com.amazonaws.internal.StaticCredentialsProvider Java Examples
The following examples show how to use
com.amazonaws.internal.StaticCredentialsProvider.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SessionCredentialsProviderFactory.java From aws-glue-data-catalog-client-for-apache-hive-metastore with Apache License 2.0 | 6 votes |
|
@Override
public AWSCredentialsProvider buildAWSCredentialsProvider(HiveConf hiveConf) {
checkArgument(hiveConf != null, "hiveConf cannot be null.");
String accessKey = hiveConf.get(AWS_ACCESS_KEY_CONF_VAR);
String secretKey = hiveConf.get(AWS_SECRET_KEY_CONF_VAR);
String sessionToken = hiveConf.get(AWS_SESSION_TOKEN_CONF_VAR);
checkArgument(accessKey != null, AWS_ACCESS_KEY_CONF_VAR + " must be set.");
checkArgument(secretKey != null, AWS_SECRET_KEY_CONF_VAR + " must be set.");
checkArgument(sessionToken != null, AWS_SESSION_TOKEN_CONF_VAR + " must be set.");
AWSSessionCredentials credentials = new BasicSessionCredentials(accessKey, secretKey, sessionToken);
return new StaticCredentialsProvider(credentials);
}
Example #2
| Source File: S3DaoImpl.java From herd with Apache License 2.0 | 6 votes |
|
/**
* <p> Gets the {@link AWSCredentialsProvider} based on the credentials in the given parameters. </p> <p> Returns {@link DefaultAWSCredentialsProviderChain}
* if either access or secret key is {@code null}. Otherwise returns a {@link StaticCredentialsProvider} with the credentials. </p>
*
* @param params - Access parameters
*
* @return AWS credentials provider implementation
*/
private AWSCredentialsProvider getAWSCredentialsProvider(S3FileTransferRequestParamsDto params)
{
List<AWSCredentialsProvider> providers = new ArrayList<>();
String accessKey = params.getAwsAccessKeyId();
String secretKey = params.getAwsSecretKey();
if (accessKey != null && secretKey != null)
{
providers.add(new StaticCredentialsProvider(new BasicAWSCredentials(accessKey, secretKey)));
}
for (HerdAWSCredentialsProvider herdAWSCredentialsProvider : params.getAdditionalAwsCredentialsProviders())
{
providers.add(new HerdAwsCredentialsProviderWrapper(herdAWSCredentialsProvider));
}
providers.add(new DefaultAWSCredentialsProviderChain());
return new AWSCredentialsProviderChain(providers.toArray(new AWSCredentialsProvider[providers.size()]));
}
Example #3
| Source File: AWSCredentialsProviderControllerServiceTest.java From localization_nifi with Apache License 2.0 | 6 votes |
|
@Test
public void testKeysCredentialsProvider() throws Throwable {
final TestRunner runner = TestRunners.newTestRunner(FetchS3Object.class);
final AWSCredentialsProviderControllerService serviceImpl = new AWSCredentialsProviderControllerService();
runner.addControllerService("awsCredentialsProvider", serviceImpl);
runner.setProperty(serviceImpl, AbstractAWSProcessor.ACCESS_KEY, "awsAccessKey");
runner.setProperty(serviceImpl, AbstractAWSProcessor.SECRET_KEY, "awsSecretKey");
runner.enableControllerService(serviceImpl);
runner.assertValid(serviceImpl);
final AWSCredentialsProviderService service = (AWSCredentialsProviderService) runner.getProcessContext()
.getControllerServiceLookup().getControllerService("awsCredentialsProvider");
Assert.assertNotNull(service);
final AWSCredentialsProvider credentialsProvider = service.getCredentialsProvider();
Assert.assertNotNull(credentialsProvider);
assertEquals("credentials provider should be equal", StaticCredentialsProvider.class,
credentialsProvider.getClass());
}
Example #4
| Source File: AWSCredentialsProviderControllerServiceTest.java From nifi with Apache License 2.0 | 6 votes |
|
@Test
public void testKeysCredentialsProvider() throws Throwable {
final TestRunner runner = TestRunners.newTestRunner(FetchS3Object.class);
final AWSCredentialsProviderControllerService serviceImpl = new AWSCredentialsProviderControllerService();
runner.addControllerService("awsCredentialsProvider", serviceImpl);
runner.setProperty(serviceImpl, AbstractAWSProcessor.ACCESS_KEY, "awsAccessKey");
runner.setProperty(serviceImpl, AbstractAWSProcessor.SECRET_KEY, "awsSecretKey");
runner.enableControllerService(serviceImpl);
runner.assertValid(serviceImpl);
final AWSCredentialsProviderService service = (AWSCredentialsProviderService) runner.getProcessContext()
.getControllerServiceLookup().getControllerService("awsCredentialsProvider");
Assert.assertNotNull(service);
final AWSCredentialsProvider credentialsProvider = service.getCredentialsProvider();
Assert.assertNotNull(credentialsProvider);
assertEquals("credentials provider should be equal", StaticCredentialsProvider.class,
credentialsProvider.getClass());
}
Example #5
| Source File: TestAWSCredentials.java From nifi with Apache License 2.0 | 6 votes |
|
@Test
public void testCredentialsProviderControllerService() throws InitializationException {
final AWSCredentialsProviderControllerService credsService = new AWSCredentialsProviderControllerService();
runner.addControllerService("awsCredentialsProvider", credsService);
