fixed signature in cloud.com

This commit is contained in:
Adrian Cole 2011-04-25 16:21:10 -07:00
parent 08a3cc0275
commit f8497f1341
4 changed files with 31 additions and 53 deletions

View File

@ -173,13 +173,8 @@ public class SecurityGroup implements Comparable<SecurityGroup> {
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((account == null) ? 0 : account.hashCode());
result = prime * result + ((description == null) ? 0 : description.hashCode());
result = prime * result + ((domain == null) ? 0 : domain.hashCode());
result = prime * result + (int) (domainId ^ (domainId >>> 32));
result = prime * result + (int) (id ^ (id >>> 32));
result = prime * result + ((ingressRules == null) ? 0 : ingressRules.hashCode());
result = prime * result + ((name == null) ? 0 : name.hashCode());
return result;
}
@ -192,35 +187,10 @@ public class SecurityGroup implements Comparable<SecurityGroup> {
if (getClass() != obj.getClass())
return false;
SecurityGroup other = (SecurityGroup) obj;
if (account == null) {
if (other.account != null)
return false;
} else if (!account.equals(other.account))
return false;
if (description == null) {
if (other.description != null)
return false;
} else if (!description.equals(other.description))
return false;
if (domain == null) {
if (other.domain != null)
return false;
} else if (!domain.equals(other.domain))
return false;
if (domainId != other.domainId)
return false;
if (id != other.id)
return false;
if (ingressRules == null) {
if (other.ingressRules != null)
return false;
} else if (!ingressRules.equals(other.ingressRules))
return false;
if (name == null) {
if (other.name != null)
return false;
} else if (!name.equals(other.name))
return false;
return true;
}

View File

@ -20,8 +20,6 @@ package org.jclouds.cloudstack.filters;
import static com.google.common.base.Preconditions.checkNotNull;
import java.util.Comparator;
import java.util.Map;
import java.util.Map.Entry;
import javax.annotation.Resource;
@ -53,7 +51,9 @@ import com.google.common.collect.Multimap;
/**
*
* @see <a href= "http://download.cloud.com/releases/2.2.0/api/user/2.2api_security_details.html" />
* @see <a href=
* "http://download.cloud.com/releases/2.2.0/api/user/2.2api_security_details.html"
* />
* @author Adrian Cole
*
*/
@ -73,8 +73,8 @@ public class QuerySigner implements HttpRequestFilter, RequestSigner {
@Inject
public QuerySigner(SignatureWire signatureWire, @Named(Constants.PROPERTY_IDENTITY) String accessKey,
@Named(Constants.PROPERTY_CREDENTIAL) String secretKey, Crypto crypto, HttpUtils utils,
Provider<UriBuilder> builder) {
@Named(Constants.PROPERTY_CREDENTIAL) String secretKey, Crypto crypto, HttpUtils utils,
Provider<UriBuilder> builder) {
this.signatureWire = signatureWire;
this.accessKey = accessKey;
this.secretKey = secretKey;
@ -90,9 +90,11 @@ public class QuerySigner implements HttpRequestFilter, RequestSigner {
String stringToSign = createStringToSign(request, decodedParams);
String signature = sign(stringToSign);
addSignature(decodedParams, signature);
request = request.toBuilder().endpoint(
builder.get().uri(request.getEndpoint()).replaceQuery(ModifyRequest.makeQueryLine(decodedParams, null))
.build()).build();
request = request
.toBuilder()
.endpoint(
builder.get().uri(request.getEndpoint())
.replaceQuery(ModifyRequest.makeQueryLine(decodedParams, null)).build()).build();
utils.logRequest(signatureLog, request, "<<");
return request;
}
@ -106,8 +108,8 @@ public class QuerySigner implements HttpRequestFilter, RequestSigner {
public String sign(String stringToSign) {
String signature;
try {
signature = CryptoStreams.base64(CryptoStreams.mac(InputSuppliers.of(stringToSign), crypto.hmacSHA1(secretKey
.getBytes())));
signature = CryptoStreams.base64(CryptoStreams.mac(InputSuppliers.of(stringToSign),
crypto.hmacSHA1(secretKey.getBytes())));
if (signatureWire.enabled())
signatureWire.input(Strings2.toInputStream(signature));
} catch (Exception e) {
@ -120,11 +122,13 @@ public class QuerySigner implements HttpRequestFilter, RequestSigner {
public String createStringToSign(HttpRequest request, Multimap<String, String> decodedParams) {
utils.logRequest(signatureLog, request, ">>");
// encode each parameter value first,
ImmutableSortedSet.Builder<String> builder = ImmutableSortedSet.<String> naturalOrder();
for (Entry<String, String> entry : decodedParams.entries())
builder.add(entry.getKey().toLowerCase() + "=" + Strings2.urlEncode(entry.getValue()).toLowerCase());
builder.add(entry.getKey() + "=" + Strings2.urlEncode(entry.getValue()));
String stringToSign = Joiner.on('&').join(builder.build());
// then, lower case the entire query string
String stringToSign = Joiner.on('&').join(builder.build()).toLowerCase();
if (signatureWire.enabled())
signatureWire.output(stringToSign);

