public String buildRequestUrl() {
StringBuilder builder = new StringBuilder((this.useSSL ? "https://" : "http://"));
builder.append(this.endpoint);
builder.append("/");
builder.append("registerdevice");
builder.append("?uid=" + HttpUtils.urlEncode(this.uid, false));
builder.append("&key=" + HttpUtils.urlEncode(this.key, false));
return builder.toString();
}
public String buildRequestUrl() {
StringBuilder builder = new StringBuilder((this.useSSL ? "https://" : "http://"));
builder.append(this.endpoint);
builder.append("/");
String timestamp = Utilities.getTimestamp();
String signature = Utilities.getSignature(timestamp, key);
builder.append("gettoken");
builder.append("?uid=" + HttpUtils.urlEncode(this.uid, false));
builder.append("×tamp=" + HttpUtils.urlEncode(timestamp, false));
builder.append("&signature=" + HttpUtils.urlEncode(signature, false));
return builder.toString();
}
/**
* Converts the specified request object into a URL, containing all the specified parameters, the
* specified request endpoint, etc.
*
* @param request The request to convert into a URL.
* @param removeLeadingSlashInResourcePath Whether the leading slash in resource-path should be
* removed before appending to the endpoint.
* @return A new URL representing the specified request.
* @throws AmazonClientException If the request cannot be converted to a well formed URL.
*/
public static URL convertRequestToUrl(
Request<?> request, boolean removeLeadingSlashInResourcePath) {
String resourcePath = HttpUtils.urlEncode(request.getResourcePath(), true);
// Removed the padding "/" that was already added into the request's resource path.
if (removeLeadingSlashInResourcePath && resourcePath.startsWith("/")) {
resourcePath = resourcePath.substring(1);
}
// Some http client libraries (e.g. Apache HttpClient) cannot handle
// consecutive "/"s between URL authority and path components.
// So we escape "////..." into "/%2F%2F%2F...", in the same way as how
// we treat consecutive "/"s in AmazonS3Client#presignRequest(...)
String urlPath = "/" + resourcePath;
urlPath = urlPath.replaceAll("(?<=/)/", "%2F");
String urlString = request.getEndpoint() + urlPath;
boolean firstParam = true;
for (String param : request.getParameters().keySet()) {
if (firstParam) {
urlString += "?";
firstParam = false;
} else {
urlString += "&";
}
String value = request.getParameters().get(param);
urlString += param + "=" + HttpUtils.urlEncode(value, false);
}
try {
return new URL(urlString);
} catch (MalformedURLException e) {
throw new AmazonClientException(
"Unable to convert request to well formed URL: " + e.getMessage(), e);
}
}
/**
* Append the given path to the given baseUri.
*
* <p>This method will encode the given path but not the given baseUri.
*
* @param baseUri The URI to append to (required, may be relative)
* @param path The path to append (may be null or empty)
* @param escapeDoubleSlash Whether double-slash in the path should be escaped to "/%2F"
* @return The baseUri with the (encoded) path appended
*/
public static String appendUri(
final String baseUri, String path, final boolean escapeDoubleSlash) {
String resultUri = baseUri;
if (path != null && path.length() > 0) {
if (path.startsWith("/")) {
// trim the trailing slash in baseUri, since the path already starts with a slash
if (resultUri.endsWith("/")) {
resultUri = resultUri.substring(0, resultUri.length() - 1);
}
} else if (!resultUri.endsWith("/")) {
resultUri += "/";
}
String encodedPath = HttpUtils.urlEncode(path, true);
if (escapeDoubleSlash) {
encodedPath = encodedPath.replace("//", "/%2F");
}
resultUri += encodedPath;
} else if (!resultUri.endsWith("/")) {
resultUri += "/";
}
return resultUri;
}
/* (non-Javadoc)
* @see com.amazonaws.auth.Signer#sign(com.amazonaws.Request, com.amazonaws.auth.AWSCredentials)
*/
public void sign(Request<?> request, AWSCredentials credentials) throws AmazonClientException {
// annonymous credentials, don't sign
if (credentials instanceof AnonymousAWSCredentials) {
return;
}
AWSCredentials sanitizedCredentials = sanitizeCredentials(credentials);
if (sanitizedCredentials instanceof AWSSessionCredentials) {
addSessionCredentials(request, (AWSSessionCredentials) sanitizedCredentials);
}
SimpleDateFormat dateStampFormat = new SimpleDateFormat("yyyyMMdd");
dateStampFormat.setTimeZone(new SimpleTimeZone(0, "UTC"));
SimpleDateFormat dateTimeFormat = new SimpleDateFormat("yyyyMMdd'T'HHmmss'Z'");
dateTimeFormat.setTimeZone(new SimpleTimeZone(0, "UTC"));
String regionName = extractRegionName(request.getEndpoint());
String serviceName = extractServiceName(request.getEndpoint());
// AWS4 requires that we sign the Host header so we
// have to have it in the request by the time we sign.