runner.setProperty(credsService, AbstractAWSProcessor.ACCESS_KEY, "awsAccessKey");
runner.setProperty(credsService, AbstractAWSProcessor.SECRET_KEY, "awsSecretKey");
runner.enableControllerService(credsService);
runner.setProperty(AbstractAWSCredentialsProviderProcessor.AWS_CREDENTIALS_PROVIDER_SERVICE, "awsCredentialsProvider");
runner.assertValid();
runner.run(1);
assertEquals(StaticCredentialsProvider.class, awsCredentialsProvider.getClass());
assertNull(awsCredentials);
}
Example #6
| Source File: AccessKeyPairCredentialsStrategy.java From nifi with Apache License 2.0 | 5 votes |
|
@Override
public AWSCredentialsProvider getCredentialsProvider(Map<PropertyDescriptor, String> properties) {
String accessKey = properties.get(CredentialPropertyDescriptors.ACCESS_KEY);
String secretKey = properties.get(CredentialPropertyDescriptors.SECRET_KEY);
BasicAWSCredentials creds = new BasicAWSCredentials(accessKey, secretKey);
return new StaticCredentialsProvider(creds);
}
Example #7
| Source File: ProfilesConfigFile.java From bazel with Apache License 2.0 | 5 votes |
|
@Deprecated
public Map<String, Profile> getAllProfiles() {
Map<String, Profile> legacyProfiles = new HashMap<String, Profile>();
for (Map.Entry<String, BasicProfile> entry : getAllBasicProfiles().entrySet()) {
final String profileName = entry.getKey();
legacyProfiles.put(profileName,
new Profile(profileName, entry.getValue().getProperties(),
new StaticCredentialsProvider(
getCredentials(profileName))));
}
return legacyProfiles;
}
Example #8
| Source File: Profile.java From bazel with Apache License 2.0 | 5 votes |
|
public Profile(String profileName, AWSCredentials awsCredentials) {
Map<String, String> properties = new LinkedHashMap<String, String>();
properties.put(ProfileKeyConstants.AWS_ACCESS_KEY_ID, awsCredentials.getAWSAccessKeyId());
properties.put(ProfileKeyConstants.AWS_SECRET_ACCESS_KEY, awsCredentials.getAWSSecretKey());
if (awsCredentials instanceof AWSSessionCredentials) {
AWSSessionCredentials sessionCred = (AWSSessionCredentials)awsCredentials;
properties.put(ProfileKeyConstants.AWS_SESSION_TOKEN, sessionCred.getSessionToken());
}
this.profileName = profileName;
this.properties = properties;
this.awsCredentials = new StaticCredentialsProvider(awsCredentials);
}
Example #9
| Source File: TestCredentialsProviderFactory.java From nifi with Apache License 2.0 | 5 votes |
|
@Test
public void testAccessKeyPairCredentials() throws Throwable {
final TestRunner runner = TestRunners.newTestRunner(MockAWSProcessor.class);
runner.setProperty(CredentialPropertyDescriptors.USE_DEFAULT_CREDENTIALS, "false");
runner.setProperty(CredentialPropertyDescriptors.ACCESS_KEY, "BogusAccessKey");
runner.setProperty(CredentialPropertyDescriptors.SECRET_KEY, "BogusSecretKey");
runner.assertValid();
Map<PropertyDescriptor, String> properties = runner.getProcessContext().getProperties();
final CredentialsProviderFactory factory = new CredentialsProviderFactory();
final AWSCredentialsProvider credentialsProvider = factory.getCredentialsProvider(properties);
Assert.assertNotNull(credentialsProvider);
assertEquals("credentials provider should be equal", StaticCredentialsProvider.class,
credentialsProvider.getClass());
}
Example #10
| Source File: TestCredentialsProviderFactory.java From localization_nifi with Apache License 2.0 | 5 votes |
|
@Test
public void testAccessKeyPairCredentials() throws Throwable {
final TestRunner runner = TestRunners.newTestRunner(MockAWSProcessor.class);
runner.setProperty(CredentialPropertyDescriptors.USE_DEFAULT_CREDENTIALS, "false");
runner.setProperty(CredentialPropertyDescriptors.ACCESS_KEY, "BogusAccessKey");
runner.setProperty(CredentialPropertyDescriptors.SECRET_KEY, "BogusSecretKey");
runner.assertValid();
Map<PropertyDescriptor, String> properties = runner.getProcessContext().getProperties();
final CredentialsProviderFactory factory = new CredentialsProviderFactory();
final AWSCredentialsProvider credentialsProvider = factory.getCredentialsProvider(properties);
Assert.assertNotNull(credentialsProvider);
assertEquals("credentials provider should be equal", StaticCredentialsProvider.class,
credentialsProvider.getClass());
}
Example #11
| Source File: AccessKeyPairCredentialsStrategy.java From localization_nifi with Apache License 2.0 | 5 votes |
|
@Override
public AWSCredentialsProvider getCredentialsProvider(Map<PropertyDescriptor, String> properties) {
String accessKey = properties.get(CredentialPropertyDescriptors.ACCESS_KEY);
String secretKey = properties.get(CredentialPropertyDescriptors.SECRET_KEY);
BasicAWSCredentials creds = new BasicAWSCredentials(accessKey, secretKey);
return new StaticCredentialsProvider(creds);
}
Example #12
| Source File: AwsEc2ServiceImpl.java From crate with Apache License 2.0 | 5 votes |
|
static AWSCredentialsProvider buildCredentials(Logger logger, Ec2ClientSettings clientSettings) {
final AWSCredentials credentials = clientSettings.credentials;
if (credentials == null) {
