Apache
/
jclouds
mirror of https://github.com/apache/jclouds.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

JCLOUDS-255: Consistently use query string auth 

Fixes regressions introduced in
7a110b31ba.
This commit is contained in:
Andrew Gaul 2017-04-18 20:40:45 -07:00
parent 7a110b31ba
commit db00f679ef
4 changed files with 67 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
apis/s3/src/main/java/org/jclouds/s3/blobstore/S3BlobRequestSigner.java
View File

@ -41,6 +41,9 @@ import com.google.common.reflect.Invokable;
@Singleton
public class S3BlobRequestSigner<T extends S3Client> implements BlobRequestSigner {
/** Matches Amazon default when Expiry parameter not present. */
private static final int DEFAULT_EXPIRY_SECONDS = 15 * 60;
private final RequestAuthorizeSignature authSigner;
protected final RestAnnotationProcessor processor;
@ -67,9 +70,7 @@ public class S3BlobRequestSigner<T extends S3Client> implements BlobRequestSigne
@Override
public HttpRequest signGetBlob(String container, String name) {
checkNotNull(container, "container");
checkNotNull(name, "name");
return cleanRequest(processor.apply(Invocation.create(getMethod, ImmutableList.<Object> of(container, name))));
return signGetBlob(container, name, DEFAULT_EXPIRY_SECONDS);
}
@Override
@ -82,10 +83,7 @@ public class S3BlobRequestSigner<T extends S3Client> implements BlobRequestSigne
@Override
public HttpRequest signPutBlob(String container, Blob blob) {
checkNotNull(container, "container");
checkNotNull(blob, "blob");
return cleanRequest(processor.apply(Invocation.create(createMethod,
ImmutableList.<Object> of(container, blobToObject.apply(blob)))));
return signPutBlob(container, blob, DEFAULT_EXPIRY_SECONDS);
}
@Override

2
apis/s3/src/main/java/org/jclouds/s3/filters/RequestAuthorizeSignatureV2.java
View File

@ -291,8 +291,8 @@ public class RequestAuthorizeSignatureV2 implements RequestAuthorizeSignature, R
// signature will be converted to a space by a subsequent addQueryParameter.
// See HttpRequestTest.testAddBase64AndUrlEncodedQueryParams for more details.
.addQueryParam(S3Constants.TEMPORARY_SIGNATURE_PARAM, signature)
// remove signer created by RestAnnotationProcessor
.removeHeader(HttpHeaders.DATE)
// remove signer created by RestAnnotationProcessor
.filters(ImmutableList.<HttpRequestFilter>of())
.build();
return ret;

41
apis/s3/src/test/java/org/jclouds/s3/blobstore/S3BlobSignerExpectTest.java
View File

