/** * Determine if the policy matches the encrypted signature. * * @param policy * The policy to compare to the encrypted signature. * @param signature * The encrypted policy that was sent. * @param encryptionKey * The encryption key to use to encrypt the policy. * @return If the policy encrypted matches the signature. */ protected static boolean policyMatchesSignature(Policy policy, String signature, String encryptionKey) { try { String encryptedPolicy = PolicyUtils.getPolicySignature(policy, encryptionKey); return signature.equals(encryptedPolicy); } catch (Exception e) { logger.warn("Unable to encrypt policy because {}", ExceptionUtils.getStackTrace(e)); return false; } }
resourceRequest.setStatus(Status.Forbidden); try { String policySignature = PolicyUtils.getPolicySignature(policy, encryptionKey); resourceRequest .setRejectionReason(String
/** * Transform a {@link Policy} into a {@link ResourceRequest} query string. * * @param policy * The {@link Policy} to use in the {@link ResourceRequest} * @param encryptionKeyId * The id of the encryption key. * @param encryptionKey * The actual encryption key. * @return A query string created from the policy. * @throws Exception * Thrown if there is a problem encoding or encrypting the policy. */ public static String policyToResourceRequestQueryString(Policy policy, String encryptionKeyId, String encryptionKey) throws Exception { ResourceRequest resourceRequest = new ResourceRequest(); resourceRequest.setEncodedPolicy(PolicyUtils.toBase64EncodedPolicy(policy)); resourceRequest.setEncryptionKeyId(encryptionKeyId); resourceRequest.setSignature(PolicyUtils.getPolicySignature(policy, encryptionKey)); return resourceRequestToQueryString(resourceRequest); }