logger.debug("Using either environment variables, system properties or instance profile credentials");
return new DefaultAWSCredentialsProviderChain();
} else {
logger.debug("Using basic key/secret credentials");
return new StaticCredentialsProvider(credentials);
}
}
Example #13
| Source File: AWSSignerTest.java From aws-signing-request-interceptor with MIT License | 4 votes |
|
/**
* Test case given in AWS Signing Test Suite (http://docs.aws.amazon.com/general/latest/gr/signature-v4-test-suite.html)
* (get-utf8.*)
* <p>
* GET /ሴ HTTP/1.1
* Host:example.amazonaws.com
* X-Amz-Date:20150830T123600Z
*
* @throws Exception
*/
@Test
public void testGetUtf8() throws Exception {
// GIVEN
// Credentials
String awsAccessKey = "AKIDEXAMPLE";
String awsSecretKey = "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY";
AWSCredentials credentials = new BasicAWSCredentials(awsAccessKey, awsSecretKey);
AWSCredentialsProvider awsCredentialsProvider = new StaticCredentialsProvider(credentials);
String region = "us-east-1";
String service = "service";
// Date
Supplier<LocalDateTime> clock = () -> LocalDateTime.of(2015, 8, 30, 12, 36, 0);
String date = "20150830T123600Z";
// HTTP request
String host = "example.amazonaws.com";
String uri = "/ሴ";
String method = "GET";
Multimap<String, String> queryParams = ImmutableListMultimap.<String, String>builder()
.build();
Map<String, Object> headers = ImmutableMap.<String, Object>builder()
.put("Host", host)
.put("X-Amz-Date", date)
.build();
Optional<byte[]> payload = Optional.absent();
String expectedAuthorizationHeader = "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=8318018e0b0f223aa2bbf98705b62bb787dc9c0e678f255a891fd03141be5d85";
// WHEN
// The request is signed
AWSSigner signer = new AWSSigner(awsCredentialsProvider, region, service, clock);
Map<String, Object> signedHeaders = signer.getSignedHeaders(uri, method, queryParams, headers, payload);
// THEN
TreeMap<String, Object> caseInsensitiveSignedHeaders = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
caseInsensitiveSignedHeaders.putAll(signedHeaders);
assertThat(caseInsensitiveSignedHeaders).containsKey("Authorization");
assertThat(caseInsensitiveSignedHeaders.get("Authorization")).isEqualTo(expectedAuthorizationHeader);
}
Example #14
| Source File: AnonymousCredentialsStrategy.java From nifi with Apache License 2.0 | 4 votes |
|
@Override
public AWSCredentialsProvider getCredentialsProvider(Map<PropertyDescriptor, String> properties) {
AnonymousAWSCredentials creds = new AnonymousAWSCredentials();
return new StaticCredentialsProvider(creds);
}
Example #15
| Source File: ProfileStaticCredentialsProvider.java From bazel with Apache License 2.0 | 4 votes |
|
public ProfileStaticCredentialsProvider(BasicProfile profile) {
this.profile = profile;
this.credentialsProvider = new StaticCredentialsProvider(fromStaticCredentials());
}
Example #16
| Source File: S3DaoTest.java From herd with Apache License 2.0 | 4 votes |
|
@Test
public void testGetAWSCredentialsProviderAssertStaticCredentialsSet()
{
S3Operations originalS3Operations = (S3Operations) ReflectionTestUtils.getField(s3Dao, "s3Operations");
S3Operations mockS3Operations = mock(S3Operations.class);
ReflectionTestUtils.setField(s3Dao, "s3Operations", mockS3Operations);
try
{
String s3BucketName = "s3BucketName";
String s3KeyPrefix = "s3KeyPrefix";
String s3AccessKey = "s3AccessKey";
String s3SecretKey = "s3SecretKey";
S3FileTransferRequestParamsDto s3FileTransferRequestParamsDto = new S3FileTransferRequestParamsDto();
s3FileTransferRequestParamsDto.setS3BucketName(s3BucketName);
s3FileTransferRequestParamsDto.setS3KeyPrefix(s3KeyPrefix);
s3FileTransferRequestParamsDto.setAwsAccessKeyId(s3AccessKey);
s3FileTransferRequestParamsDto.setAwsSecretKey(s3SecretKey);
when(mockS3Operations.putObject(any(), any())).then(new Answer<PutObjectResult>()
{
@SuppressWarnings("unchecked")
@Override
public PutObjectResult answer(InvocationOnMock invocation) throws Throwable
{
AmazonS3Client amazonS3Client = invocation.getArgument(1);
AWSCredentialsProviderChain awsCredentialsProviderChain =
(AWSCredentialsProviderChain) ReflectionTestUtils.getField(amazonS3Client, "awsCredentialsProvider");
List<AWSCredentialsProvider> credentialsProviders =
(List<AWSCredentialsProvider>) ReflectionTestUtils.getField(awsCredentialsProviderChain, "credentialsProviders");
// Expect 2 providers: the static provider, and the default provider
assertEquals(2, credentialsProviders.size());
// Only verify the static value
assertEquals(StaticCredentialsProvider.class, credentialsProviders.get(0).getClass());
StaticCredentialsProvider staticCredentialsProvider = (StaticCredentialsProvider) credentialsProviders.get(0);
assertEquals(s3AccessKey, staticCredentialsProvider.getCredentials().getAWSAccessKeyId());
assertEquals(s3SecretKey, staticCredentialsProvider.getCredentials().getAWSSecretKey());
return new PutObjectResult();
}
});
s3Dao.createDirectory(s3FileTransferRequestParamsDto);
