS
private static final java.lang.String X_AMZ_SIGNED_HEADERS
- See Also:
- Constant Field Values
-
X_AMZ_CONTENT_SHA256
static final java.lang.String X_AMZ_CONTENT_SHA256
- See Also:
- Constant Field Values
-
X_AMZ_EXPIRES
static final java.lang.String X_AMZ_EXPIRES
- See Also:
- Constant Field Values
-
X_AMZ_STORAGE_CLASS
static final java.lang.String X_AMZ_STORAGE_CLASS
- See Also:
- Constant Field Values
-
-
Method Detail
-
createAuthorizationQuery
static java.lang.String createAuthorizationQuery(S3Config bucketConfig, java.net.URL url, java.lang.String httpMethod, java.util.Map<java.lang.String,java.lang.String> headers, java.util.Map<java.lang.String,java.lang.String> queryParameters, java.lang.String bodyHash)
Create an AWSV4 authorization for a request, suitable for embedding in query parameters.- Parameters:
bucketConfig
- configuration of S3 storage bucket this request should be signed forurl
- HTTP request URLhttpMethod
- HTTP methodheaders
- The HTTP request headers; 'Host' and 'X-Amz-Date' will be added to this set.queryParameters
- Any query parameters that will be added to the endpoint. The parameters should be specified in canonical format.bodyHash
- Pre-computed SHA256 hash of the request body content; this value should also be set as the header 'X-Amz-Content-SHA256' for non-streaming uploads.- Returns:
- The computed authorization string for the request. This value needs to be set as the header 'Authorization' on the subsequent HTTP request.
-
formatAuthorizationQuery
private static java.lang.String formatAuthorizationQuery(java.util.Map<java.lang.String,java.lang.String> queryParameters)
-
appendQuery
private static void appendQuery(java.lang.StringBuilder s, java.lang.String key, java.lang.String value)
-
createHeaderAuthorization
static java.util.Map<java.lang.String,java.lang.String> createHeaderAuthorization(S3Config bucketConfig, java.net.URL url, java.lang.String httpMethod, java.util.Map<java.lang.String,java.lang.String> headers, java.lang.String bodyHash)
Sign headers for given bucket, url and HTTP method and add signature in Authorization header.- Parameters:
bucketConfig
- configuration of S3 storage bucket this request should be signed forurl
- HTTP request URLhttpMethod
- HTTP methodheaders
- HTTP headers to signbodyHash
- Pre-computed SHA256 hash of the request body content; this value should also be set as the header 'X-Amz-Content-SHA256' for non-streaming uploads.- Returns:
- HTTP headers signd by an Authorization header added to the headers
-
formatAuthorizationHeader
private static java.lang.String formatAuthorizationHeader(S3Config bucketConfig, java.lang.String canonicalizedHeaderNames, java.lang.String scope, byte[] signature)
-
addHostHeader
private static void addHostHeader(java.net.URL url, java.util.Map<java.lang.String,java.lang.String> headers)
-
canonicalizeHeaderNames
private static java.lang.String canonicalizeHeaderNames(java.util.Map<java.lang.String,java.lang.String> headers)
-
canonicalizeHeaderString
private static java.lang.String canonicalizeHeaderString(java.util.Map<java.lang.String,java.lang.String> headers)
-
dateStamp
private static java.lang.String dateStamp(java.util.Date now)
-
dateTimeStampISO8601
private static java.lang.String dateTimeStampISO8601(java.util.Date now)
-
scope
private static java.lang.String scope(java.lang.String region, java.lang.String dateStamp)
-
canonicalizeQueryString
private static java.lang.String canonicalizeQueryString(java.util.Map<java.lang.String,java.lang.String> parameters)
-
canonicalRequest
private static java.lang.String canonicalRequest(java.net.URL endpoint, java.lang.String httpMethod, java.lang.String queryParameters, java.lang.String canonicalizedHeaderNames, java.lang.String canonicalizedHeaders, java.lang.String bodyHash)
-
canonicalizeResourcePath
private static java.lang.String canonicalizeResourcePath(java.net.URL endpoint)
-
hash
private static byte[] hash(java.lang.String s)
-
sign
private static byte[] sign(java.lang.String stringData, byte[] key)
-
stringToSign
private static java.lang.String stringToSign(java.lang.String scheme, java.lang.String algorithm, java.lang.String dateTime, java.lang.String scope, java.lang.String canonicalRequest)
-
toHex
private static java.lang.String toHex(byte[] bytes)
-
urlEncode
private static java.lang.String urlEncode(java.lang.String url, boolean keepPathSlash)
-
createSignature
private static byte[] createSignature(S3Config bucketConfig, java.lang.String dateTimeStamp, java.lang.String dateStamp, java.lang.String scope, java.lang.String canonicalRequest)
-
-