@ -22,7 +22,6 @@ import org.jclouds.http.HttpRequest;
import org.jclouds.rest.ConfiguresHttpApi;
import org.jclouds.s3.S3Client;
import org.jclouds.s3.config.S3HttpApiModule;
import org.testng.SkipException;
import org.testng.annotations.Test;
import com.google.common.base.Supplier;
@ -42,23 +41,20 @@ public class S3BlobSignerExpectTest extends BaseBlobSignerExpectTest {
protected HttpRequest getBlob() {
return HttpRequest.builder().method("GET")
.endpoint("http://localhost/container/name")
.addHeader("Date", "Thu, 05 Jun 2008 16:38:19 GMT")
.addHeader("Authorization", "AWS identity:0uvBv1wEskuhFHYJF/L6kEV9A7o=").build();
.addQueryParam("Expires", "1212684799")
.addQueryParam("AWSAccessKeyId", "identity")
.addQueryParam("Signature", "Z0UqrkQv83rykFxvI3f0dQtxEAM=")
.build();
}
@Override
@Test
public void testSignGetBlobWithTime() {
throw new SkipException("not yet implemented");
}
//TODO
@Override
protected HttpRequest getBlobWithTime() {
return HttpRequest.builder().method("GET")
.endpoint("http://locahost/container/name")
.addHeader("Date", "Thu, 05 Jun 2008 16:38:19 GMT")
.addHeader("Authorization", "AWS identity:0uvBv1wEskuhFHYJF/L6kEV9A7o=").build();
.endpoint("http://localhost/container/name")
.addQueryParam("Expires", "1212683902")
.addQueryParam("AWSAccessKeyId", "identity")
.addQueryParam("Signature", "Y4Ac4sZfBemGZmgfG78F7IX+IFg=")
.build();
}
@Override
@ -74,25 +70,22 @@ public class S3BlobSignerExpectTest extends BaseBlobSignerExpectTest {
protected HttpRequest putBlob() {
return HttpRequest.builder().method("PUT")
.endpoint("http://localhost/container/name")
.addQueryParam("Expires", "1212684799")
.addQueryParam("AWSAccessKeyId", "identity")
.addQueryParam("Signature", "N3+nS6ogzOqgT+YaThFN6RU/+xs=")
.addHeader("Expect", "100-continue")
.addHeader("Date", "Thu, 05 Jun 2008 16:38:19 GMT")
.addHeader("Authorization", "AWS identity:zM2oT+71KcoOSxv1SU5L12UXnT8=").build();
.build();
}
@Override
@Test
public void testSignPutBlobWithTime() throws Exception {
throw new SkipException("not yet implemented");
}
//TODO
@Override
protected HttpRequest putBlobWithTime() {
return HttpRequest.builder().method("PUT")
.endpoint("http://localhost/container/name")
.addQueryParam("Expires", "1212683902")
.addQueryParam("AWSAccessKeyId", "identity")
.addQueryParam("Signature", "genkB2vLxe3AWV/bPvRTMqQts7E=")
.addHeader("Expect", "100-continue")
.addHeader("Date", "Thu, 05 Jun 2008 16:38:19 GMT")
.addHeader("Authorization", "AWS identity:zM2oT+71KcoOSxv1SU5L12UXnT8=").build();
.build();
}
@Override

56
providers/aws-s3/src/test/java/org/jclouds/aws/s3/blobstore/AWSS3BlobSignerExpectTest.java
View File