}
finally
{
ReflectionTestUtils.setField(s3Dao, "s3Operations", originalS3Operations);
}
}
Example #17
| Source File: SkdSignerUtilTest.java From aws-signing-request-interceptor with MIT License | 4 votes |
|
/**
* Test case given in AWS Signing Test Suite (http://docs.aws.amazon.com/general/latest/gr/signature-v4-test-suite.html)
* (post-vanilla-query.*)
*
* POST /?Param1=value1 HTTP/1.1
* Host:example.amazonaws.com
* X-Amz-Date:20150830T123600Z
*
* @throws Exception
*/
@Test
public void testPostVanillaQuery() throws Exception {
// GIVEN
// Credentials
String awsAccessKey = "AKIDEXAMPLE";
String awsSecretKey = "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY";
AWSCredentials credentials = new BasicAWSCredentials(awsAccessKey, awsSecretKey);
AWSCredentialsProvider awsCredentialsProvider = new StaticCredentialsProvider(credentials);
String region = "us-east-1";
String service = "service";
// Date
Supplier<LocalDateTime> clock = () -> LocalDateTime.of(2015, 8, 30, 12, 36, 0);
String date = "20150830T123600Z";
// HTTP request
String host = "example.amazonaws.com";
String uri = "/";
String method = "POST";
Multimap<String, String> queryParams = ImmutableListMultimap.<String, String>builder()
.put("Param1", "value1")
.build();
Map<String, Object> headers = ImmutableMap.<String, Object>builder()
.put("X-Amz-Date", date)
.put("Host", host)
.build();
Optional<byte[]> payload = Optional.absent();
// expected auth header as per test suite
String expectedAuthorizationHeader = "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=28038455d6de14eafc1f9222cf5aa6f1a96197d7deb8263271d420d138af7f11";
// WHEN
// The request is signed
String actualAuthorizationHeader = SkdSignerUtil.getExpectedAuthorizationHeader(
new SkdSignerUtil.Request()
.setServiceName(service)
.setRegion(region)
.setDate( new SimpleDateFormat("yyyyMMdd'T'HHmmssXXX").parse(date))
.setHost(host)
.setUri(uri)
.setHttpMethod(method)
.setHeaders(headers)
.setQueryParams(queryParams)
.setCredentialsProvider(awsCredentialsProvider)
);
// THEN
assertEquals("Header does not match", expectedAuthorizationHeader, actualAuthorizationHeader);
}
Example #18
| Source File: SkdSignerUtilTest.java From aws-signing-request-interceptor with MIT License | 4 votes |
|
/**
* Test case given in AWS Signing Test Suite (http://docs.aws.amazon.com/general/latest/gr/signature-v4-test-suite.html)
* (get-utf8.*)
* <p>
* GET /ሴ HTTP/1.1
* Host:example.amazonaws.com
* X-Amz-Date:20150830T123600Z
*
* @throws Exception
*/
@Test
public void testGetUtf8() throws Exception {
// GIVEN
// Credentials
String awsAccessKey = "AKIDEXAMPLE";
String awsSecretKey = "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY";
AWSCredentials credentials = new BasicAWSCredentials(awsAccessKey, awsSecretKey);
AWSCredentialsProvider awsCredentialsProvider = new StaticCredentialsProvider(credentials);
String region = "us-east-1";
String service = "service";
// Date
String date = "20150830T123600Z";
// HTTP request
String host = "example.amazonaws.com";
String uri = "/ሴ";
String method = "GET";
Multimap<String, String> queryParams = ImmutableListMultimap.<String, String>builder()
.build();
Map<String, Object> headers = ImmutableMap.<String, Object>builder()
.put("Host", host)
.put("X-Amz-Date", date)
.build();
// expected auth header as per test suite
String expectedAuthorizationHeader = "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request, SignedHeaders=host;x-amz-date, Signature=8318018e0b0f223aa2bbf98705b62bb787dc9c0e678f255a891fd03141be5d85";
// WHEN
// The request is signed
String actualAuthorizationHeader = SkdSignerUtil.getExpectedAuthorizationHeader(
new SkdSignerUtil.Request()
.setServiceName(service)
.setRegion(region)
.setDate( new SimpleDateFormat("yyyyMMdd'T'HHmmssXXX").parse(date))
.setHost(host)
.setUri(uri)
.setHttpMethod(method)
.setHeaders(headers)
.setCredentialsProvider(awsCredentialsProvider)
);
// THEN
assertEquals("Header does not match", expectedAuthorizationHeader, actualAuthorizationHeader);
}
Example #19
| Source File: AWSSignerTest.java From aws-signing-request-interceptor with MIT License | 4 votes |
|
@Test
public void testGetQueryParamWithAsterisks() throws Exception {
// GIVEN
// Credentials
String awsAccessKey = "AKIDEXAMPLE";
String awsSecretKey = "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY";
AWSCredentials credentials = new BasicAWSCredentials(awsAccessKey, awsSecretKey);
AWSCredentialsProvider awsCredentialsProvider = new StaticCredentialsProvider(credentials);
String region = "us-east-1";
String service = "host";
// Date
Supplier<LocalDateTime> clock = () -> LocalDateTime.of(2011, 9, 9, 23, 36, 0);
// weird date : 09 Sep 2011 is a friday, not a monday
String date = "Mon, 09 Sep 2011 23:36:00 GMT";
// HTTP request
String host = "host.foo.com";
String uri = "/";
String method = "GET";
Multimap<String, String> queryParams = ImmutableListMultimap.<String, String>builder()
.put("_query", "ben*")
