mirror of https://github.com/apache/jclouds.git
JCLOUDS-217: AWS-S3: Remove special encoding.
AWS-S3 provider should not pre-encode parameters that are passed to the jclouds request. This comes up in the AWSS3BlobRequestSigner as the only place where a parameter is pre-encoded.
This commit is contained in:
Timur Alperovich
parent
2c2b498066
commit
f8eff7e00e
|
|
@ -19,8 +19,6 @@ package org.jclouds.aws.s3.blobstore;
|
||||||
import static com.google.common.base.Preconditions.checkNotNull;
|
import static com.google.common.base.Preconditions.checkNotNull;
|
||||||
import static org.jclouds.blobstore.util.BlobStoreUtils.cleanRequest;
|
import static org.jclouds.blobstore.util.BlobStoreUtils.cleanRequest;
|
||||||
|
|
||||||
import java.io.UnsupportedEncodingException;
|
|
||||||
import java.net.URLEncoder;
|
|
||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
import java.util.concurrent.TimeUnit;
|
import java.util.concurrent.TimeUnit;
|
||||||
|
|
||||||
|
|
@ -37,7 +35,6 @@ import org.jclouds.s3.blobstore.S3BlobRequestSigner;
|
||||||
import org.jclouds.s3.blobstore.functions.BlobToObject;
|
import org.jclouds.s3.blobstore.functions.BlobToObject;
|
||||||
import org.jclouds.s3.filters.RequestAuthorizeSignature;
|
import org.jclouds.s3.filters.RequestAuthorizeSignature;
|
||||||
|
|
||||||
import com.google.common.base.Charsets;
|
|
||||||
import com.google.common.base.Supplier;
|
import com.google.common.base.Supplier;
|
||||||
import com.google.common.collect.ImmutableList;
|
import com.google.common.collect.ImmutableList;
|
||||||
import com.google.common.net.HttpHeaders;
|
import com.google.common.net.HttpHeaders;
|
||||||
|
|
@ -92,15 +89,7 @@ public class AWSS3BlobRequestSigner extends S3BlobRequestSigner<AWSS3Client> {
|
||||||
String expiration = String.valueOf(TimeUnit.MILLISECONDS.toSeconds(date.getTime()) + timeInSeconds);
|
String expiration = String.valueOf(TimeUnit.MILLISECONDS.toSeconds(date.getTime()) + timeInSeconds);
|
||||||
HttpRequest.Builder<?> builder = request.toBuilder().replaceHeader(HttpHeaders.DATE, expiration);
|
HttpRequest.Builder<?> builder = request.toBuilder().replaceHeader(HttpHeaders.DATE, expiration);
|
||||||
String stringToSign = authSigner.createStringToSign(builder.build());
|
String stringToSign = authSigner.createStringToSign(builder.build());
|
||||||
// We MUST encode the signature because addQueryParam internally _always_ decodes values
|
|
||||||
// and if we don't encode the signature here, the decoding may change the signature. For e.g.
|
|
||||||
// any '+' characters in the signature will be converted to space ' ' on decoding.
|
|
||||||
String signature = authSigner.sign(stringToSign);
|
String signature = authSigner.sign(stringToSign);
|
||||||
try {
|
|
||||||
signature = URLEncoder.encode(signature, Charsets.UTF_8.name());
|
|
||||||
} catch (UnsupportedEncodingException e) {
|
|
||||||
throw new IllegalStateException("Bad encoding on input: " + signature, e);
|
|
||||||
}
|
|
||||||
HttpRequest ret = builder.addQueryParam(HttpHeaders.EXPIRES, expiration)
|
HttpRequest ret = builder.addQueryParam(HttpHeaders.EXPIRES, expiration)
|
||||||
.addQueryParam("AWSAccessKeyId", identity)
|
.addQueryParam("AWSAccessKeyId", identity)
|
||||||
// Signature MUST be the last parameter because if it isn't, even encoded '+' values in the
|
// Signature MUST be the last parameter because if it isn't, even encoded '+' values in the
|
||||||
|
|
|
||||||
|
|
@ -51,10 +51,12 @@ public class AWSS3BlobSignerExpectTest extends S3BlobSignerExpectTest {
|
||||||
@Override
|
@Override
|
||||||
protected HttpRequest getBlobWithTime() {
|
protected HttpRequest getBlobWithTime() {
|
||||||
return HttpRequest.builder().method("GET")
|
return HttpRequest.builder().method("GET")
|
||||||
.endpoint("https://container.s3.amazonaws.com/name" +
|
.endpoint("https://container.s3.amazonaws.com/name")
|
||||||
"?Expires=1212683902&AWSAccessKeyId=identity&Signature=Y4Ac4sZfBemGZmgfG78F7IX%2BIFg%3D")
|
.addQueryParam("Expires", "1212683902")
|
||||||
.addHeader("Host", "container.s3.amazonaws.com")
|
.addQueryParam("AWSAccessKeyId", "identity")
|
||||||
.addHeader("Date", DATE).build();
|
.addQueryParam("Signature", "Y4Ac4sZfBemGZmgfG78F7IX+IFg=")
|
||||||
|
.addHeader("Host", "container.s3.amazonaws.com")
|
||||||
|
.addHeader("Date", DATE).build();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -88,11 +90,14 @@ public class AWSS3BlobSignerExpectTest extends S3BlobSignerExpectTest {
|
||||||
@Override
|
@Override
|
||||||
protected HttpRequest putBlobWithTime() {
|
protected HttpRequest putBlobWithTime() {
|
||||||
return HttpRequest.builder().method("PUT")
|
return HttpRequest.builder().method("PUT")
|
||||||
.endpoint("https://container.s3.amazonaws.com/name" +
|
.endpoint("https://container.s3.amazonaws.com/name")
|
||||||
"?Expires=1212683902&AWSAccessKeyId=identity&Signature=genkB2vLxe3AWV/bPvRTMqQts7E%3D")
|
.addQueryParam("Expires", "1212683902")
|
||||||
.addHeader("Expect", "100-continue")
|
.addQueryParam("AWSAccessKeyId", "identity")
|
||||||
.addHeader("Host", "container.s3.amazonaws.com")
|
.addQueryParam("Signature", "genkB2vLxe3AWV/bPvRTMqQts7E=")
|
||||||
.addHeader("Date", DATE).build();
|
.addHeader("Expect", "100-continue")
|
||||||
|
.addHeader("Host", "container.s3.amazonaws.com")
|
||||||
|
.addHeader("Date", DATE)
|
||||||
|
.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue