fixed signature in cloud.com

sandbox-apis/cloudstack/src/main/java/org/jclouds/cloudstack/domain/SecurityGroup.java

@@ -173,13 +173,8 @@ public class SecurityGroup implements Comparable<SecurityGroup> {
    public int hashCode() {
       final int prime = 31;
       int result = 1;
-      result = prime * result + ((account == null) ? 0 : account.hashCode());
-      result = prime * result + ((description == null) ? 0 : description.hashCode());
-      result = prime * result + ((domain == null) ? 0 : domain.hashCode());
       result = prime * result + (int) (domainId ^ (domainId >>> 32));
       result = prime * result + (int) (id ^ (id >>> 32));
-      result = prime * result + ((ingressRules == null) ? 0 : ingressRules.hashCode());
-      result = prime * result + ((name == null) ? 0 : name.hashCode());
       return result;
    }
 
@@ -192,35 +187,10 @@ public class SecurityGroup implements Comparable<SecurityGroup> {
       if (getClass() != obj.getClass())
          return false;
       SecurityGroup other = (SecurityGroup) obj;
-      if (account == null) {
-         if (other.account != null)
-            return false;
-      } else if (!account.equals(other.account))
-         return false;
-      if (description == null) {
-         if (other.description != null)
-            return false;
-      } else if (!description.equals(other.description))
-         return false;
-      if (domain == null) {
-         if (other.domain != null)
-            return false;
-      } else if (!domain.equals(other.domain))
-         return false;
       if (domainId != other.domainId)
          return false;
       if (id != other.id)
          return false;
-      if (ingressRules == null) {
-         if (other.ingressRules != null)
-            return false;
-      } else if (!ingressRules.equals(other.ingressRules))
-         return false;
-      if (name == null) {
-         if (other.name != null)
-            return false;
-      } else if (!name.equals(other.name))
-         return false;
       return true;
    }
 

sandbox-apis/cloudstack/src/main/java/org/jclouds/cloudstack/filters/QuerySigner.java

@@ -20,8 +20,6 @@ package org.jclouds.cloudstack.filters;
 
 import static com.google.common.base.Preconditions.checkNotNull;
 
-import java.util.Comparator;
-import java.util.Map;
 import java.util.Map.Entry;
 
 import javax.annotation.Resource;
@@ -53,7 +51,9 @@ import com.google.common.collect.Multimap;
 
 /**
  * 
- * @see <a href= "http://download.cloud.com/releases/2.2.0/api/user/2.2api_security_details.html" />
+ * @see <a href=
+ *      "http://download.cloud.com/releases/2.2.0/api/user/2.2api_security_details.html"
+ *      />
  * @author Adrian Cole
  * 
  */
@@ -73,8 +73,8 @@ public class QuerySigner implements HttpRequestFilter, RequestSigner {
 
    @Inject
    public QuerySigner(SignatureWire signatureWire, @Named(Constants.PROPERTY_IDENTITY) String accessKey,
-            @Named(Constants.PROPERTY_CREDENTIAL) String secretKey, Crypto crypto, HttpUtils utils,
-            Provider<UriBuilder> builder) {
+         @Named(Constants.PROPERTY_CREDENTIAL) String secretKey, Crypto crypto, HttpUtils utils,
+         Provider<UriBuilder> builder) {
       this.signatureWire = signatureWire;
       this.accessKey = accessKey;
       this.secretKey = secretKey;
@@ -90,9 +90,11 @@ public class QuerySigner implements HttpRequestFilter, RequestSigner {
       String stringToSign = createStringToSign(request, decodedParams);
       String signature = sign(stringToSign);
       addSignature(decodedParams, signature);
-      request = request.toBuilder().endpoint(
-               builder.get().uri(request.getEndpoint()).replaceQuery(ModifyRequest.makeQueryLine(decodedParams, null))
-                        .build()).build();
+      request = request
+            .toBuilder()
+            .endpoint(
+                  builder.get().uri(request.getEndpoint())
+                        .replaceQuery(ModifyRequest.makeQueryLine(decodedParams, null)).build()).build();
       utils.logRequest(signatureLog, request, "<<");
       return request;
    }
@@ -106,8 +108,8 @@ public class QuerySigner implements HttpRequestFilter, RequestSigner {
    public String sign(String stringToSign) {
       String signature;
       try {
-         signature = CryptoStreams.base64(CryptoStreams.mac(InputSuppliers.of(stringToSign), crypto.hmacSHA1(secretKey
-                  .getBytes())));
+         signature = CryptoStreams.base64(CryptoStreams.mac(InputSuppliers.of(stringToSign),
+               crypto.hmacSHA1(secretKey.getBytes())));
          if (signatureWire.enabled())
             signatureWire.input(Strings2.toInputStream(signature));
       } catch (Exception e) {
@@ -120,11 +122,13 @@ public class QuerySigner implements HttpRequestFilter, RequestSigner {
    public String createStringToSign(HttpRequest request, Multimap<String, String> decodedParams) {
       utils.logRequest(signatureLog, request, ">>");
 