.build();
Map<String, Object> headers = ImmutableMap.<String, Object>builder()
.put("Date", date)
.put("Host", host + ":80")
.build();
Optional<byte[]> payload = Optional.absent();
// WHEN
// The request is signed
AWSSigner signer = new AWSSigner(awsCredentialsProvider, region, service, clock);
Map<String, Object> signedHeaders = signer.getSignedHeaders(uri, method, queryParams, headers, payload);
// THEN
// The signature must match the expected signature
String expectedSignature = "b108a8b23c3a760dc3b197ec480b20d9c9e210f4a389077f5721e458e30350bf";
String expectedAuthorizationHeader = format(
"AWS4-HMAC-SHA256 Credential=%s/20110909/%s/%s/aws4_request, SignedHeaders=date;host, Signature=%s",
awsAccessKey, region, service, expectedSignature
);
TreeMap<String, Object> caseInsensitiveSignedHeaders = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
caseInsensitiveSignedHeaders.putAll(signedHeaders);
assertThat(caseInsensitiveSignedHeaders).containsKey("Authorization");
assertThat(caseInsensitiveSignedHeaders.get("Authorization")).isEqualTo(expectedAuthorizationHeader);
assertThat(caseInsensitiveSignedHeaders).containsKey("Host");
assertThat(caseInsensitiveSignedHeaders.get("Host")).isEqualTo(host);
assertThat(caseInsensitiveSignedHeaders).containsKey("Date");
assertThat(caseInsensitiveSignedHeaders.get("Date")).isEqualTo(date);
assertThat(caseInsensitiveSignedHeaders).doesNotContainKey("X-Amz-Date");
}
Example #20
| Source File: AWSSignerTest.java From aws-signing-request-interceptor with MIT License | 4 votes |
|
@Test
public void testGetVanillaBase64QueryParam() throws Exception {
// GIVEN
// Credentials
String awsAccessKey = "AKIDEXAMPLE";
String awsSecretKey = "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY";
AWSCredentials credentials = new BasicAWSCredentials(awsAccessKey, awsSecretKey);
AWSCredentialsProvider awsCredentialsProvider = new StaticCredentialsProvider(credentials);
String region = "us-east-1";
String service = "host";
// Date
Supplier<LocalDateTime> clock = () -> LocalDateTime.of(2011, 9, 9, 23, 36, 0);
// weird date : 09 Sep 2011 is a friday, not a monday
String date = "Mon, 09 Sep 2011 23:36:00 GMT";
// HTTP request
String host = "host.foo.com";
String uri = "/";
String method = "GET";
Multimap<String, String> queryParams = ImmutableListMultimap.<String, String>builder()
.put("scrollId", "dGVzdA===")
.build();
Map<String, Object> headers = ImmutableMap.<String, Object>builder()
.put("Date", date)
.put("Host", host + ":80")
.build();
Optional<byte[]> payload = Optional.absent();
// WHEN
// The request is signed
AWSSigner signer = new AWSSigner(awsCredentialsProvider, region, service, clock);
Map<String, Object> signedHeaders = signer.getSignedHeaders(uri, method, queryParams, headers, payload);
// THEN
// The signature must match the expected signature
String expectedSignature = "ebec182ae6456633a8fecbd2737e60d6aec6b0da9cfa5731457e71edec83fde3";
String expectedAuthorizationHeader = format(
"AWS4-HMAC-SHA256 Credential=%s/20110909/%s/%s/aws4_request, SignedHeaders=date;host, Signature=%s",
awsAccessKey, region, service, expectedSignature
);
TreeMap<String, Object> caseInsensitiveSignedHeaders = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
caseInsensitiveSignedHeaders.putAll(signedHeaders);
assertThat(caseInsensitiveSignedHeaders).containsKey("Authorization");
assertThat(caseInsensitiveSignedHeaders.get("Authorization")).isEqualTo(expectedAuthorizationHeader);
assertThat(caseInsensitiveSignedHeaders).containsKey("Host");
assertThat(caseInsensitiveSignedHeaders.get("Host")).isEqualTo(host);
assertThat(caseInsensitiveSignedHeaders).containsKey("Date");
assertThat(caseInsensitiveSignedHeaders.get("Date")).isEqualTo(date);
assertThat(caseInsensitiveSignedHeaders).doesNotContainKey("X-Amz-Date");
}
Example #21
| Source File: AWSSignerTest.java From aws-signing-request-interceptor with MIT License | 4 votes |
|
@Test
public void testGetVanillaWithTempCreds() throws Exception {
// GIVEN
// Credentials
String awsAccessKey = "AKIDEXAMPLE";
String awsSecretKey = "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY";
String sessionToken = "AKIDEXAMPLESESSION";
AWSCredentials credentials = new BasicSessionCredentials(awsAccessKey, awsSecretKey, sessionToken);
AWSCredentialsProvider awsCredentialsProvider = new StaticCredentialsProvider(credentials);
String region = "us-east-1";
String service = "host";
// Date
Supplier<LocalDateTime> clock = () -> LocalDateTime.of(2011, 9, 9, 23, 36, 0);
// weird date : 09 Sep 2011 is a friday, not a monday
String date = "Mon, 09 Sep 2011 23:36:00 GMT";
// HTTP request
String host = "host.foo.com";
String uri = "/";
String method = "GET";
Multimap<String, String> queryParams = ImmutableListMultimap.<String, String>builder()
.build();
Map<String, Object> headers = ImmutableMap.<String, Object>builder()
.put("Date", date)
.put("Host", host)
.build();
Optional<byte[]> payload = Optional.absent();
// WHEN
// The request is signed
