/** * Indicates whether the Gateway is currently deployed in AWS environment * by returning true. Otherwise, it returns false. * * It could either be DevPay or non-DevPay license. * * @return boolean */ public static boolean isDeployedToAWS() { try { // Ping the AWS-specific meta-data URL to figure out whether the // Gateway is deployed in a AWS Cloud environment. invokeUrl("http://169.254.169.254/latest/meta-data"); } catch (IOException ex) { return false; } return true; }
public static String base64Encode(byte[] data) { if (data == null) { return null; } return encodeBase64String(ByteBuffer.wrap(data)); }
public static String encodeHexString(byte[] data) { byte[] out = encodeHex(data); return new String(out); }
throw new IllegalArgumentException("Conflicting multicast discovery addresses in cluster configuration"); } else if (multicastAddressesCount > 0) { if (AwsUtils.isDeployedToAWS() && !InternalSystemProperty.CLUSTER_BYPASS_AWS_CHECK.getBooleanProperty(gatewayConfiguration)) { throw new IllegalArgumentException("Multicast cluster configuration not supported on AWS, use " + "aws://security-group/<security-group-name> in connect tag"); groupName = AwsUtils.getSecurityGroupName(); awsConfig.setAccessKey(connectOptions.getAwsAccessKeyId()); awsConfig.setSecretKey(connectOptions.getAwsSecretKey()); awsConfig.setRegion(AwsUtils.getRegion()); awsConfig.setSecurityGroupName(groupName); String localIPv4 = AwsUtils.getLocalIPv4(); networkConfig.getInterfaces().setEnabled(true); networkConfig.getInterfaces().clear();
/** * Returns the AccountId of the user who is running the instance. * * @return String representing the AccountId or the owner-id * @throws java.io.IOException if failed to retrieve the AccountId using the * Cloud infrastructure */ public static String getAccountId() throws IOException { // Get the MAC address of the machine. String macUrl = getMetadataUrl() + "/network/interfaces/macs/"; String mac = invokeUrl(macUrl).trim(); // Use the MAC address to obtain the owner-id or the // AWS AccountId. String idUrl = macUrl + mac + "owner-id"; String acctId = invokeUrl(idUrl).trim(); assert acctId != null; return acctId; }
params.put("SignatureMethod", HMAC_SHA256_ALGORITHM); params.put("SignatureVersion", "2"); params.put("Timestamp", getTimestamp()); String canonicalQS = getV2CanonicalizedQueryString(params); String stringToSign = requestMethod + "\n" + endpoint + "\n" + requestURI + "\n" + canonicalQS; String signature = createSignature(stringToSign, awsSecretKey, HMAC_SHA256_ALGORITHM);
params.put("Timestamp", getTimestamp()); String stringToSign = getV1StringToSign(params); String signature = createV1Signature(stringToSign, awsSecretKey, HMAC_SHA1_ALGORITHM);
private static String createSignature(String stringToSign, String awsSecretKey, String algorithm) throws SignatureException { assert stringToSign != null; assert awsSecretKey != null; assert algorithm != null; String signature; try { byte[] secretyKeyBytes = awsSecretKey.getBytes(UTF8_CHARSET); SecretKeySpec secretKeySpec = new SecretKeySpec(secretyKeyBytes, algorithm); Mac mac = Mac.getInstance(algorithm); mac.init(secretKeySpec); byte[] data = stringToSign.getBytes(UTF8_CHARSET); byte[] rawHmac = mac.doFinal(data); signature = rfc3986Conformance(new String(Codec.base64Encode(rawHmac))); } catch (Exception e) { throw new SignatureException("Failed to generate HMAC : " + e.getMessage()); } return signature; }
public static String base64Decode(String data) { if (data == null) { return null; } return decodeBase64(data).asCharBuffer().toString(); }
private static String createV1Signature(String stringToSign, String awsSecretKey, String algorithm) throws SignatureException { String signature; if ((stringToSign == null) || (awsSecretKey == null) || (algorithm == null)) { return null; } try { byte[] secretyKeyBytes = awsSecretKey.getBytes(); SecretKeySpec secretKeySpec = new SecretKeySpec(secretyKeyBytes, algorithm); Mac mac = Mac.getInstance(algorithm); mac.init(secretKeySpec); byte[] data = stringToSign.getBytes(); byte[] rawHmac = mac.doFinal(data); signature = Codec.base64Encode(rawHmac); } catch (Exception e) { throw new SignatureException("Failed to generate HMAC : " + e.getMessage()); } return signature; }
private static String getV2CanonicalizedQueryString(Map<String, String> params) { assert params != null && !params.isEmpty(); SortedMap<String, String> sortedMap = new TreeMap<>(params); // Remove "Signature" parameter, if added. sortedMap.remove("Signature"); StringBuffer buffer = new StringBuffer(); Iterator<Map.Entry<String, String>> iter = sortedMap.entrySet().iterator(); while (iter.hasNext()) { Map.Entry<String, String> kvpair = iter.next(); buffer.append(rfc3986Conformance(kvpair.getKey())); buffer.append("="); buffer.append(rfc3986Conformance(kvpair.getValue())); if (iter.hasNext()) { buffer.append("&"); } } return buffer.toString(); }
response = getResponse(inStream); inStream.close(); response = getResponse(inStream);
int clusterPort, int collectionLength) { if (!AwsUtils.isDeployedToAWS() || !processing.equals("<connect>")) { GL.error("ha", "Unrecognized scheme {} for {} in {}", getScheme(uri), processing, uri);
/** * Returns the region in which the instance is running. * * @return String representing the region where the instance is * running * @throws java.io.IOException if failed to retrieve the region information * using the Cloud infrastructure */ public static String getRegion() throws IOException { String url = getMetadataUrl() + "/placement/availability-zone"; String zone = invokeUrl(url); zone = zone.trim(); // In case of AWS, the zone includes an extra character // at the end such as "us-east-1a", "us-east-1b", "eu-west-1a", // etc. We have to strip that last character to get the // correct region. String region = zone.substring(0, zone.length() - 1); assert region != null; return region; }
/** * Returns the local address (IPv4) of the instance. The local address * is defined to be * Public IP address if launched with direct addressing; private IP * address if launched with public addressing. * * @return local IP address (IPv4) of the instance * @throws java.io.IOException */ public static String getLocalIPv4() throws IOException { String url = getMetadataUrl() + "/local-ipv4"; String localIPv4 = invokeUrl(url); if ((localIPv4 == null) || (localIPv4.trim().length() == 0)) { String msg = "No local IPv4 assigned to the instance"; throw new IllegalStateException(msg); } return localIPv4.trim(); }
/** * Returns the name of the security group from the list that is * obtained from the resource vendor. An instance may belong to multiple * security groups. And, the list of security groups obtained from the * vendor may not be ordered. If the vendor supports the notion of * a default security group, then that should be returned. Otherwise, * the implementation will be vendor-specific. * * @return * @throws java.io.IOException */ public static String getSecurityGroupName() throws IOException { // For AWS, we are returning the first security group from the list // that is obtained by querying the meta-data. String url = getMetadataUrl() + "/security-groups"; String groups = invokeUrl(url); if ((groups == null) || (groups.trim().length() == 0)) { String msg = "No security-group assigned to the instance"; throw new IllegalStateException(msg); } StringTokenizer tokenizer = new StringTokenizer(groups, "\n"); return tokenizer.nextToken(); // We only need the first one. }