Class SignerV4

java.lang.Object
org.eclipse.jgit.lfs.server.s3.SignerV4

class SignerV4 extends Object
Signing support for Amazon AWS signing V4

See http://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html

  • Field Details

  • Constructor Details

    • SignerV4

      SignerV4()
  • Method Details

    • createAuthorizationQuery

      static String createAuthorizationQuery(S3Config bucketConfig, URL url, String httpMethod, Map<String,String> headers, Map<String,String> queryParameters, String bodyHash)
      Create an AWSV4 authorization for a request, suitable for embedding in query parameters.
      Parameters:
      bucketConfig - configuration of S3 storage bucket this request should be signed for
      url - HTTP request URL
      httpMethod - HTTP method
      headers - The HTTP request headers; 'Host' and 'X-Amz-Date' will be added to this set.
      queryParameters - Any query parameters that will be added to the endpoint. The parameters should be specified in canonical format.
      bodyHash - Pre-computed SHA256 hash of the request body content; this value should also be set as the header 'X-Amz-Content-SHA256' for non-streaming uploads.
      Returns:
      The computed authorization string for the request. This value needs to be set as the header 'Authorization' on the subsequent HTTP request.
    • formatAuthorizationQuery

      private static String formatAuthorizationQuery(Map<String,String> queryParameters)
    • appendQuery

      private static void appendQuery(StringBuilder s, String key, String value)
    • createHeaderAuthorization

      static Map<String,String> createHeaderAuthorization(S3Config bucketConfig, URL url, String httpMethod, Map<String,String> headers, String bodyHash)
      Sign headers for given bucket, url and HTTP method and add signature in Authorization header.
      Parameters:
      bucketConfig - configuration of S3 storage bucket this request should be signed for
      url - HTTP request URL
      httpMethod - HTTP method
      headers - HTTP headers to sign
      bodyHash - Pre-computed SHA256 hash of the request body content; this value should also be set as the header 'X-Amz-Content-SHA256' for non-streaming uploads.
      Returns:
      HTTP headers signd by an Authorization header added to the headers
    • formatAuthorizationHeader

      private static String formatAuthorizationHeader(S3Config bucketConfig, String canonicalizedHeaderNames, String scope, byte[] signature)
    • addHostHeader

      private static void addHostHeader(URL url, Map<String,String> headers)
    • canonicalizeHeaderNames

      private static String canonicalizeHeaderNames(Map<String,String> headers)
    • canonicalizeHeaderString

      private static String canonicalizeHeaderString(Map<String,String> headers)
    • dateStamp

      private static String dateStamp(Date now)
    • dateTimeStampISO8601

      private static String dateTimeStampISO8601(Date now)
    • scope

      private static String scope(String region, String dateStamp)
    • canonicalizeQueryString

      private static String canonicalizeQueryString(Map<String,String> parameters)
    • canonicalRequest

      private static String canonicalRequest(URL endpoint, String httpMethod, String queryParameters, String canonicalizedHeaderNames, String canonicalizedHeaders, String bodyHash)
    • canonicalizeResourcePath

      private static String canonicalizeResourcePath(URL endpoint)
    • hash

      private static byte[] hash(String s)
    • sign

      private static byte[] sign(String stringData, byte[] key)
    • stringToSign

      private static String stringToSign(String scheme, String algorithm, String dateTime, String scope, String canonicalRequest)
    • toHex

      private static String toHex(byte[] bytes)
    • urlEncode

      private static String urlEncode(String url, boolean keepPathSlash)
    • createSignature

      private static byte[] createSignature(S3Config bucketConfig, String dateTimeStamp, String dateStamp, String scope, String canonicalRequest)