Package org.eclipse.jgit.lfs.server.s3
Class SignerV4
java.lang.Object
org.eclipse.jgit.lfs.server.s3.SignerV4
Signing support for Amazon AWS signing V4
See http://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate static final Stringprivate static final Stringprivate static final Stringprivate static final Stringprivate static final Stringprivate static final Stringprivate static final Stringprivate static final String(package private) static final Stringprivate static final Stringprivate static final String(package private) static final Stringprivate static final Stringprivate static final String(package private) static final Stringprivate static final Stringprivate static final String(package private) static final String -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprivate static voidaddHostHeader(URL url, Map<String, String> headers) private static voidappendQuery(StringBuilder s, String key, String value) private static StringcanonicalizeHeaderNames(Map<String, String> headers) private static StringcanonicalizeHeaderString(Map<String, String> headers) private static StringcanonicalizeQueryString(Map<String, String> parameters) private static StringcanonicalizeResourcePath(URL endpoint) private static StringcanonicalRequest(URL endpoint, String httpMethod, String queryParameters, String canonicalizedHeaderNames, String canonicalizedHeaders, String bodyHash) (package private) static StringcreateAuthorizationQuery(S3Config bucketConfig, URL url, String httpMethod, Map<String, String> headers, Map<String, String> queryParameters, String bodyHash) Create an AWSV4 authorization for a request, suitable for embedding in query parameters.createHeaderAuthorization(S3Config bucketConfig, URL url, String httpMethod, Map<String, String> headers, String bodyHash) Sign headers for given bucket, url and HTTP method and add signature in Authorization header.private static byte[]createSignature(S3Config bucketConfig, String dateTimeStamp, String dateStamp, String scope, String canonicalRequest) private static Stringprivate static StringdateTimeStampISO8601(Date now) private static StringformatAuthorizationHeader(S3Config bucketConfig, String canonicalizedHeaderNames, String scope, byte[] signature) private static StringformatAuthorizationQuery(Map<String, String> queryParameters) private static byte[]private static Stringprivate static byte[]private static StringstringToSign(String scheme, String algorithm, String dateTime, String scope, String canonicalRequest) private static StringtoHex(byte[] bytes) private static String
-
Field Details
-
UNSIGNED_PAYLOAD
- See Also:
-
ALGORITHM
- See Also:
-
DATE_STRING_FORMAT
- See Also:
-
HEX
- See Also:
-
HMACSHA256
- See Also:
-
ISO8601_BASIC_FORMAT
- See Also:
-
S3
- See Also:
-
SCHEME
- See Also:
-
TERMINATOR
- See Also:
-
UTC
- See Also:
-
X_AMZ_ALGORITHM
- See Also:
-
X_AMZ_CREDENTIAL
- See Also:
-
X_AMZ_DATE
- See Also:
-
X_AMZ_SIGNATURE
- See Also:
-
X_AMZ_SIGNED_HEADERS
- See Also:
-
X_AMZ_CONTENT_SHA256
- See Also:
-
X_AMZ_EXPIRES
- See Also:
-
X_AMZ_STORAGE_CLASS
- See Also:
-
-
Constructor Details
-
SignerV4
SignerV4()
-
-
Method Details
-
createAuthorizationQuery
static String createAuthorizationQuery(S3Config bucketConfig, URL url, String httpMethod, Map<String, String> headers, Map<String, String> queryParameters, String bodyHash) Create an AWSV4 authorization for a request, suitable for embedding in query parameters.- Parameters:
bucketConfig- configuration of S3 storage bucket this request should be signed forurl- HTTP request URLhttpMethod- HTTP methodheaders- The HTTP request headers; 'Host' and 'X-Amz-Date' will be added to this set.queryParameters- Any query parameters that will be added to the endpoint. The parameters should be specified in canonical format.bodyHash- Pre-computed SHA256 hash of the request body content; this value should also be set as the header 'X-Amz-Content-SHA256' for non-streaming uploads.- Returns:
- The computed authorization string for the request. This value needs to be set as the header 'Authorization' on the subsequent HTTP request.
-
formatAuthorizationQuery
-
appendQuery
-
createHeaderAuthorization
static Map<String,String> createHeaderAuthorization(S3Config bucketConfig, URL url, String httpMethod, Map<String, String> headers, String bodyHash) Sign headers for given bucket, url and HTTP method and add signature in Authorization header.- Parameters:
bucketConfig- configuration of S3 storage bucket this request should be signed forurl- HTTP request URLhttpMethod- HTTP methodheaders- HTTP headers to signbodyHash- Pre-computed SHA256 hash of the request body content; this value should also be set as the header 'X-Amz-Content-SHA256' for non-streaming uploads.- Returns:
- HTTP headers signd by an Authorization header added to the headers
-
formatAuthorizationHeader
-
addHostHeader
-
canonicalizeHeaderNames
-
canonicalizeHeaderString
-
dateStamp
-
dateTimeStampISO8601
-
scope
-
canonicalizeQueryString
-
canonicalRequest
-
canonicalizeResourcePath
-
hash
-
sign
-
stringToSign
-
toHex
-
urlEncode
-
createSignature
-