CloseableHttpClient signingClientForServiceName(String serviceName) { AWS4Signer signer = new AWS4Signer(); signer.setServiceName(serviceName); signer.setRegionName(AWS_REGION); HttpRequestInterceptor interceptor = new AWSRequestSigningApacheInterceptor(serviceName, signer, credentialsProvider); return HttpClients.custom() .addInterceptorLast(interceptor) .build(); }
GenericApiGatewayClient(ClientConfiguration clientConfiguration, String endpoint, Region region, AWSCredentialsProvider credentials, String apiKey, AmazonHttpClient httpClient) { super(clientConfiguration); setRegion(region); setEndpoint(endpoint); this.credentials = credentials; this.apiKey = apiKey; this.signer = new AWS4Signer(); this.signer.setServiceName(API_GATEWAY_SERVICE_NAME); this.signer.setRegionName(region.getName()); final JsonOperationMetadata metadata = new JsonOperationMetadata().withHasStreamingSuccessResponse(false).withPayloadJson(false); final Unmarshaller<GenericApiGatewayResponse, JsonUnmarshallerContext> responseUnmarshaller = in -> new GenericApiGatewayResponse(in.getHttpResponse()); this.responseHandler = SdkStructuredPlainJsonFactory.SDK_JSON_FACTORY.createResponseHandler(metadata, responseUnmarshaller); JsonErrorUnmarshaller defaultErrorUnmarshaller = new JsonErrorUnmarshaller(GenericApiGatewayException.class, null) { @Override public AmazonServiceException unmarshall(JsonNode jsonContent) throws Exception { return new GenericApiGatewayException(jsonContent.toString()); } }; this.errorResponseHandler = SdkStructuredPlainJsonFactory.SDK_JSON_FACTORY.createErrorResponseHandler( Collections.singletonList(defaultErrorUnmarshaller), null); if (httpClient != null) { super.client = httpClient; } }
@Test public void testDefaultSigner() { AmazonTestClient client = new AmazonTestClient(); Assert.assertEquals("test", client.getServiceName()); Assert.assertTrue(client.getSigner() instanceof AWS4Signer); }
private static String getSignedHeaders(AwsIamAuthenticationOptions options) { Map<String, String> headers = createIamRequestHeaders(options); AWS4Signer signer = new AWS4Signer(); DefaultRequest<String> request = new DefaultRequest<>("sts"); request.setContent(new ByteArrayInputStream(REQUEST_BODY.getBytes())); request.setHeaders(headers); request.setHttpMethod(HttpMethodName.POST); request.setEndpoint(options.getEndpointUri()); signer.setServiceName(request.getServiceName()); signer.sign(request, options.getCredentialsProvider().getCredentials()); Map<String, Object> map = new LinkedHashMap<>(); for (Entry<String, String> entry : request.getHeaders().entrySet()) { map.put(entry.getKey(), Collections.singletonList(entry.getValue())); } try { return OBJECT_MAPPER.writeValueAsString(map); } catch (JsonProcessingException e) { throw new IllegalStateException("Cannot serialize headers to JSON", e); } }
@Override public T perform() { AWS4Signer signer = new AWS4Signer(); String region = this.reg.read(); if(region == null || region.isEmpty()) { throw new IllegalStateException("Mandatory sys property aws.es.region not specified!"); } signer.setRegionName(this.reg.read()); signer.setServiceName(this.base.request().getServiceName()); signer.sign(this.base.request(), new AwsCredentialsFromSystem(this.accesskey, this.secretKey)); return this.base.perform(); }
static public String getExpectedAuthorizationHeader(Request request) throws Exception { // create the signable request DefaultRequest signableRequest = new DefaultRequest(null, request.getServiceName()); signableRequest.setEndpoint(new URI("http://" + request.getHost())); signableRequest.setResourcePath(request.getUri()); signableRequest.setHttpMethod(HttpMethodName.valueOf(request.getHttpMethod())); signableRequest.setContent(new StringInputStream(request.getBody())); if (request.getHeaders() != null) signableRequest.setHeaders(request.getHeaders()); if (request.getQueryParams() != null) { Map<String, List<String>> convertedQueryParams = new HashMap<>(); for (String paramName : request.getQueryParams().keySet()) { convertedQueryParams.put(paramName, new ArrayList<>(request.getQueryParams().get(paramName))); } signableRequest.setParameters(convertedQueryParams); } /* Init the signer class Note: Double uri encoding is off simple before the signature does not match the expected signature of the test cases if it is enabled. This was a bit unexpected because AWSElasticsearchClient (AWS SDK Class) enabled double URI encoding in the signer by default. I can only assume that double encoding is needed when accessing the service but not when accessing elasticsearch. */ AWS4Signer aws4Signer = new AWS4Signer(false); aws4Signer.setServiceName(request.getServiceName()); aws4Signer.setRegionName(request.getRegion()); Method method1 = AWS4Signer.class.getDeclaredMethod("setOverrideDate", Date.class); method1.setAccessible(true); method1.invoke(aws4Signer, request.getDate()); aws4Signer.sign(signableRequest, request.getCredentialsProvider().getCredentials()); return (String) signableRequest.getHeaders().get("Authorization"); }
private void init() { exceptionUnmarshallers = new ArrayList<JsonErrorUnmarshaller>(); exceptionUnmarshallers.add(new JsonErrorUnmarshaller()); signer = new AWS4Signer(); signer.setServiceName(SERVICE_NAME); setServiceNameIntern(SERVICE_NAME); HandlerChainFactory chainFactory = new HandlerChainFactory(); requestHandler2s.addAll(chainFactory.newRequestHandlerChain("/com.ivona.services/tts/request.handlers")); requestHandler2s.addAll(chainFactory.newRequestHandlerChain("/com.ivona.services/tts/request.handler2s")); }
@VisibleForTesting void setRequestSigner(AWS4Signer signer) { this.requestSigner = signer; }
