/** * Check to see if a {@link URI} has not been signed already. * * @param uri * The {@link URI} to check to see if it was not signed. * @return True if not signed, false if signed. */ public static boolean isNotSigned(URI uri) { return !isSigned(uri); }
Properties encryptionKeys, boolean strict) { ResourceRequest resourceRequest = new ResourceRequest(); List<NameValuePair> queryParameters = parseQueryString(queryString); if (!getQueryStringParameters(resourceRequest, queryParameters)) { return resourceRequest; if (!policyMatchesSignature(policy, resourceRequest.getSignature(), encryptionKey)) { resourceRequest.setStatus(Status.Forbidden); try {
&& ResourceRequestUtil.isNotSigned(httpUriRequest.getURI()) && urlSigningService.accepts(httpUriRequest.getURI().toString())) { logger.trace("Signing request with method: {} and URI: {}", httpUriRequest.getMethod(), httpUriRequest.getURI()
@Override public String sign(Policy policy) throws UrlSigningException { if (!accepts(policy.getBaseUrl())) { throw UrlSigningException.urlNotSupported(); } // Get the key that matches this URI since there must be one that matches as the base url has been accepted. KeyEntry keyEntry = getKeyEntry(policy.getBaseUrl()); policy.setResourceStrategy(getResourceStrategy()); try { URI uri = new URI(policy.getBaseUrl()); List<NameValuePair> queryStringParameters = new ArrayList<>(); if (uri.getQuery() != null) { queryStringParameters = URLEncodedUtils.parse(new URI(policy.getBaseUrl()).getQuery(), StandardCharsets.UTF_8); } queryStringParameters.addAll(URLEncodedUtils.parse( ResourceRequestUtil.policyToResourceRequestQueryString(policy, keyEntry.getId(), keyEntry.getKey()), StandardCharsets.UTF_8)); return new URI(uri.getScheme(), null, uri.getHost(), uri.getPort(), uri.getPath(), URLEncodedUtils.format(queryStringParameters, StandardCharsets.UTF_8), null).toString(); } catch (Exception e) { getLogger().error("Unable to create signed URL because {}", ExceptionUtils.getStackTrace(e)); throw new UrlSigningException(e); } }
/** * Transform a {@link Policy} into a {@link ResourceRequest} query string. * * @param policy * The {@link Policy} to use in the {@link ResourceRequest} * @param encryptionKeyId * The id of the encryption key. * @param encryptionKey * The actual encryption key. * @return A query string created from the policy. * @throws Exception * Thrown if there is a problem encoding or encrypting the policy. */ public static String policyToResourceRequestQueryString(Policy policy, String encryptionKeyId, String encryptionKey) throws Exception { ResourceRequest resourceRequest = new ResourceRequest(); resourceRequest.setEncodedPolicy(PolicyUtils.toBase64EncodedPolicy(policy)); resourceRequest.setEncryptionKeyId(encryptionKeyId); resourceRequest.setSignature(PolicyUtils.getPolicySignature(policy, encryptionKey)); return resourceRequestToQueryString(resourceRequest); }