Example #1
0
  /**
   * The only information needed to create a client are security credentials - your AWS Access Key
   * ID and Secret Access Key. All other configuration, such as the service endpoints have defaults
   * provided.
   *
   * <p>Additional client parameters, such as proxy configuration, can be specified in an optional
   * ClientConfiguration object when constructing a client.
   *
   * @see com.amazonaws.auth.BasicAWSCredentials
   * @see com.amazonaws.auth.PropertiesCredentials
   * @see com.amazonaws.ClientConfiguration
   */
  private static void init() throws Exception {
    /*
     * ProfileCredentialsProvider loads AWS security credentials from a
     * .aws/config file in your home directory.
     *
     * These same credentials are used when working with the AWS CLI.
     *
     * You can find more information on the AWS profiles config file here:
     * http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html
     */
    AWSCredentialsProvider credentialsProvider = new ProfileCredentialsProvider();

    if (credentialsProvider.getCredentials() == null) {
      File configFile = new File(System.getProperty("user.home"), ".aws/config");
      throw new RuntimeException(
          "No AWS security credentials found:\n"
              + "Make sure you've configured your credentials in: "
              + configFile.getAbsolutePath()
              + "\n"
              + "For more information on configuring your credentials, see "
              + "http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html");
    }

    ec2 = new AmazonEC2Client(credentialsProvider);
    s3 = new AmazonS3Client(credentialsProvider);
  }
Example #2
0
 /** Returns the AWS credentials for the specified profile. */
 public AWSCredentials getCredentials(String profileName) {
   final AWSCredentialsProvider provider = credentialProviderCache.get(profileName);
   if (provider != null) {
     return provider.getCredentials();
   } else {
     BasicProfile profile = allProfiles.getProfile(profileName);
     if (profile == null) {
       throw new IllegalArgumentException("No AWS profile named '" + profileName + "'");
     }
     final AWSCredentialsProvider newProvider = fromProfile(profile);
     credentialProviderCache.put(profileName, newProvider);
     return newProvider.getCredentials();
   }
 }
  private <X, Y extends AmazonWebServiceRequest> Response<X> invoke(
      Request<Y> request,
      HttpResponseHandler<AmazonWebServiceResponse<X>> responseHandler,
      ExecutionContext executionContext) {
    request.setEndpoint(endpoint);
    request.setTimeOffset(timeOffset);

    AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
    AWSCredentials credentials;
    awsRequestMetrics.startEvent(Field.CredentialsRequestTime);
    try {
      credentials = awsCredentialsProvider.getCredentials();
    } finally {
      awsRequestMetrics.endEvent(Field.CredentialsRequestTime);
    }

    AmazonWebServiceRequest originalRequest = request.getOriginalRequest();
    if (originalRequest != null && originalRequest.getRequestCredentials() != null) {
      credentials = originalRequest.getRequestCredentials();
    }

    executionContext.setCredentials(credentials);

    DefaultErrorResponseHandler errorResponseHandler =
        new DefaultErrorResponseHandler(exceptionUnmarshallers);

    return client.execute(request, responseHandler, errorResponseHandler, executionContext);
  }
  @Override
  public void signRequest(HttpUriRequest request) {
    AWSCredentials credentials = awsCredentialsProvider.getCredentials();
    if (credentials instanceof AWSSessionCredentials) {
      request.addHeader(
          SESSION_TOKEN_HEADER, ((AWSSessionCredentials) credentials).getSessionToken());
    }
    String canonicalRequest = createCanonicalRequest(request);
    log.debug("canonicalRequest: " + canonicalRequest);
    String[] requestParts = canonicalRequest.split("\n");
    String signedHeaders = requestParts[requestParts.length - 2];
    String stringToSign = createStringToSign(canonicalRequest);
    log.debug("stringToSign: " + stringToSign);
    String authScope = stringToSign.split("\n")[2];
    String signature = createSignature(stringToSign);

    String authHeader =
        String.format(
            AUTH_HEADER_FORMAT,
            credentials.getAWSAccessKeyId(),
            authScope,
            signedHeaders,
            signature);

    request.addHeader(AUTH_HEADER_NAME, authHeader);
  }
 byte[] getSignatureKey() {
   byte[] secret = getBytes("AWS4" + awsCredentialsProvider.getCredentials().getAWSSecretKey());
   byte[] date = hmacSHA256(datestamp(), secret);
   byte[] retion = hmacSHA256(regionName, date);
   byte[] service = hmacSHA256(serviceName, retion);
   return hmacSHA256("aws4_request", service);
 }
  private <X, Y extends AmazonWebServiceRequest> X invoke(
      Request<Y> request, Unmarshaller<X, StaxUnmarshallerContext> unmarshaller) {
    request.setEndpoint(endpoint);
    request.setTimeOffset(timeOffset);
    for (Entry<String, String> entry :
        request.getOriginalRequest().copyPrivateRequestParameters().entrySet()) {
      request.addParameter(entry.getKey(), entry.getValue());
    }

