Search in sources :

Example 1 with SignatureInfo

use of org.apache.hadoop.ozone.s3.signature.SignatureInfo in project ozone by apache.

the class TestAuthorizationV4QueryParser method testWithAWSExample.

@Test
public /**
 * Based on https://docs.aws.amazon
 * .com/AmazonS3/latest/API/sigv4-query-string-auth.html.
 */
void testWithAWSExample() throws Exception {
    Map<String, String> queryParams = new HashMap<>();
    queryParams.put("X-Amz-Algorithm", "AWS4-HMAC-SHA256");
    queryParams.put("X-Amz-Credential", "AKIAIOSFODNN7EXAMPLE/20130524/us-east-1/s3/aws4_request");
    queryParams.put("X-Amz-Date", "20130524T000000Z");
    queryParams.put("X-Amz-Expires", "86400");
    queryParams.put("X-Amz-SignedHeaders", "host");
    queryParams.put("X-Amz-Signature", "aeeed9bbccd4d02ee5c0109b86d86835f995330da4c265957d157751f604d404");
    AuthorizationV4QueryParser parser = new AuthorizationV4QueryParser(queryParams) {

        @Override
        protected void validateDateAndExpires() {
        // noop
        }
    };
    final SignatureInfo signatureInfo = parser.parseSignature();
    LowerCaseKeyStringMap headers = new LowerCaseKeyStringMap();
    headers.put("host", "examplebucket.s3.amazonaws.com");
    final String stringToSign = StringToSignProducer.createSignatureBase(signatureInfo, "https", "GET", "/test.txt", headers, queryParams);
    Assert.assertEquals("AWS4-HMAC-SHA256\n" + "20130524T000000Z\n" + "20130524/us-east-1/s3/aws4_request\n" + "3bfa292879f6447bbcda7001decf97f4a54dc650c8942174ae0a9121cf58ad04", stringToSign);
}
Also used : HashMap(java.util.HashMap) LowerCaseKeyStringMap(org.apache.hadoop.ozone.s3.signature.AWSSignatureProcessor.LowerCaseKeyStringMap) Test(org.junit.Test)

Example 2 with SignatureInfo

use of org.apache.hadoop.ozone.s3.signature.SignatureInfo in project ozone by apache.

the class OzoneClientProducer method getSignature.

@Produces
public S3Auth getSignature() {
    try {
        SignatureInfo signatureInfo = signatureProcessor.parseSignature();
        String stringToSign = "";
        if (signatureInfo.getVersion() == Version.V4) {
            stringToSign = StringToSignProducer.createSignatureBase(signatureInfo, context);
        }
        String awsAccessId = signatureInfo.getAwsAccessId();
        // ONLY validate aws access id when needed.
        if (awsAccessId == null || awsAccessId.equals("")) {
            LOG.debug("Malformed s3 header. awsAccessID: {}", awsAccessId);
            throw ACCESS_DENIED;
        }
        return new S3Auth(stringToSign, signatureInfo.getSignature(), awsAccessId);
    } catch (OS3Exception ex) {
        LOG.debug("Error during Client Creation: ", ex);
        throw wrapOS3Exception(ex);
    } catch (Exception e) {
        // For any other critical errors during object creation throw Internal
        // error.
        LOG.debug("Error during Client Creation: ", e);
        throw wrapOS3Exception(S3ErrorTable.newError(INTERNAL_ERROR, null, e));
    }
}
Also used : SignatureInfo(org.apache.hadoop.ozone.s3.signature.SignatureInfo) S3Auth(org.apache.hadoop.ozone.om.protocol.S3Auth) OS3Exception(org.apache.hadoop.ozone.s3.exception.OS3Exception) OS3Exception(org.apache.hadoop.ozone.s3.exception.OS3Exception) IOException(java.io.IOException) WebApplicationException(javax.ws.rs.WebApplicationException) Produces(javax.enterprise.inject.Produces)

Example 3 with SignatureInfo

use of org.apache.hadoop.ozone.s3.signature.SignatureInfo in project ozone by apache.

the class TestStringToSignProducer method test.

@Test
public void test() throws Exception {
    LowerCaseKeyStringMap headers = new LowerCaseKeyStringMap();
    headers.put("Content-Length", "123");
    headers.put("Host", "0.0.0.0:9878");
    headers.put("X-AMZ-Content-Sha256", "Content-SHA");
    headers.put("X-AMZ-Date", "123");
    headers.put("Content-Type", "ozone/mpu");
    headers.put(HeaderPreprocessor.ORIGINAL_CONTENT_TYPE, "streaming");
    String authHeader = "AWS4-HMAC-SHA256 Credential=AKIAJWFJK62WUTKNFJJA/20181009/us-east-1" + "/s3/aws4_request, " + "SignedHeaders=host;x-amz-content-sha256;x-amz-date;" + "content-type, " + "Signature" + "=db81b057718d7c1b3b8dffa29933099551c51d787b3b13b9e0f9ebed45982bf2";
    headers.put("Authorization", authHeader);
    Map<String, String> queryParameters = new HashMap<>();
    final SignatureInfo signatureInfo = new AuthorizationV4HeaderParser(authHeader, "123") {

        @Override
        public void validateDateRange(Credential credentialObj) throws OS3Exception {
        // NOOP
        }
    }.parseSignature();
    headers.fixContentType();
    final String signatureBase = StringToSignProducer.createSignatureBase(signatureInfo, "http", "GET", "/buckets", headers, queryParameters);
    Assert.assertEquals("String to sign is invalid", "AWS4-HMAC-SHA256\n" + "123\n" + "20181009/us-east-1/s3/aws4_request\n" + "f20d4de80af2271545385e8d4c7df608cae70a791c69b97aab1527ed93a0d665", signatureBase);
}
Also used : HashMap(java.util.HashMap) LowerCaseKeyStringMap(org.apache.hadoop.ozone.s3.signature.AWSSignatureProcessor.LowerCaseKeyStringMap) OS3Exception(org.apache.hadoop.ozone.s3.exception.OS3Exception) Test(org.junit.Test)

Aggregations

HashMap (java.util.HashMap)2 OS3Exception (org.apache.hadoop.ozone.s3.exception.OS3Exception)2 LowerCaseKeyStringMap (org.apache.hadoop.ozone.s3.signature.AWSSignatureProcessor.LowerCaseKeyStringMap)2 Test (org.junit.Test)2 IOException (java.io.IOException)1 Produces (javax.enterprise.inject.Produces)1 WebApplicationException (javax.ws.rs.WebApplicationException)1 S3Auth (org.apache.hadoop.ozone.om.protocol.S3Auth)1 SignatureInfo (org.apache.hadoop.ozone.s3.signature.SignatureInfo)1