Search in sources :

Example 1 with Aws4PresignerParams

use of software.amazon.awssdk.auth.signer.params.Aws4PresignerParams in project engine by Lumeer.

the class LumeerS3Client method presign.

private static URI presign(final PresignUrlRequest request) {
    String encodedBucket, encodedKey;
    try {
        encodedBucket = URLEncoder.encode(request.bucket(), "UTF-8");
        encodedKey = URLEncoder.encode(request.key(), "UTF-8");
    } catch (UnsupportedEncodingException e) {
        throw new UncheckedIOException(e);
    }
    SdkHttpFullRequest httpRequest = SdkHttpFullRequest.builder().method(request.httpMethod()).protocol("https").host(encodedBucket + "." + request.region().id() + "." + request.endpoint()).encodedPath(request.key()).build();
    Instant expirationTime = request.signatureDuration() == null ? null : Instant.now().plus(request.signatureDuration());
    Aws4PresignerParams presignRequest = Aws4PresignerParams.builder().expirationTime(expirationTime).awsCredentials(request.credentialsProvider().resolveCredentials()).signingName(software.amazon.awssdk.services.s3.S3Client.SERVICE_NAME).signingRegion(request.region()).build();
    return AwsS3V4Signer.create().presign(httpRequest, presignRequest).getUri();
}
Also used : SdkHttpFullRequest(software.amazon.awssdk.http.SdkHttpFullRequest) Instant(java.time.Instant) UnsupportedEncodingException(java.io.UnsupportedEncodingException) Aws4PresignerParams(software.amazon.awssdk.auth.signer.params.Aws4PresignerParams) UncheckedIOException(java.io.UncheckedIOException)

Example 2 with Aws4PresignerParams

use of software.amazon.awssdk.auth.signer.params.Aws4PresignerParams in project aws-sdk-java-v2 by aws.

the class GeneratePreSignUrlInterceptor method modifyHttpRequest.

@Override
public SdkHttpRequest modifyHttpRequest(Context.ModifyHttpRequest context, ExecutionAttributes executionAttributes) {
    SdkHttpRequest request = context.httpRequest();
    SdkRequest originalRequest = context.request();
    if (originalRequest instanceof CopySnapshotRequest) {
        CopySnapshotRequest originalCopySnapshotRequest = (CopySnapshotRequest) originalRequest;
        // Return if presigned url is already specified by the user.
        if (originalCopySnapshotRequest.presignedUrl() != null) {
            return request;
        }
        String serviceName = "ec2";
        // The source regions where the snapshot currently resides.
        String sourceRegion = originalCopySnapshotRequest.sourceRegion();
        String sourceSnapshotId = originalCopySnapshotRequest.sourceSnapshotId();
        /*
             * The region where the snapshot has to be copied from the source.
             * The original copy snap shot request will have the end point set
             * as the destination region in the client before calling this
             * request.
             */
        String destinationRegion = originalCopySnapshotRequest.destinationRegion();
        if (destinationRegion == null) {
            destinationRegion = AwsHostNameUtils.parseSigningRegion(request.host(), serviceName).orElseThrow(() -> new IllegalArgumentException("Could not determine region for " + request.host())).id();
        }
        URI endPointSource = createEndpoint(sourceRegion, serviceName);
        SdkHttpFullRequest requestForPresigning = generateRequestForPresigning(sourceSnapshotId, sourceRegion, destinationRegion).toBuilder().uri(endPointSource).method(SdkHttpMethod.GET).build();
        Aws4Signer signer = Aws4Signer.create();
        Aws4PresignerParams signingParams = getPresignerParams(executionAttributes, sourceRegion, serviceName);
        SdkHttpFullRequest presignedRequest = signer.presign(requestForPresigning, signingParams);
        return request.toBuilder().putRawQueryParameter("DestinationRegion", destinationRegion).putRawQueryParameter("PresignedUrl", presignedRequest.getUri().toString()).build();
    }
    return request;
}
Also used : CopySnapshotRequest(software.amazon.awssdk.services.ec2.model.CopySnapshotRequest) SdkHttpRequest(software.amazon.awssdk.http.SdkHttpRequest) SdkHttpFullRequest(software.amazon.awssdk.http.SdkHttpFullRequest) SdkRequest(software.amazon.awssdk.core.SdkRequest) Aws4PresignerParams(software.amazon.awssdk.auth.signer.params.Aws4PresignerParams) Aws4Signer(software.amazon.awssdk.auth.signer.Aws4Signer) URI(java.net.URI)