String hostHeader = request.getEndpoint().getHost();
if (HttpUtils.isUsingNonDefaultPort(request.getEndpoint())) {
hostHeader += ":" + request.getEndpoint().getPort();
}
request.addHeader("Host", hostHeader);
Date date = new Date();
if (overriddenDate != null) date = overriddenDate;
String dateTime = dateTimeFormat.format(date);
String dateStamp = dateStampFormat.format(date);
InputStream payloadStream = getBinaryRequestPayloadStream(request);
payloadStream.mark(-1);
String contentSha256 = BinaryUtils.toHex(hash(payloadStream));
try {
payloadStream.reset();
} catch (IOException e) {
throw new AmazonClientException("Unable to reset stream after calculating AWS4 signature", e);
}
request.addHeader("X-Amz-Date", dateTime);
request.addHeader("x-amz-content-sha256", contentSha256);
String canonicalRequest =
request.getHttpMethod().toString()
+ "\n"
+ super.getCanonicalizedResourcePath(request.getResourcePath())
+ "\n"
+ getCanonicalizedQueryString(request)
+ "\n"
+ getCanonicalizedHeaderString(request)
+ "\n"
+ getSignedHeadersString(request)
+ "\n"
+ contentSha256;
log.debug("AWS4 Canonical Request: '\"" + canonicalRequest + "\"");
String scope = dateStamp + "/" + regionName + "/" + serviceName + "/" + TERMINATOR;
String signingCredentials = sanitizedCredentials.getAWSAccessKeyId() + "/" + scope;
String stringToSign =
ALGORITHM
+ "\n"
+ dateTime
+ "\n"
+ scope
+ "\n"
+ BinaryUtils.toHex(hash(canonicalRequest));
log.debug("AWS4 String to Sign: '\"" + stringToSign + "\"");
// AWS4 uses a series of derived keys, formed by hashing different pieces of data
byte[] kSecret = ("AWS4" + sanitizedCredentials.getAWSSecretKey()).getBytes();
byte[] kDate = sign(dateStamp, kSecret, SigningAlgorithm.HmacSHA256);
byte[] kRegion = sign(regionName, kDate, SigningAlgorithm.HmacSHA256);
byte[] kService = sign(serviceName, kRegion, SigningAlgorithm.HmacSHA256);
byte[] kSigning = sign(TERMINATOR, kService, SigningAlgorithm.HmacSHA256);
byte[] signature = sign(stringToSign.getBytes(), kSigning, SigningAlgorithm.HmacSHA256);
String credentialsAuthorizationHeader = "Credential=" + signingCredentials;
String signedHeadersAuthorizationHeader = "SignedHeaders=" + getSignedHeadersString(request);
String signatureAuthorizationHeader = "Signature=" + BinaryUtils.toHex(signature);
String authorizationHeader =
ALGORITHM
+ " "
+ credentialsAuthorizationHeader
+ ", "
+ signedHeadersAuthorizationHeader
+ ", "
+ signatureAuthorizationHeader;
request.addHeader("Authorization", authorizationHeader);
}