    AWSCredentials credentials = awsCredentialsProvider.getCredentials();
    AmazonWebServiceRequest originalRequest = request.getOriginalRequest();
    if (originalRequest != null && originalRequest.getRequestCredentials() != null) {
      credentials = originalRequest.getRequestCredentials();
    }

    ExecutionContext executionContext = createExecutionContext();
    executionContext.setSigner(signer);
    executionContext.setCredentials(credentials);

    StaxResponseHandler<X> responseHandler = new StaxResponseHandler<X>(unmarshaller);
    DefaultErrorResponseHandler errorResponseHandler =
        new DefaultErrorResponseHandler(exceptionUnmarshallers);

    return (X) client.execute(request, responseHandler, errorResponseHandler, executionContext);
  }
Example #7
0
 /**
  * Computes the presigned URL for the given S3 resource.
  *
  * @param path String like "/bucketName/folder/folder/abc.txt" that represents the resource to
  *     request.
  */
 public URL buildPresignedURL(String path) throws AmazonClientException {
   AWSCredentials credentials = awsCredentialsProvider.getCredentials();
   long expires = System.currentTimeMillis() + 60 * 60 * 1000;
   GeneratePresignedUrlRequest request =
       new GeneratePresignedUrlRequest(path, credentials.getAWSSecretKey());
   request.setExpiration(new Date(expires));
   AmazonS3 s3 = new AmazonS3Client(credentials);
   return s3.generatePresignedUrl(request);
 }
  private static void configure(String propertiesFile) throws IOException {

    if (propertiesFile != null) {
      loadProperties(propertiesFile);
    }

    // ensure the JVM will refresh the cached IP values of AWS resources (e.g. service endpoints).
    java.security.Security.setProperty("networkaddress.cache.ttl", "60");

    String workerId = InetAddress.getLocalHost().getCanonicalHostName() + ":" + UUID.randomUUID();
    LOG.info("Using workerId: " + workerId);

    // Get credentials from IMDS. If unsuccessful, get them from the credential profiles file.
    AWSCredentialsProvider credentialsProvider = null;
    try {
      credentialsProvider = new InstanceProfileCredentialsProvider();
      // Verify we can fetch credentials from the provider
      credentialsProvider.getCredentials();
      LOG.info("Obtained credentials from the IMDS.");
    } catch (AmazonClientException e) {
      LOG.info("Unable to obtain credentials from the IMDS, trying classpath properties", e);
      credentialsProvider = new ProfileCredentialsProvider();
      // Verify we can fetch credentials from the provider
      credentialsProvider.getCredentials();
      LOG.info("Obtained credentials from the properties file.");
    }

    LOG.info(
        "Using credentials with access key id: "
            + credentialsProvider.getCredentials().getAWSAccessKeyId());

    kinesisClientLibConfiguration =
        new KinesisClientLibConfiguration(
                applicationName, streamName, credentialsProvider, workerId)
            .withInitialPositionInStream(initialPositionInStream)
            .withRegionName(kinesisEndpoint);
  }
  private <X, Y extends AmazonWebServiceRequest> Response<X> invoke(
      Request<Y> request,
      Unmarshaller<X, StaxUnmarshallerContext> unmarshaller,
      ExecutionContext executionContext) {
    request.setEndpoint(endpoint);
    request.setTimeOffset(timeOffset);
    AmazonWebServiceRequest originalRequest = request.getOriginalRequest();

    AWSCredentials credentials = awsCredentialsProvider.getCredentials();
    if (originalRequest.getRequestCredentials() != null) {
      credentials = originalRequest.getRequestCredentials();
    }

    executionContext.setCredentials(credentials);

    StaxResponseHandler<X> responseHandler = new StaxResponseHandler<X>(unmarshaller);
    DefaultErrorResponseHandler errorResponseHandler =
        new DefaultErrorResponseHandler(exceptionUnmarshallers);
    return client.execute(request, responseHandler, errorResponseHandler, executionContext);
  }
 @Override
 public AWSCredentials getCredentials() {
   return credentialsProvider.getCredentials();
 }