Example 3 with Aws4PresignerParams

use of software.amazon.awssdk.auth.signer.params.Aws4PresignerParams in project aws-sdk-java-v2 by aws.

the class RdsPresignInterceptor method presignRequest.

private SdkHttpFullRequest presignRequest(SdkHttpFullRequest request, ExecutionAttributes attributes, String signingRegion) {
    Aws4Signer signer = Aws4Signer.create();
    Aws4PresignerParams presignerParams = Aws4PresignerParams.builder().signingRegion(Region.of(signingRegion)).signingName(SERVICE_NAME).signingClockOverride(signingOverrideClock).awsCredentials(attributes.getAttribute(AWS_CREDENTIALS)).build();
    return signer.presign(request, presignerParams);
}
Also used : Aws4PresignerParams(software.amazon.awssdk.auth.signer.params.Aws4PresignerParams) Aws4Signer(software.amazon.awssdk.auth.signer.Aws4Signer)

Example 4 with Aws4PresignerParams

use of software.amazon.awssdk.auth.signer.params.Aws4PresignerParams in project aws-sdk-java-v2 by aws.

the class DefaultRdsUtilities method generateAuthenticationToken.

@Override
public String generateAuthenticationToken(GenerateAuthenticationTokenRequest request) {
    SdkHttpFullRequest httpRequest = SdkHttpFullRequest.builder().method(SdkHttpMethod.GET).protocol("https").host(request.hostname()).port(request.port()).encodedPath("/").putRawQueryParameter("DBUser", request.username()).putRawQueryParameter("Action", "connect").build();
    Instant expirationTime = Instant.now(clock).plus(EXPIRATION_DURATION);
    Aws4PresignerParams presignRequest = Aws4PresignerParams.builder().signingClockOverride(clock).expirationTime(expirationTime).awsCredentials(resolveCredentials(request).resolveCredentials()).signingName("rds-db").signingRegion(resolveRegion(request)).build();
    SdkHttpFullRequest fullRequest = signer.presign(httpRequest, presignRequest);
    String signedUrl = fullRequest.getUri().toString();
    // Note: This must be the real RDS hostname, not proxy or tunnels
    return StringUtils.replacePrefixIgnoreCase(signedUrl, "https://", "");
}
Also used : SdkHttpFullRequest(software.amazon.awssdk.http.SdkHttpFullRequest) Instant(java.time.Instant) Aws4PresignerParams(software.amazon.awssdk.auth.signer.params.Aws4PresignerParams)

Example 5 with Aws4PresignerParams

use of software.amazon.awssdk.auth.signer.params.Aws4PresignerParams in project aws-sdk-java-v2 by aws.

the class RdsPresignInterceptor method presignRequest.

private SdkHttpFullRequest presignRequest(SdkHttpFullRequest request, ExecutionAttributes attributes, String signingRegion) {
    Aws4Signer signer = Aws4Signer.create();
    Aws4PresignerParams presignerParams = Aws4PresignerParams.builder().signingRegion(Region.of(signingRegion)).signingName(SERVICE_NAME).signingClockOverride(signingOverrideClock).awsCredentials(attributes.getAttribute(AWS_CREDENTIALS)).build();
    return signer.presign(request, presignerParams);
}
Also used : Aws4PresignerParams(software.amazon.awssdk.auth.signer.params.Aws4PresignerParams) Aws4Signer(software.amazon.awssdk.auth.signer.Aws4Signer)

Aggregations

Aws4PresignerParams (software.amazon.awssdk.auth.signer.params.Aws4PresignerParams)6 Aws4Signer (software.amazon.awssdk.auth.signer.Aws4Signer)4 SdkHttpFullRequest (software.amazon.awssdk.http.SdkHttpFullRequest)3 Instant (java.time.Instant)2 UncheckedIOException (java.io.UncheckedIOException)1 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1 URI (java.net.URI)1 SdkRequest (software.amazon.awssdk.core.SdkRequest)1 SdkHttpRequest (software.amazon.awssdk.http.SdkHttpRequest)1 CopySnapshotRequest (software.amazon.awssdk.services.ec2.model.CopySnapshotRequest)1