public HttpRequest sign(HttpRequest request) {
    // Grab the needed data to build the signature
    Multimap<String, String> canonicalizedHeadersMap = buildCanonicalizedHeadersMap(request);
    String canonicalizedHeadersString = buildCanonicalizedHeadersString(canonicalizedHeadersMap);
    String signedHeaders = buildSignedHeaders(canonicalizedHeadersMap);
    String date = request.getFirstHeaderOrNull(GlacierHeaders.ALTERNATE_DATE);
    String dateWithoutTimestamp = formatDateWithoutTimestamp(date);
    String method = request.getMethod();
    String endpoint = request.getEndpoint().getRawPath();
    String credentialScope = buildCredentialScope(dateWithoutTimestamp);
    HashCode hashedPayload = buildHashedPayload(request);

    // Task 1: Create a Canonical Request For Signature Version 4.
    HashCode hashedCanonicalRequest =
        buildHashedCanonicalRequest(
            method, endpoint, hashedPayload, canonicalizedHeadersString, signedHeaders);

    // Task 2: Create a String to Sign for Signature Version 4.
    String stringToSign = createStringToSign(date, credentialScope, hashedCanonicalRequest);

    // Task 3: Calculate the AWS Signature Version 4.
    String signature = buildSignature(dateWithoutTimestamp, stringToSign);

    // Sign the request
    String authHeader = buildAuthHeader(identity, credentialScope, signedHeaders, signature);
    request = request.toBuilder().replaceHeader(HttpHeaders.AUTHORIZATION, authHeader).build();
    return request;
  }
예제 #2
0
 public static <T> HttpRequest cleanRequest(HttpRequest returnVal) {
   checkNotNull(returnVal, "http request");
   for (HttpRequestFilter filter : returnVal.getFilters()) returnVal = filter.filter(returnVal);
   return HttpRequest.builder()
       .method(returnVal.getMethod())
       .endpoint(returnVal.getEndpoint())
       .headers(returnVal.getHeaders())
       .payload(returnVal.getPayload())
       .build();
 }
    public Request apply(HttpRequest request) {

      for (HttpRequestFilter filter : request.getFilters()) {
        filter.filter(request);
      }

      RequestBuilder builder = new RequestBuilder(request.getMethod());
      builder.setUrl(request.getEndpoint().toASCIIString());
      Payload payload = request.getPayload();
      if (payload != null) {
        boolean chunked = "chunked".equals(request.getFirstHeaderOrNull("Transfer-Encoding"));

        if (request.getPayload().getContentMetadata().getContentMD5() != null)
          builder.addHeader(
              "Content-MD5",
              CryptoStreams.base64(request.getPayload().getContentMetadata().getContentMD5()));
        if (request.getPayload().getContentMetadata().getContentType() != null)
          builder.addHeader(
              HttpHeaders.CONTENT_TYPE, request.getPayload().getContentMetadata().getContentType());
        if (request.getPayload().getContentMetadata().getContentLanguage() != null)
          builder.addHeader(
              HttpHeaders.CONTENT_LANGUAGE,
              request.getPayload().getContentMetadata().getContentLanguage());
        if (request.getPayload().getContentMetadata().getContentEncoding() != null)
          builder.addHeader(
              HttpHeaders.CONTENT_ENCODING,
              request.getPayload().getContentMetadata().getContentEncoding());
        if (request.getPayload().getContentMetadata().getContentDisposition() != null)
          builder.addHeader(
              "Content-Disposition",
              request.getPayload().getContentMetadata().getContentDisposition());
        if (!chunked) {
          Long length =
              checkNotNull(
                  request.getPayload().getContentMetadata().getContentLength(),
                  "payload.getContentLength");
          builder.addHeader(HttpHeaders.CONTENT_LENGTH, length.toString());
        }
        setPayload(builder, payload);
      } else {
        builder.addHeader(HttpHeaders.CONTENT_LENGTH, "0");
      }

      builder.addHeader(HttpHeaders.USER_AGENT, USER_AGENT);
      for (String header : request.getHeaders().keySet()) {
        for (String value : request.getHeaders().get(header)) {
          builder.addHeader(header, value);
        }
      }