AWSSigner signer = new AWSSigner(awsCredentialsProvider, region, service, clock);
Map<String, Object> signedHeaders = signer.getSignedHeaders(uri, method, queryParams, headers, payload);
// THEN
// The signature must match the expected signature
String expectedSignature = "43abd9e63c148feb91c43fe2c9734eb44b7eb16078d484d3ff9b6249b62fdc60";
String expectedAuthorizationHeader = format(
"AWS4-HMAC-SHA256 Credential=%s/20110909/%s/%s/aws4_request, SignedHeaders=date;host;x-amz-security-token, Signature=%s",
awsAccessKey, region, service, expectedSignature
);
TreeMap<String, Object> caseInsensitiveSignedHeaders = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
caseInsensitiveSignedHeaders.putAll(signedHeaders);
assertThat(caseInsensitiveSignedHeaders).containsKey("Authorization");
assertThat(caseInsensitiveSignedHeaders.get("Authorization")).isEqualTo(expectedAuthorizationHeader);
assertThat(caseInsensitiveSignedHeaders).containsKey("Host");
assertThat(caseInsensitiveSignedHeaders.get("Host")).isEqualTo(host);
assertThat(caseInsensitiveSignedHeaders).containsKey("Date");
assertThat(caseInsensitiveSignedHeaders.get("Date")).isEqualTo(date);
assertThat(caseInsensitiveSignedHeaders).doesNotContainKey("X-Amz-Date");
assertThat(caseInsensitiveSignedHeaders).containsKey("X-Amz-Security-Token");
assertThat(caseInsensitiveSignedHeaders.get("X-Amz-Security-Token")).isEqualTo(sessionToken);
}
Example #22
| Source File: AWSSignerTest.java From aws-signing-request-interceptor with MIT License | 4 votes |
|
@Test
public void testGetVanillaWithoutDateHeader() throws Exception {
// GIVEN
// Credentials
String awsAccessKey = "AKIDEXAMPLE";
String awsSecretKey = "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY";
AWSCredentials credentials = new BasicAWSCredentials(awsAccessKey, awsSecretKey);
AWSCredentialsProvider awsCredentialsProvider = new StaticCredentialsProvider(credentials);
String region = "us-east-1";
String service = "host";
// Date
Supplier<LocalDateTime> clock = () -> LocalDateTime.of(2011, 9, 9, 23, 36, 0);
// weird date : 09 Sep 2011 is a friday, not a monday
String date = "20110909T233600Z";
// HTTP request
String host = "host.foo.com";
String uri = "/";
String method = "GET";
Multimap<String, String> queryParams = ImmutableListMultimap.<String, String>builder()
.build();
Map<String, Object> headers = ImmutableMap.<String, Object>builder()
.put("Host", host)
.build();
Optional<byte[]> payload = Optional.absent();
// WHEN
// The request is signed
AWSSigner signer = new AWSSigner(awsCredentialsProvider, region, service, clock);
Map<String, Object> signedHeaders = signer.getSignedHeaders(uri, method, queryParams, headers, payload);
// THEN
// The signature must match the expected signature
String expectedSignature = "904f8c568bca8bd2618b9241a7f2a8d90f279e717fd0f6727af189668b040151";
String expectedAuthorizationHeader = format(
"AWS4-HMAC-SHA256 Credential=%s/20110909/%s/%s/aws4_request, SignedHeaders=host;x-amz-date, Signature=%s",
awsAccessKey, region, service, expectedSignature
);
TreeMap<String, Object> caseInsensitiveSignedHeaders = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
caseInsensitiveSignedHeaders.putAll(signedHeaders);
assertThat(caseInsensitiveSignedHeaders).containsKey("Authorization");
assertThat(caseInsensitiveSignedHeaders.get("Authorization")).isEqualTo(expectedAuthorizationHeader);
assertThat(caseInsensitiveSignedHeaders).containsKey("Host");
assertThat(caseInsensitiveSignedHeaders.get("Host")).isEqualTo(host);
assertThat(caseInsensitiveSignedHeaders).containsKey("X-Amz-Date");
assertThat(caseInsensitiveSignedHeaders.get("X-Amz-Date")).isEqualTo(date);
assertThat(caseInsensitiveSignedHeaders).doesNotContainKey("Date");
}
Example #23
| Source File: AWSSignerTest.java From aws-signing-request-interceptor with MIT License | 4 votes |
|
/**
* Test case for signing an index request with an encodable id
*
* @throws Exception
*/
@Test
public void testPostEncodedId() throws Exception {
// GIVEN
// Credentials
String awsAccessKey = "AKIDEXAMPLE";
String awsSecretKey = "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY";
AWSCredentials credentials = new BasicAWSCredentials(awsAccessKey, awsSecretKey);
AWSCredentialsProvider awsCredentialsProvider = new StaticCredentialsProvider(credentials);
String region = "us-east-1";
String service = "service";
// Date
Supplier<LocalDateTime> clock = () -> LocalDateTime.of(2015, 8, 30, 12, 36, 0);
String date = "20150830T123600Z";
// HTTP request
String host = "example.amazonaws.com";
String uri = "/index_name/type_name/joe%40example.com";
String method = "PUT";
Multimap<String, String> queryParams = ImmutableListMultimap.<String, String>builder()
.build();
Map<String, Object> headers = ImmutableMap.<String, Object>builder()
.put("X-Amz-Date", date)
.put("Host", host)
.build();
String body = "{\n"
+ " \"user\" : \"kimchy\",\n"
+ " \"post_date\" : \"2009-11-15T14:12:12\",\n"
