private void validateConfig(S3Config config) { assertNotEmpty(LfsServerText.get().undefinedS3AccessKey, config.getAccessKey()); assertNotEmpty(LfsServerText.get().undefinedS3Bucket, config.getBucket()); assertNotEmpty(LfsServerText.get().undefinedS3Region, config.getRegion()); assertNotEmpty(LfsServerText.get().undefinedS3SecretKey, config.getSecretKey()); assertNotEmpty(LfsServerText.get().undefinedS3StorageClass, config.getStorageClass()); }
@Override public Response.Action getDownloadAction(AnyLongObjectId oid) { URL endpointUrl = getObjectUrl(oid); Map<String, String> queryParams = new HashMap<String, String>(); queryParams.put(X_AMZ_EXPIRES, Integer.toString(s3Config.getExpirationSeconds())); Map<String, String> headers = new HashMap<String, String>(); String authorizationQueryParameters = SignerV4.createAuthorizationQuery( s3Config, endpointUrl, METHOD_GET, headers, queryParams, UNSIGNED_PAYLOAD); Response.Action a = new Response.Action(); a.href = endpointUrl.toString() + "?" + authorizationQueryParameters; //$NON-NLS-1$ return a; }
private URL getObjectUrl(AnyLongObjectId oid) { try { return new URL(String.format("https://s3-%s.amazonaws.com/%s/%s", //$NON-NLS-1$ s3Config.getRegion(), s3Config.getBucket(), getPath(oid))); } catch (MalformedURLException e) { throw new IllegalArgumentException(MessageFormat.format( LfsServerText.get().unparsableEndpoint, e.getMessage())); } }
private static byte[] createSignature(S3Config bucketConfig, String dateTimeStamp, String dateStamp, String scope, String canonicalRequest) { String stringToSign = stringToSign(SCHEME, ALGORITHM, dateTimeStamp, scope, canonicalRequest); byte[] signature = (SCHEME + bucketConfig.getSecretKey()) .getBytes(UTF_8); signature = sign(dateStamp, signature); signature = sign(bucketConfig.getRegion(), signature); signature = sign(S3, signature); signature = sign(TERMINATOR, signature); signature = sign(stringToSign, signature); return signature; } }
Map<String, String> queryParams = new HashMap<String, String>(); queryParams.put(X_AMZ_EXPIRES, Integer.toString(s3Config.getExpirationSeconds())); Map<String, String> headers = new HashMap<String, String>(); HttpClientConnectionFactory f = new HttpClientConnectionFactory(); HttpConnection conn = f.create(new URL(href), proxy); if (s3Config.isDisableSslVerify()) { HttpSupport.disableSslVerify(conn);
String scope = scope(bucketConfig.getRegion(), dateStamp); queryParameters.put(X_AMZ_CREDENTIAL, bucketConfig.getAccessKey() + "/" + scope); //$NON-NLS-1$
private static String formatAuthorizationHeader( S3Config bucketConfig, String canonicalizedHeaderNames, String scope, byte[] signature) { StringBuilder s = new StringBuilder(); s.append(SCHEME).append("-").append(ALGORITHM).append(" "); //$NON-NLS-1$ //$NON-NLS-2$ s.append("Credential=").append(bucketConfig.getAccessKey()).append("/") //$NON-NLS-1$//$NON-NLS-2$ .append(scope).append(","); //$NON-NLS-1$ s.append("SignedHeaders=").append(canonicalizedHeaderNames).append(","); //$NON-NLS-1$ //$NON-NLS-2$ s.append("Signature=").append(toHex(signature)); //$NON-NLS-1$ return s.toString(); }
@Override public Response.Action getUploadAction(AnyLongObjectId oid, long size) { cacheObjectMetaData(oid, size); URL objectUrl = getObjectUrl(oid); Map<String, String> headers = new HashMap<String, String>(); headers.put(X_AMZ_CONTENT_SHA256, oid.getName()); headers.put(HDR_CONTENT_LENGTH, Long.toString(size)); headers.put(X_AMZ_STORAGE_CLASS, s3Config.getStorageClass()); headers.put(HttpSupport.HDR_CONTENT_TYPE, "application/octet-stream"); //$NON-NLS-1$ headers = SignerV4.createHeaderAuthorization(s3Config, objectUrl, METHOD_PUT, headers, oid.getName()); Response.Action a = new Response.Action(); a.href = objectUrl.toString(); a.header = new HashMap<>(); a.header.putAll(headers); return a; }
canonicalizedHeaderNames, canonicalizedHeaders, bodyHash); String dateStamp = dateStamp(now); String scope = scope(bucketConfig.getRegion(), dateStamp);
