use of org.apache.hadoop.ozone.s3.signature.SignatureInfo in project ozone by apache.
the class TestAuthorizationV4QueryParser method testWithAWSExample.
@Test
public /**
* Based on https://docs.aws.amazon
* .com/AmazonS3/latest/API/sigv4-query-string-auth.html.
*/
void testWithAWSExample() throws Exception {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("X-Amz-Algorithm", "AWS4-HMAC-SHA256");
queryParams.put("X-Amz-Credential", "AKIAIOSFODNN7EXAMPLE/20130524/us-east-1/s3/aws4_request");
queryParams.put("X-Amz-Date", "20130524T000000Z");
queryParams.put("X-Amz-Expires", "86400");
queryParams.put("X-Amz-SignedHeaders", "host");
queryParams.put("X-Amz-Signature", "aeeed9bbccd4d02ee5c0109b86d86835f995330da4c265957d157751f604d404");
AuthorizationV4QueryParser parser = new AuthorizationV4QueryParser(queryParams) {
@Override
protected void validateDateAndExpires() {
// noop
}
};
final SignatureInfo signatureInfo = parser.parseSignature();
LowerCaseKeyStringMap headers = new LowerCaseKeyStringMap();
headers.put("host", "examplebucket.s3.amazonaws.com");
final String stringToSign = StringToSignProducer.createSignatureBase(signatureInfo, "https", "GET", "/test.txt", headers, queryParams);
Assert.assertEquals("AWS4-HMAC-SHA256\n" + "20130524T000000Z\n" + "20130524/us-east-1/s3/aws4_request\n" + "3bfa292879f6447bbcda7001decf97f4a54dc650c8942174ae0a9121cf58ad04", stringToSign);
}
use of org.apache.hadoop.ozone.s3.signature.SignatureInfo in project ozone by apache.
the class OzoneClientProducer method getSignature.
@Produces
public S3Auth getSignature() {
try {
SignatureInfo signatureInfo = signatureProcessor.parseSignature();
String stringToSign = "";
if (signatureInfo.getVersion() == Version.V4) {
stringToSign = StringToSignProducer.createSignatureBase(signatureInfo, context);
}
String awsAccessId = signatureInfo.getAwsAccessId();
// ONLY validate aws access id when needed.
if (awsAccessId == null || awsAccessId.equals("")) {
LOG.debug("Malformed s3 header. awsAccessID: {}", awsAccessId);
throw ACCESS_DENIED;
}
return new S3Auth(stringToSign, signatureInfo.getSignature(), awsAccessId);
} catch (OS3Exception ex) {
LOG.debug("Error during Client Creation: ", ex);
throw wrapOS3Exception(ex);
} catch (Exception e) {
// For any other critical errors during object creation throw Internal
// error.
LOG.debug("Error during Client Creation: ", e);
throw wrapOS3Exception(S3ErrorTable.newError(INTERNAL_ERROR, null, e));
}
}
use of org.apache.hadoop.ozone.s3.signature.SignatureInfo in project ozone by apache.
the class TestStringToSignProducer method test.
@Test
public void test() throws Exception {
LowerCaseKeyStringMap headers = new LowerCaseKeyStringMap();
headers.put("Content-Length", "123");
headers.put("Host", "0.0.0.0:9878");
headers.put("X-AMZ-Content-Sha256", "Content-SHA");
headers.put("X-AMZ-Date", "123");
headers.put("Content-Type", "ozone/mpu");
headers.put(HeaderPreprocessor.ORIGINAL_CONTENT_TYPE, "streaming");
String authHeader = "AWS4-HMAC-SHA256 Credential=AKIAJWFJK62WUTKNFJJA/20181009/us-east-1" + "/s3/aws4_request, " + "SignedHeaders=host;x-amz-content-sha256;x-amz-date;" + "content-type, " + "Signature" + "=db81b057718d7c1b3b8dffa29933099551c51d787b3b13b9e0f9ebed45982bf2";
headers.put("Authorization", authHeader);
Map<String, String> queryParameters = new HashMap<>();
final SignatureInfo signatureInfo = new AuthorizationV4HeaderParser(authHeader, "123") {
@Override
public void validateDateRange(Credential credentialObj) throws OS3Exception {
// NOOP
}
}.parseSignature();
headers.fixContentType();
final String signatureBase = StringToSignProducer.createSignatureBase(signatureInfo, "http", "GET", "/buckets", headers, queryParameters);
Assert.assertEquals("String to sign is invalid", "AWS4-HMAC-SHA256\n" + "123\n" + "20181009/us-east-1/s3/aws4_request\n" + "f20d4de80af2271545385e8d4c7df608cae70a791c69b97aab1527ed93a0d665", signatureBase);
}
Aggregations