+ " \"message\" : \"trying out Elasticsearch\"\n"
+ "}";
Optional<byte[]> payload = Optional.of(body.getBytes("utf-8"));
String expectedAuthorizationHeader = SkdSignerUtil.getExpectedAuthorizationHeader(
new SkdSignerUtil.Request()
.setServiceName(service)
.setRegion(region)
.setDate( new SimpleDateFormat("yyyyMMdd'T'HHmmssXXX").parse(date))
.setHost(host)
.setUri(uri)
.setHttpMethod(method)
.setHeaders(headers)
.setQueryParams(queryParams)
.setCredentialsProvider(awsCredentialsProvider)
.setBody(body)
);
// WHEN
// The request is signed
AWSSigner signer = new AWSSigner(awsCredentialsProvider, region, service, clock);
Map<String, Object> signedHeaders = signer.getSignedHeaders(uri, method, queryParams, headers, payload);
// THEN
// The signature must match the expected signature
TreeMap<String, Object> caseInsensitiveSignedHeaders = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
caseInsensitiveSignedHeaders.putAll(signedHeaders);
assertThat(caseInsensitiveSignedHeaders).containsKey("Authorization");
assertThat(caseInsensitiveSignedHeaders.get("Authorization")).isEqualTo(expectedAuthorizationHeader);
}
Example #24
| Source File: AWSSignerTest.java From aws-signing-request-interceptor with MIT License | 4 votes |
|
/**
* Test case for signing an index request with an encodable id
*
* @throws Exception
*/
@Test
public void testPostEncodeableId() throws Exception {
// GIVEN
// Credentials
String awsAccessKey = "AKIDEXAMPLE";
String awsSecretKey = "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY";
AWSCredentials credentials = new BasicAWSCredentials(awsAccessKey, awsSecretKey);
AWSCredentialsProvider awsCredentialsProvider = new StaticCredentialsProvider(credentials);
String region = "us-east-1";
String service = "service";
// Date
Supplier<LocalDateTime> clock = () -> LocalDateTime.of(2015, 8, 30, 12, 36, 0);
String date = "20150830T123600Z";
// HTTP request
String host = "example.amazonaws.com";
String uri = "/index_name/type_name/[email protected]";
String method = "PUT";
Multimap<String, String> queryParams = ImmutableListMultimap.<String, String>builder()
.build();
Map<String, Object> headers = ImmutableMap.<String, Object>builder()
.put("X-Amz-Date", date)
.put("Host", host)
.build();
String body = "{\n"
+ " \"user\" : \"kimchy\",\n"
+ " \"post_date\" : \"2009-11-15T14:12:12\",\n"
+ " \"message\" : \"trying out Elasticsearch\"\n"
+ "}";
Optional<byte[]> payload = Optional.of(body.getBytes("utf-8"));
String expectedAuthorizationHeader = SkdSignerUtil.getExpectedAuthorizationHeader(
new SkdSignerUtil.Request()
.setServiceName(service)
.setRegion(region)
.setDate( new SimpleDateFormat("yyyyMMdd'T'HHmmssXXX").parse(date))
.setHost(host)
.setUri(uri)
.setHttpMethod(method)
.setHeaders(headers)
.setQueryParams(queryParams)
.setCredentialsProvider(awsCredentialsProvider)
.setBody(body)
);
// WHEN
// The request is signed
AWSSigner signer = new AWSSigner(awsCredentialsProvider, region, service, clock);
Map<String, Object> signedHeaders = signer.getSignedHeaders(uri, method, queryParams, headers, payload);
// THEN
// The signature must match the expected signature
TreeMap<String, Object> caseInsensitiveSignedHeaders = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
caseInsensitiveSignedHeaders.putAll(signedHeaders);
assertThat(caseInsensitiveSignedHeaders).containsKey("Authorization");
assertThat(caseInsensitiveSignedHeaders.get("Authorization")).isEqualTo(expectedAuthorizationHeader);
}
Example #25
| Source File: AWSSignerTest.java From aws-signing-request-interceptor with MIT License | 4 votes |
|
/**
* Test case given in AWS Signing Test Suite (http://docs.aws.amazon.com/general/latest/gr/signature-v4-test-suite.html)
* (post-vanilla-query.*)
* <p>
* POST /?foo=bar http/1.1
* Date:Mon, 09 Sep 2011 23:36:00 GMT
* Host:host.foo.com
*
* @throws Exception
*/
@Test
public void testPostVanillaQuery() throws Exception {
// GIVEN
// Credentials
String awsAccessKey = "AKIDEXAMPLE";
String awsSecretKey = "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY";
AWSCredentials credentials = new BasicAWSCredentials(awsAccessKey, awsSecretKey);
AWSCredentialsProvider awsCredentialsProvider = new StaticCredentialsProvider(credentials);
String region = "us-east-1";
String service = "host";
// Date
Supplier<LocalDateTime> clock = () -> LocalDateTime.of(2011, 9, 9, 23, 36, 0);
// weird date : 09 Sep 2011 is a friday, not a monday
String date = "Mon, 09 Sep 2011 23:36:00 GMT";
// HTTP request
String host = "host.foo.com";
String uri = "/";
String method = "POST";
Multimap<String, String> queryParams = ImmutableListMultimap.<String, String>builder()
.put("foo", "bar")
.build();
Map<String, Object> headers = ImmutableMap.<String, Object>builder()
.put("Date", date)
.put("Host", host)
.build();
Optional<byte[]> payload = Optional.absent();
// WHEN
// The request is signed
AWSSigner signer = new AWSSigner(awsCredentialsProvider, region, service, clock);