private URL getObjectUrl(AnyLongObjectId oid) { try { return new URL(String.format("https://s3-%s.amazonaws.com/%s/%s", //$NON-NLS-1$ s3Config.getRegion(), s3Config.getBucket(), getPath(oid))); } catch (MalformedURLException e) { throw new IllegalArgumentException(MessageFormat.format( LfsServerText.get().unparsableEndpoint, e.getMessage())); } }
private static byte[] createSignature(S3Config bucketConfig, String dateTimeStamp, String dateStamp, String scope, String canonicalRequest) { String stringToSign = stringToSign(SCHEME, ALGORITHM, dateTimeStamp, scope, canonicalRequest); byte[] signature = (SCHEME + bucketConfig.getSecretKey()).getBytes(); signature = sign(dateStamp, signature); signature = sign(bucketConfig.getRegion(), signature); signature = sign(S3, signature); signature = sign(TERMINATOR, signature); signature = sign(stringToSign, signature); return signature; } }
Map<String, String> queryParams = new HashMap<>(); queryParams.put(X_AMZ_EXPIRES, Integer.toString(s3Config.getExpirationSeconds())); Map<String, String> headers = new HashMap<>(); HttpClientConnectionFactory f = new HttpClientConnectionFactory(); HttpConnection conn = f.create(new URL(href), proxy); if (s3Config.isDisableSslVerify()) { HttpSupport.disableSslVerify(conn);
String scope = scope(bucketConfig.getRegion(), dateStamp); queryParameters.put(X_AMZ_CREDENTIAL, bucketConfig.getAccessKey() + "/" + scope); //$NON-NLS-1$
private static String formatAuthorizationHeader( S3Config bucketConfig, String canonicalizedHeaderNames, String scope, byte[] signature) { StringBuilder s = new StringBuilder(); s.append(SCHEME).append("-").append(ALGORITHM).append(" "); //$NON-NLS-1$ //$NON-NLS-2$ s.append("Credential=").append(bucketConfig.getAccessKey()).append("/") //$NON-NLS-1$//$NON-NLS-2$ .append(scope).append(","); //$NON-NLS-1$ s.append("SignedHeaders=").append(canonicalizedHeaderNames).append(","); //$NON-NLS-1$ //$NON-NLS-2$ s.append("Signature=").append(toHex(signature)); //$NON-NLS-1$ return s.toString(); }
/** {@inheritDoc} */ @Override public Response.Action getUploadAction(AnyLongObjectId oid, long size) { cacheObjectMetaData(oid, size); URL objectUrl = getObjectUrl(oid); Map<String, String> headers = new HashMap<>(); headers.put(X_AMZ_CONTENT_SHA256, oid.getName()); headers.put(HDR_CONTENT_LENGTH, Long.toString(size)); headers.put(X_AMZ_STORAGE_CLASS, s3Config.getStorageClass()); headers.put(HttpSupport.HDR_CONTENT_TYPE, "application/octet-stream"); //$NON-NLS-1$ headers = SignerV4.createHeaderAuthorization(s3Config, objectUrl, METHOD_PUT, headers, oid.getName()); Response.Action a = new Response.Action(); a.href = objectUrl.toString(); a.header = new HashMap<>(); a.header.putAll(headers); return a; }
canonicalizedHeaderNames, canonicalizedHeaders, bodyHash); String dateStamp = dateStamp(now); String scope = scope(bucketConfig.getRegion(), dateStamp);
private void validateConfig(S3Config config) { assertNotEmpty(LfsServerText.get().undefinedS3AccessKey, config.getAccessKey()); assertNotEmpty(LfsServerText.get().undefinedS3Bucket, config.getBucket()); assertNotEmpty(LfsServerText.get().undefinedS3Region, config.getRegion()); assertNotEmpty(LfsServerText.get().undefinedS3SecretKey, config.getSecretKey()); assertNotEmpty(LfsServerText.get().undefinedS3StorageClass, config.getStorageClass()); }
/** {@inheritDoc} */ @Override public Response.Action getDownloadAction(AnyLongObjectId oid) { URL endpointUrl = getObjectUrl(oid); Map<String, String> queryParams = new HashMap<>(); queryParams.put(X_AMZ_EXPIRES, Integer.toString(s3Config.getExpirationSeconds())); Map<String, String> headers = new HashMap<>(); String authorizationQueryParameters = SignerV4.createAuthorizationQuery( s3Config, endpointUrl, METHOD_GET, headers, queryParams, UNSIGNED_PAYLOAD); Response.Action a = new Response.Action(); a.href = endpointUrl.toString() + "?" + authorizationQueryParameters; //$NON-NLS-1$ return a; }