public class AWS4Signer extends AbstractAWSSigner implements ServiceAwareSigner, RegionAwareSigner, Presigner, EndpointPrefixAwareSigner, RegionFromEndpointResolverAwareSigner
Modifier and Type | Field and Description |
---|---|
protected boolean |
doubleUrlEncode
Whether double url-encode the resource path when constructing the
canonical request.
|
protected static InternalLogApi |
log |
protected Date |
overriddenDate
Date override for testing only
|
protected String |
regionName
Region name override for use when the endpoint can't be used to determine
the region name.
|
protected String |
serviceName
Service name override for use when the endpoint can't be used to
determine the service name.
|
EMPTY_STRING_SHA256_HEX
Constructor and Description |
---|
AWS4Signer()
Construct a new AWS4 signer instance.
|
AWS4Signer(boolean doubleUrlEncoding)
Construct a new AWS4 signer instance.
|
AWS4Signer(SdkClock clock) |
Modifier and Type | Method and Description |
---|---|
protected void |
addHostHeader(SignableRequest<?> request) |
protected void |
addSessionCredentials(SignableRequest<?> request,
AWSSessionCredentials credentials)
Adds session credentials to the request given.
|
protected String |
calculateContentHash(SignableRequest<?> request)
Calculate the hash of the request's payload.
|
protected String |
calculateContentHashPresign(SignableRequest<?> request)
Calculate the hash of the request's payload.
|
protected byte[] |
computeSignature(String stringToSign,
byte[] signingKey,
AWS4SignerRequestParams signerRequestParams)
Step 3 of the AWS Signature version 4 calculation.
|
protected String |
createCanonicalRequest(SignableRequest<?> request,
String contentSha256)
Step 1 of the AWS Signature version 4 calculation.
|
protected String |
createStringToSign(String canonicalRequest,
AWS4SignerRequestParams signerParams)
Step 2 of the AWS Signature version 4 calculation.
|
protected String |
getCanonicalizedHeaderString(SignableRequest<?> request) |
Date |
getOverriddenDate()
Returns a copy of date that overrides the signing date in the request.
|
String |
getRegionName()
Returns the region name that is used when calculating the signature.
|
String |
getServiceName()
Returns the service name that is used when calculating the signature.
|
protected String |
getSignedHeadersString(SignableRequest<?> request) |
protected byte[] |
newSigningKey(AWSCredentials credentials,
String dateStamp,
String regionName,
String serviceName)
Generates a new signing key from the given parameters and returns it.
|
void |
presignRequest(SignableRequest<?> request,
AWSCredentials credentials,
Date userSpecifiedExpirationDate)
Signs the request by adding the signature to the URL rather than as a
header.
|
protected void |
processRequestPayload(SignableRequest<?> request,
byte[] signature,
byte[] signingKey,
AWS4SignerRequestParams signerRequestParams)
Subclass could override this method to perform any additional procedure
on the request payload, with access to the result from signing the
header.
|
void |
setEndpointPrefix(String endpointPrefix)
Sets the endpoint prefix which is used to compute the region that is
used for signing the request.
|
void |
setOverrideDate(Date overriddenDate)
Sets the date that overrides the signing date in the request.
|
void |
setRegionFromEndpointResolver(RegionFromEndpointResolver resolver)
Set the
RegionFromEndpointResolver to use when converting an endpoint into a region. |
void |
setRegionName(String regionName)
Sets the region name that this signer should use when calculating request
signatures.
|
void |
setServiceName(String serviceName)
Sets the service name that this signer should use when calculating
request signatures.
|
protected boolean |
shouldExcludeHeaderFromSigning(String header) |
void |
sign(SignableRequest<?> request,
AWSCredentials credentials)
Sign the given request with the given set of credentials.
|
getBinaryRequestPayload, getBinaryRequestPayloadStream, getBinaryRequestPayloadStreamWithoutQueryParams, getBinaryRequestPayloadWithoutQueryParams, getCanonicalizedEndpoint, getCanonicalizedQueryString, getCanonicalizedQueryString, getCanonicalizedResourcePath, getCanonicalizedResourcePath, getRequestPayload, getRequestPayloadWithoutQueryParams, getSignatureDate, getTimeOffset, hash, hash, hash, newString, sanitizeCredentials, sign, sign, signAndBase64Encode, signAndBase64Encode, signWithMac
protected static final InternalLogApi log
protected String serviceName
protected String regionName
protected Date overriddenDate
protected boolean doubleUrlEncode
public AWS4Signer()
public AWS4Signer(boolean doubleUrlEncoding)
doubleUrlEncoding
- Whether double url-encode the resource path when constructing
the canonical request.public AWS4Signer(SdkClock clock)
public void setServiceName(String serviceName)
setServiceName
in interface ServiceAwareSigner
serviceName
- The service name to use when calculating signatures in this
signer.public void setRegionName(String regionName)
setRegionName
in interface RegionAwareSigner
regionName
- The region name to use when calculating signatures in this
signer.public void setEndpointPrefix(String endpointPrefix)
AWS4SignerRequestParams
class which
has the logic to compute region.setEndpointPrefix
in interface EndpointPrefixAwareSigner
endpointPrefix
- The endpoint prefix of the servicepublic void setOverrideDate(Date overriddenDate)
public void setRegionFromEndpointResolver(RegionFromEndpointResolver resolver)
RegionFromEndpointResolverAwareSigner
RegionFromEndpointResolver
to use when converting an endpoint into a region.setRegionFromEndpointResolver
in interface RegionFromEndpointResolverAwareSigner
public String getRegionName()
public String getServiceName()
public Date getOverriddenDate()
public void sign(SignableRequest<?> request, AWSCredentials credentials)
Signer
public void presignRequest(SignableRequest<?> request, AWSCredentials credentials, Date userSpecifiedExpirationDate)
Presigner
presignRequest
in interface Presigner
request
- The request to sign.credentials
- The credentials to sign it with.userSpecifiedExpirationDate
- The time when this presigned URL will expire.protected String createCanonicalRequest(SignableRequest<?> request, String contentSha256)
protected String createStringToSign(String canonicalRequest, AWS4SignerRequestParams signerParams)
protected final byte[] computeSignature(String stringToSign, byte[] signingKey, AWS4SignerRequestParams signerRequestParams)
protected void addSessionCredentials(SignableRequest<?> request, AWSSessionCredentials credentials)
AbstractAWSSigner
addSessionCredentials
in class AbstractAWSSigner
request
- The request to add session credentials information tocredentials
- The session credentials to add to the requestprotected String getCanonicalizedHeaderString(SignableRequest<?> request)
protected String getSignedHeadersString(SignableRequest<?> request)
protected boolean shouldExcludeHeaderFromSigning(String header)
protected void addHostHeader(SignableRequest<?> request)
protected String calculateContentHash(SignableRequest<?> request)
protected void processRequestPayload(SignableRequest<?> request, byte[] signature, byte[] signingKey, AWS4SignerRequestParams signerRequestParams)
protected String calculateContentHashPresign(SignableRequest<?> request)
protected byte[] newSigningKey(AWSCredentials credentials, String dateStamp, String regionName, String serviceName)
Copyright © 2023. All rights reserved.