Map<String, Object> signedHeaders = signer.getSignedHeaders(uri, method, queryParams, headers, payload);
// THEN
// The signature must match the expected signature
String expectedSignature = "b6e3b79003ce0743a491606ba1035a804593b0efb1e20a11cba83f8c25a57a92";
String expectedAuthorizationHeader = format(
"AWS4-HMAC-SHA256 Credential=%s/20110909/%s/%s/aws4_request, SignedHeaders=date;host, Signature=%s",
awsAccessKey, region, service, expectedSignature
);
TreeMap<String, Object> caseInsensitiveSignedHeaders = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
caseInsensitiveSignedHeaders.putAll(signedHeaders);
assertThat(caseInsensitiveSignedHeaders).containsKey("Authorization");
assertThat(caseInsensitiveSignedHeaders.get("Authorization")).isEqualTo(expectedAuthorizationHeader);
assertThat(caseInsensitiveSignedHeaders).containsKey("Host");
assertThat(caseInsensitiveSignedHeaders.get("Host")).isEqualTo(host);
assertThat(caseInsensitiveSignedHeaders).containsKey("Date");
assertThat(caseInsensitiveSignedHeaders.get("Date")).isEqualTo(date);
assertThat(caseInsensitiveSignedHeaders).doesNotContainKey("X-Amz-Date");
}
Example #26
| Source File: AWSSignerTest.java From aws-signing-request-interceptor with MIT License | 4 votes |
|
/**
* Test case given in AWS Signing Test Suite (http://docs.aws.amazon.com/general/latest/gr/signature-v4-test-suite.html)
* (get-vanilla.*)
* <p>
* GET / http/1.1
* Date:Mon, 09 Sep 2011 23:36:00 GMT
* Host:host.foo.com
*
* @throws Exception
*/
@Test
public void testGetVanilla() throws Exception {
// GIVEN
// Credentials
String awsAccessKey = "AKIDEXAMPLE";
String awsSecretKey = "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY";
AWSCredentials credentials = new BasicAWSCredentials(awsAccessKey, awsSecretKey);
AWSCredentialsProvider awsCredentialsProvider = new StaticCredentialsProvider(credentials);
String region = "us-east-1";
String service = "host";
// Date
Supplier<LocalDateTime> clock = () -> LocalDateTime.of(2011, 9, 9, 23, 36, 0);
// weird date : 09 Sep 2011 is a friday, not a monday
String date = "Mon, 09 Sep 2011 23:36:00 GMT";
// HTTP request
String host = "host.foo.com";
String uri = "/";
String method = "GET";
Multimap<String, String> queryParams = ImmutableListMultimap.<String, String>builder()
.build();
Map<String, Object> headers = ImmutableMap.<String, Object>builder()
.put("Date", date)
.put("Host", host + ":80")
.build();
Optional<byte[]> payload = Optional.absent();
// WHEN
// The request is signed
AWSSigner signer = new AWSSigner(awsCredentialsProvider, region, service, clock);
Map<String, Object> signedHeaders = signer.getSignedHeaders(uri, method, queryParams, headers, payload);
// THEN
// The signature must match the expected signature
String expectedSignature = "b27ccfbfa7df52a200ff74193ca6e32d4b48b8856fab7ebf1c595d0670a7e470";
String expectedAuthorizationHeader = format(
"AWS4-HMAC-SHA256 Credential=%s/20110909/%s/%s/aws4_request, SignedHeaders=date;host, Signature=%s",
awsAccessKey, region, service, expectedSignature
);
TreeMap<String, Object> caseInsensitiveSignedHeaders = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
caseInsensitiveSignedHeaders.putAll(signedHeaders);
assertThat(caseInsensitiveSignedHeaders).containsKey("Authorization");
assertThat(caseInsensitiveSignedHeaders.get("Authorization")).isEqualTo(expectedAuthorizationHeader);
assertThat(caseInsensitiveSignedHeaders).containsKey("Host");
assertThat(caseInsensitiveSignedHeaders.get("Host")).isEqualTo(host);
assertThat(caseInsensitiveSignedHeaders).containsKey("Date");
assertThat(caseInsensitiveSignedHeaders.get("Date")).isEqualTo(date);
assertThat(caseInsensitiveSignedHeaders).doesNotContainKey("X-Amz-Date");
}
Example #27
| Source File: StandardStashReader.java From emodb with Apache License 2.0 | 4 votes |
|
public static StandardStashReader getInstance(URI stashRoot, String accessKey, String secretKey,
ClientConfiguration s3Config) {
return getInstance(stashRoot, new StaticCredentialsProvider(new BasicAWSCredentials(accessKey, secretKey)), s3Config);
}
Example #28
| Source File: StandardStashReader.java From emodb with Apache License 2.0 | 4 votes |
|
public static StandardStashReader getInstance(URI stashRoot, String accessKey, String secretKey) {
return getInstance(stashRoot, new StaticCredentialsProvider(new BasicAWSCredentials(accessKey, secretKey)), null);
}
Example #29
| Source File: FixedStashReader.java From emodb with Apache License 2.0 | 4 votes |
|
public static FixedStashReader getInstance(URI stashRoot, String accessKey, String secretKey) {
return getInstance(stashRoot, new StaticCredentialsProvider(new BasicAWSCredentials(accessKey, secretKey)));
}
Example #30
| Source File: AnonymousCredentialsStrategy.java From localization_nifi with Apache License 2.0 | 4 votes |
|
@Override
public AWSCredentialsProvider getCredentialsProvider(Map<PropertyDescriptor, String> properties) {
AnonymousAWSCredentials creds = new AnonymousAWSCredentials();
return new StaticCredentialsProvider(creds);
}