@ -18,12 +18,17 @@ package org.jclouds.aws.s3.blobstore;
import static org.testng.Assert.assertEquals;
import java.util.Date;
import java.util.Map;
import javax.inject.Named;
import org.jclouds.Constants;
import org.jclouds.aws.s3.config.AWSS3HttpApiModule;
import org.jclouds.aws.s3.filters.AWSRequestAuthorizeSignature;
import org.jclouds.blobstore.BlobStore;
import org.jclouds.blobstore.domain.Blob;
import org.jclouds.date.DateService;
import org.jclouds.date.TimeStamp;
import org.jclouds.http.HttpRequest;
import org.jclouds.rest.ConfiguresHttpApi;
@ -33,6 +38,7 @@ import org.testng.annotations.Test;
import com.google.common.base.Splitter;
import com.google.common.base.Supplier;
import com.google.common.base.Suppliers;
import com.google.inject.Module;
import com.google.inject.Scopes;
@ -49,9 +55,14 @@ public class AWSS3BlobSignerExpectTest extends S3BlobSignerExpectTest {
protected HttpRequest getBlob() {
return HttpRequest.builder().method("GET")
.endpoint("https://container.s3.amazonaws.com/name")
.addQueryParam("X-Amz-Algorithm", "AWS4-HMAC-SHA256")
.addQueryParam("X-Amz-Credential", "identity/20080605/us-east-1/s3/aws4_request")
.addQueryParam("X-Amz-Date", "20080605T163819Z")
.addQueryParam("X-Amz-Expires", "900")
.addQueryParam("X-Amz-SignedHeaders", "host")
.addQueryParam("X-Amz-Signature", "1aa13b18ef9c4a9a98db7539e9eeb2c63afadbab649e14e28d5b765dfd96c32b")
.addHeader("Host", HOST)
.addHeader("Date", "Thu, 05 Jun 2008 16:38:19 GMT")
.addHeader("Authorization", "AWS identity:0uvBv1wEskuhFHYJF/L6kEV9A7o=").build();
.build();
}
@Override
@ -71,8 +82,10 @@ public class AWSS3BlobSignerExpectTest extends S3BlobSignerExpectTest {
.endpoint("https://container.s3.amazonaws.com/name")
.addHeader("Host", HOST)
.addHeader("Range", "bytes=0-1")
.addHeader("Date", "Thu, 05 Jun 2008 16:38:19 GMT")
.addHeader("Authorization", "AWS identity:0uvBv1wEskuhFHYJF/L6kEV9A7o=").build();
.addHeader("x-amz-content-sha256", "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855")
.addHeader("X-Amz-Date", "20080605T163819Z")
.addHeader("Authorization", "AWS4-HMAC-SHA256 Credential=identity/20080605/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=8f6a70bf43f31c92a67095510b080f574154df8a5ccb988ec8a6cbcce03dd5b8")
.build();
}
private void compareRequestComponents(final HttpRequest request, final HttpRequest compare) {
@ -80,15 +93,16 @@ public class AWSS3BlobSignerExpectTest extends S3BlobSignerExpectTest {
String query = request.getEndpoint().toString().split("\\?")[1];
final Map<String, String> params = Splitter.on('&').trimResults().withKeyValueSeparator("=").split(query);
assertEquals(params.get("X-Amz-Algorithm"), "AWS4-HMAC-SHA256");
assertEquals(params.get("X-Amz-Expires"), "3");
assertEquals(params.get("X-Amz-Expires"), "900");
assertEquals(params.get("X-Amz-SignedHeaders"), "host");
}
@Override
@Test
public void testSignGetBlobWithTime() {
BlobStore getBlobWithTime = requestsSendResponses(init());
HttpRequest compare = getBlobWithTime();
HttpRequest request = getBlobWithTime.getContext().getSigner().signGetBlob(container, name, 3L /* seconds */);
HttpRequest request = getBlobWithTime.getContext().getSigner().signGetBlob(container, name, 900L /* seconds */);
compareRequestComponents(request, compare);
}
@ -119,18 +133,33 @@ public class AWSS3BlobSignerExpectTest extends S3BlobSignerExpectTest {
protected HttpRequest removeBlob() {
return HttpRequest.builder().method("DELETE")
.endpoint("https://container.s3.amazonaws.com/name")
.addHeader("x-amz-content-sha256", "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855")
.addHeader("X-Amz-Date", "20080605T163819Z")
.addHeader("Authorization", "AWS4-HMAC-SHA256 Credential=identity/20080605/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=b068a3b2a76f06bf1d73b907243602f43962f5572ea1e588ed193c8c656118fe")
.addHeader("Host", HOST)
.addHeader("Date", "Thu, 05 Jun 2008 16:38:19 GMT")
.addHeader("Authorization", "AWS identity:4FnyjdX/ULdDMRbVlLNjZfEo9RQ=").build();
.build();
}
@Override
@Test
public void testSignPutBlob() throws Exception {
BlobStore signPutBloblWithTime = requestsSendResponses(init());
Blob blob = signPutBloblWithTime.blobBuilder(name).payload(text).contentType("text/plain").build();
HttpRequest compare = putBlobWithTime();
compare.setPayload(blob.getPayload());
HttpRequest request = signPutBloblWithTime.getContext().getSigner().signPutBlob(container, blob);
compareRequestComponents(request, compare);
assertEquals(request.getPayload(), compare.getPayload());
}
@Override
@Test
public void testSignPutBlobWithTime() throws Exception {
BlobStore signPutBloblWithTime = requestsSendResponses(init());
Blob blob = signPutBloblWithTime.blobBuilder(name).payload(text).contentType("text/plain").build();
HttpRequest compare = putBlobWithTime();
compare.setPayload(blob.getPayload());
HttpRequest request = signPutBloblWithTime.getContext().getSigner().signPutBlob(container, blob, 3L /* seconds */);
HttpRequest request = signPutBloblWithTime.getContext().getSigner().signPutBlob(container, blob, 900L /* seconds */);
compareRequestComponents(request, compare);
assertEquals(request.getPayload(), compare.getPayload());
}
@ -148,10 +177,13 @@ public class AWSS3BlobSignerExpectTest extends S3BlobSignerExpectTest {
return DATE;
}
// subclass expects v2 signatures
@Override
protected void bindRequestSigner() {
bind(RequestAuthorizeSignature.class).to(AWSRequestAuthorizeSignature.class).in(Scopes.SINGLETON);
@TimeStamp
protected Supplier<Date> provideTimeStampCacheDate(
@Named(Constants.PROPERTY_SESSION_INTERVAL) long seconds,
@TimeStamp final Supplier<String> timestamp,
final DateService dateService) {
return Suppliers.ofInstance(new Date(1212683899000L));
}
}
}