      return builder.build();
    }
  public HttpRequest filter(HttpRequest input) throws HttpException {
    HttpRequest request =
        input.toBuilder().endpoint(input.getEndpoint().toString().replace("%3F", "?")).build();
    String contentHash = hashBody(request.getPayload());
    Multimap<String, String> headers = ArrayListMultimap.create();
    headers.put("X-Ops-Content-Hash", contentHash);
    String timestamp = timeStampProvider.get();
    String toSign =
        createStringToSign(
            request.getMethod(), hashPath(request.getEndpoint().getPath()), contentHash, timestamp);
    headers.put("X-Ops-Userid", creds.get().identity);
    headers.put("X-Ops-Sign", SIGNING_DESCRIPTION);
    request = calculateAndReplaceAuthorizationHeaders(request, toSign);
    headers.put("X-Ops-Timestamp", timestamp);
    utils.logRequest(signatureLog, request, "<<");

    return request.toBuilder().replaceHeaders(headers).build();
  }
    public Request apply(HttpRequest request) {

      for (HttpRequestFilter filter : request.getFilters()) {
        filter.filter(request);
      }

      AsyncHttpClient client = new AsyncHttpClient();
      AsyncHttpClient.BoundRequestBuilder nativeRequestBuilder;
      String endpoint = request.getEndpoint().toASCIIString();
      if (request.getMethod().equals(HttpMethod.HEAD)) {
        nativeRequestBuilder = client.prepareHead(endpoint);
      } else if (request.getMethod().equals(HttpMethod.GET)) {
        nativeRequestBuilder = client.prepareGet(endpoint);
      } else if (request.getMethod().equals(HttpMethod.DELETE)) {
        nativeRequestBuilder = client.prepareDelete(endpoint);
      } else if (request.getMethod().equals(HttpMethod.PUT)) {
        nativeRequestBuilder = client.preparePut(endpoint);
      } else if (request.getMethod().equals(HttpMethod.POST)) {
        nativeRequestBuilder = client.preparePost(endpoint);
      } else {
        throw new UnsupportedOperationException(request.getMethod());
      }
      Payload payload = request.getPayload();
      if (payload != null) {
        boolean chunked = "chunked".equals(request.getFirstHeaderOrNull("Transfer-Encoding"));

        if (request.getPayload().getContentMD5() != null)
          nativeRequestBuilder.addHeader(
              "Content-MD5", CryptoStreams.base64(request.getPayload().getContentMD5()));
        if (request.getPayload().getContentType() != null)
          nativeRequestBuilder.addHeader(
              HttpHeaders.CONTENT_TYPE, request.getPayload().getContentType());
        if (!chunked) {
          Long length =
              checkNotNull(request.getPayload().getContentLength(), "payload.getContentLength");
          nativeRequestBuilder.addHeader(HttpHeaders.CONTENT_LENGTH, length.toString());
        }
        setPayload(nativeRequestBuilder, payload);
      } else {
        nativeRequestBuilder.addHeader(HttpHeaders.CONTENT_LENGTH, "0");
      }

      nativeRequestBuilder.addHeader(HttpHeaders.USER_AGENT, USER_AGENT);
      for (String header : request.getHeaders().keySet()) {
        for (String value : request.getHeaders().get(header)) {
          nativeRequestBuilder.addHeader(header, value);
        }
      }

      return nativeRequestBuilder.build();
    }
예제 #6
0
  static String createStringToSign(
      HttpRequest request, Map<String, String> signedHeaders, String credentialScope) {
    StringBuilder canonicalRequest = new StringBuilder();
    // HTTPRequestMethod + '\n' +
    canonicalRequest.append(request.getMethod()).append("\n");
    // CanonicalURI + '\n' +
    canonicalRequest.append(request.getEndpoint().getPath()).append("\n");
    // CanonicalQueryString + '\n' +
    checkArgument(
        request.getEndpoint().getQuery() == null, "Query parameters not yet supported %s", request);
    canonicalRequest.append("\n");
    // CanonicalHeaders + '\n' +
    for (Map.Entry<String, String> entry : signedHeaders.entrySet()) {
      canonicalRequest.append(entry.getKey()).append(':').append(entry.getValue()).append('\n');
    }
    canonicalRequest.append("\n");

    // SignedHeaders + '\n' +
    canonicalRequest.append(Joiner.on(';').join(signedHeaders.keySet())).append('\n');

    // HexEncode(Hash(Payload))
    String payload = request.getPayload().getRawContent().toString();
    canonicalRequest.append(
        base16().lowerCase().encode(sha256().hashString(payload, UTF_8).asBytes()));