View File

@ -31,6 +31,7 @@ import org.jclouds.cloudstack.domain.VirtualMachine;
import org.jclouds.cloudstack.domain.Zone;
import org.jclouds.cloudstack.options.AccountInDomainOptions;
import org.jclouds.cloudstack.options.ListSecurityGroupsOptions;
import org.jclouds.cloudstack.options.ListVirtualMachinesOptions;
import org.jclouds.net.IPSocket;
import org.jclouds.util.Strings2;
import org.testng.annotations.AfterGroups;
@ -63,13 +64,13 @@ public class SecurityGroupClientLiveTest extends BaseCloudStackClientLiveTest {
@Override
public boolean apply(Zone arg0) {
return true;// return arg0.isSecurityGroupsEnabled();
return arg0.isSecurityGroupsEnabled();
}
});
securityGroupsSupported = true;
for (SecurityGroup securityGroup : client.getSecurityGroupClient().listSecurityGroups(
ListSecurityGroupsOptions.Builder.named(prefix))) {
ListSecurityGroupsOptions.Builder.named(prefix))) {
for (IngressRule rule : securityGroup.getIngressRules())
assert this.jobComplete.apply(client.getSecurityGroupClient().revokeIngressRule(rule.getId())) : rule;
client.getSecurityGroupClient().deleteSecurityGroup(securityGroup.getId());
@ -92,9 +93,7 @@ public class SecurityGroupClientLiveTest extends BaseCloudStackClientLiveTest {
URL url = new URL("http://checkip.amazonaws.com/");
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.connect();
// http://bugs.cloud.com/show_bug.cgi?id=8969
// return Strings2.toStringAndClose(connection.getInputStream()).trim()+"/32";
return Strings2.toStringAndClose(connection.getInputStream()).trim();
return Strings2.toStringAndClose(connection.getInputStream()).trim() + "/32";
}
@Test(dependsOnMethods = "testCreateDestroySecurityGroup")
@ -105,11 +104,12 @@ public class SecurityGroupClientLiveTest extends BaseCloudStackClientLiveTest {
ImmutableSet<String> cidrs = ImmutableSet.of(cidr);
assert jobComplete.apply(client.getSecurityGroupClient().authorizeIngressICMPToCIDRs(group.getId(), 0, 8, cidrs)) : group;
assert jobComplete.apply(client.getSecurityGroupClient().authorizeIngressPortsToCIDRs(group.getId(), "TCP", 22,
22, cidrs)) : group;
22, cidrs)) : group;
AccountInDomainOptions.Builder.accountInDomain(group.getAccount(), group.getDomainId());
// replace with get once bug is fixed where getGroup returns only one ingress rule
// replace with get once bug is fixed where getGroup returns only one
// ingress rule
group = Iterables.find(client.getSecurityGroupClient().listSecurityGroups(), new Predicate<SecurityGroup>() {
@Override
@ -170,13 +170,17 @@ public class SecurityGroupClientLiveTest extends BaseCloudStackClientLiveTest {
public void testCreateVMInSecurityGroup() throws Exception {
if (!securityGroupsSupported)
return;
for (VirtualMachine vm : client.getVirtualMachineClient().listVirtualMachines(
ListVirtualMachinesOptions.Builder.zoneId(zone.getId()))) {
}
vm = VirtualMachineClientLiveTest.createVirtualMachineWithSecurityGroupInZone(zone.getId(), group.getId(),
client, jobComplete, virtualMachineRunning);
client, jobComplete, virtualMachineRunning);
if (vm.getPassword() != null)
password = vm.getPassword();
// ingress port 22
checkSSH(new IPSocket(vm.getIPAddress(), 22));
// ingress icmp disabled as this is platform dependent and may actually just try tcp port 7
// ingress icmp disabled as this is platform dependent and may actually
// just try tcp port 7
// assert InetAddress.getByName(vm.getIPAddress()).isReachable(1000) : vm;
}

View File

@ -160,7 +160,7 @@ public class VirtualMachineClientLiveTest extends BaseCloudStackClientLiveTest {
if (vm.getPassword() != null) {
conditionallyCheckSSH();
}
assert or(equalTo("NetworkFilesystem"), equalTo("IscsiLUN")).apply(vm.getRootDeviceType()) : vm;
assert or(equalTo("NetworkFilesystem"), equalTo("IscsiLUN"), equalTo("VMFS")).apply(vm.getRootDeviceType()) : vm;
checkVm(vm);
}