+      // encode each parameter value first,
       ImmutableSortedSet.Builder<String> builder = ImmutableSortedSet.<String> naturalOrder();
       for (Entry<String, String> entry : decodedParams.entries())
-         builder.add(entry.getKey().toLowerCase() + "=" + Strings2.urlEncode(entry.getValue()).toLowerCase());
-
-      String stringToSign = Joiner.on('&').join(builder.build());
+         builder.add(entry.getKey() + "=" + Strings2.urlEncode(entry.getValue()));
+      
+      // then, lower case the entire query string
+      String stringToSign = Joiner.on('&').join(builder.build()).toLowerCase();
       if (signatureWire.enabled())
          signatureWire.output(stringToSign);
 

sandbox-apis/cloudstack/src/test/java/org/jclouds/cloudstack/features/SecurityGroupClientLiveTest.java

@@ -31,6 +31,7 @@ import org.jclouds.cloudstack.domain.VirtualMachine;
 import org.jclouds.cloudstack.domain.Zone;
 import org.jclouds.cloudstack.options.AccountInDomainOptions;
 import org.jclouds.cloudstack.options.ListSecurityGroupsOptions;
+import org.jclouds.cloudstack.options.ListVirtualMachinesOptions;
 import org.jclouds.net.IPSocket;
 import org.jclouds.util.Strings2;
 import org.testng.annotations.AfterGroups;
@@ -63,13 +64,13 @@ public class SecurityGroupClientLiveTest extends BaseCloudStackClientLiveTest {
 
             @Override
             public boolean apply(Zone arg0) {
-             return true;//  return arg0.isSecurityGroupsEnabled();
+               return arg0.isSecurityGroupsEnabled();
             }
 
          });
          securityGroupsSupported = true;
          for (SecurityGroup securityGroup : client.getSecurityGroupClient().listSecurityGroups(
-                  ListSecurityGroupsOptions.Builder.named(prefix))) {
+               ListSecurityGroupsOptions.Builder.named(prefix))) {
             for (IngressRule rule : securityGroup.getIngressRules())
                assert this.jobComplete.apply(client.getSecurityGroupClient().revokeIngressRule(rule.getId())) : rule;
             client.getSecurityGroupClient().deleteSecurityGroup(securityGroup.getId());
@@ -92,9 +93,7 @@ public class SecurityGroupClientLiveTest extends BaseCloudStackClientLiveTest {
       URL url = new URL("http://checkip.amazonaws.com/");
       HttpURLConnection connection = (HttpURLConnection) url.openConnection();
       connection.connect();
-      // http://bugs.cloud.com/show_bug.cgi?id=8969
-      // return Strings2.toStringAndClose(connection.getInputStream()).trim()+"/32";
-      return Strings2.toStringAndClose(connection.getInputStream()).trim();
+      return Strings2.toStringAndClose(connection.getInputStream()).trim() + "/32";
    }
 
    @Test(dependsOnMethods = "testCreateDestroySecurityGroup")
@@ -105,11 +104,12 @@ public class SecurityGroupClientLiveTest extends BaseCloudStackClientLiveTest {
       ImmutableSet<String> cidrs = ImmutableSet.of(cidr);
       assert jobComplete.apply(client.getSecurityGroupClient().authorizeIngressICMPToCIDRs(group.getId(), 0, 8, cidrs)) : group;
       assert jobComplete.apply(client.getSecurityGroupClient().authorizeIngressPortsToCIDRs(group.getId(), "TCP", 22,
-               22, cidrs)) : group;
+            22, cidrs)) : group;
 
       AccountInDomainOptions.Builder.accountInDomain(group.getAccount(), group.getDomainId());
 
-      // replace with get once bug is fixed where getGroup returns only one ingress rule
+      // replace with get once bug is fixed where getGroup returns only one
+      // ingress rule
       group = Iterables.find(client.getSecurityGroupClient().listSecurityGroups(), new Predicate<SecurityGroup>() {
 
          @Override
@@ -170,13 +170,17 @@ public class SecurityGroupClientLiveTest extends BaseCloudStackClientLiveTest {
    public void testCreateVMInSecurityGroup() throws Exception {
       if (!securityGroupsSupported)
          return;
+      for (VirtualMachine vm : client.getVirtualMachineClient().listVirtualMachines(
+            ListVirtualMachinesOptions.Builder.zoneId(zone.getId()))) {
+      }
       vm = VirtualMachineClientLiveTest.createVirtualMachineWithSecurityGroupInZone(zone.getId(), group.getId(),
-               client, jobComplete, virtualMachineRunning);
+            client, jobComplete, virtualMachineRunning);
       if (vm.getPassword() != null)
          password = vm.getPassword();
       // ingress port 22
       checkSSH(new IPSocket(vm.getIPAddress(), 22));
-      // ingress icmp disabled as this is platform dependent and may actually just try tcp port 7
+      // ingress icmp disabled as this is platform dependent and may actually
+      // just try tcp port 7
       // assert InetAddress.getByName(vm.getIPAddress()).isReachable(1000) : vm;
    }
 

sandbox-apis/cloudstack/src/test/java/org/jclouds/cloudstack/features/VirtualMachineClientLiveTest.java

@@ -160,7 +160,7 @@ public class VirtualMachineClientLiveTest extends BaseCloudStackClientLiveTest {
       if (vm.getPassword() != null) {
          conditionallyCheckSSH();
       }
-      assert or(equalTo("NetworkFilesystem"), equalTo("IscsiLUN")).apply(vm.getRootDeviceType()) : vm;
+      assert or(equalTo("NetworkFilesystem"), equalTo("IscsiLUN"), equalTo("VMFS")).apply(vm.getRootDeviceType()) : vm;
       checkVm(vm);
    }