    StringBuilder toSign = new StringBuilder();
    // Algorithm + '\n' +
    toSign.append("AWS4-HMAC-SHA256").append('\n');
    // RequestDate + '\n' +
    toSign.append(signedHeaders.get("x-amz-date")).append('\n');
    // CredentialScope + '\n' +
    toSign.append(credentialScope).append('\n');
    // HexEncode(Hash(CanonicalRequest))
    toSign.append(
        base16()
            .lowerCase()
            .encode(sha256().hashString(canonicalRequest.toString(), UTF_8).asBytes()));

    return toSign.toString();
  }
  @Override
  protected Request convert(HttpRequest request) throws IOException, InterruptedException {
    Request.Builder builder = new Request.Builder();

    builder.url(request.getEndpoint().toString());
    populateHeaders(request, builder);

    RequestBody body = null;
    Payload payload = request.getPayload();

    if (payload != null) {
      Long length =
          checkNotNull(payload.getContentMetadata().getContentLength(), "payload.getContentLength");
      if (length > 0) {
        body = generateRequestBody(request, payload);
      }
    }

    builder.method(request.getMethod(), body);

    return builder.build();
  }
예제 #8
0
 private void appendMethod(HttpRequest request, StringBuilder toSign) {
   toSign.append(request.getMethod()).append("\n");
 }
예제 #9
0
 public T fromHttpRequest(HttpRequest in) {
   return super.fromHttpMessage(in)
       .method(in.getMethod())
       .endpoint(in.getEndpoint())
       .filters(in.getFilters());
 }
  @Override
  protected HttpURLConnection convert(HttpRequest request)
      throws IOException, InterruptedException {
    boolean chunked = "chunked".equals(request.getFirstHeaderOrNull("Transfer-Encoding"));
    URL url = request.getEndpoint().toURL();

    HttpURLConnection connection =
        (HttpURLConnection) url.openConnection(proxyForURI.apply(request.getEndpoint()));
    if (connection instanceof HttpsURLConnection) {
      HttpsURLConnection sslCon = (HttpsURLConnection) connection;
      if (utils.relaxHostname()) sslCon.setHostnameVerifier(verifier);
      if (sslContextSupplier != null) {
        // used for providers which e.g. use certs for authentication (like FGCP)
        // Provider provides SSLContext impl (which inits context with key manager)
        sslCon.setSSLSocketFactory(sslContextSupplier.get().getSocketFactory());
      } else if (utils.trustAllCerts()) {
        sslCon.setSSLSocketFactory(untrustedSSLContextProvider.get().getSocketFactory());
      }
    }
    connection.setConnectTimeout(utils.getConnectionTimeout());
    connection.setReadTimeout(utils.getSocketOpenTimeout());
    connection.setAllowUserInteraction(false);
    // do not follow redirects since https redirects don't work properly
    // ex. Caused by: java.io.IOException: HTTPS hostname wrong: should be
    // <adriancole.s3int0.s3-external-3.amazonaws.com>
    connection.setInstanceFollowRedirects(false);
    try {
      connection.setRequestMethod(request.getMethod());
    } catch (ProtocolException e) {
      try {
        methodField.set(connection, request.getMethod());
      } catch (IllegalAccessException e1) {
        logger.error(e, "could not set request method: ", request.getMethod());
        propagate(e1);
      }
    }

    for (Map.Entry<String, String> entry : request.getHeaders().entries()) {
      connection.setRequestProperty(entry.getKey(), entry.getValue());
    }

    String host = request.getEndpoint().getHost();
    if (request.getEndpoint().getPort() != -1) {
      host += ":" + request.getEndpoint().getPort();
    }
    connection.setRequestProperty(HOST, host);
    if (connection.getRequestProperty(USER_AGENT) == null) {
      connection.setRequestProperty(USER_AGENT, DEFAULT_USER_AGENT);
    }
    Payload payload = request.getPayload();
    if (payload != null) {
      MutableContentMetadata md = payload.getContentMetadata();
      for (Map.Entry<String, String> entry : contentMetadataCodec.toHeaders(md).entries()) {
        connection.setRequestProperty(entry.getKey(), entry.getValue());
      }
      if (chunked) {
        connection.setChunkedStreamingMode(8196);
        writePayloadToConnection(payload, "streaming", connection);
      } else {
        Long length = checkNotNull(md.getContentLength(), "payload.getContentLength");
        // http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6755625
        checkArgument(
            length < Integer.MAX_VALUE,
            "JDK 1.6 does not support >2GB chunks. Use chunked encoding, if possible.");
        if (length > 0) {
          connection.setRequestProperty(CONTENT_LENGTH, length.toString());
          connection.setFixedLengthStreamingMode(length.intValue());
          writePayloadToConnection(payload, length, connection);
        } else {
          writeNothing(connection);
        }
      }
    } else {
      writeNothing(connection);
    }
    return connection;
  }