public abstract class AbstractAWSSigner extends Object implements Signer
Not intended to be sub-classed by developers.
Modifier and Type | Field and Description |
---|---|
static String |
EMPTY_STRING_SHA256_HEX |
Constructor and Description |
---|
AbstractAWSSigner() |
Modifier and Type | Method and Description |
---|---|
protected abstract void |
addSessionCredentials(SignableRequest<?> request,
AWSSessionCredentials credentials)
Adds session credentials to the request given.
|
protected byte[] |
getBinaryRequestPayload(SignableRequest<?> request)
Returns the request's payload as binary data.
|
protected InputStream |
getBinaryRequestPayloadStream(SignableRequest<?> request) |
protected InputStream |
getBinaryRequestPayloadStreamWithoutQueryParams(SignableRequest<?> request) |
protected byte[] |
getBinaryRequestPayloadWithoutQueryParams(SignableRequest<?> request)
Returns the request's payload contents as binary data, without processing
any query string params (i.e.
|
protected String |
getCanonicalizedEndpoint(URI endpoint) |
protected String |
getCanonicalizedQueryString(Map<String,List<String>> parameters)
Examines the specified query string parameters and returns a
canonicalized form.
|
protected String |
getCanonicalizedQueryString(SignableRequest<?> request) |
protected String |
getCanonicalizedResourcePath(String resourcePath) |
protected String |
getCanonicalizedResourcePath(String resourcePath,
boolean urlEncode)
This method takes in a resourcePath and canonicalizes it by adding an initial slash ("\") if
that isn't already present.
|
protected String |
getRequestPayload(SignableRequest<?> request)
Returns the request's payload as a String.
|
protected String |
getRequestPayloadWithoutQueryParams(SignableRequest<?> request)
Returns the request's payload contents as a String, without processing
any query string params (i.e.
|
protected Date |
getSignatureDate(int offsetInSeconds)
Returns the current time minus the given offset in seconds.
|
protected int |
getTimeOffset(SignableRequest<?> request)
Deprecated.
|
byte[] |
hash(byte[] data)
Hashes the binary data using the SHA-256 algorithm.
|
protected byte[] |
hash(InputStream input) |
byte[] |
hash(String text)
Hashes the string contents (assumed to be UTF-8) using the SHA-256
algorithm.
|
protected String |
newString(byte[] bytes)
Safely converts a UTF-8 encoded byte array into a String.
|
protected AWSCredentials |
sanitizeCredentials(AWSCredentials credentials)
Loads the individual access key ID and secret key from the specified
credentials, ensuring that access to the credentials is synchronized on
the credentials object itself, and trimming any extra whitespace from the
credentials.
|
protected byte[] |
sign(byte[] data,
byte[] key,
SigningAlgorithm algorithm) |
byte[] |
sign(String stringData,
byte[] key,
SigningAlgorithm algorithm) |
protected String |
signAndBase64Encode(byte[] data,
String key,
SigningAlgorithm algorithm)
Computes an RFC 2104-compliant HMAC signature for an array of bytes and
returns the result as a Base64 encoded string.
|
protected String |
signAndBase64Encode(String data,
String key,
SigningAlgorithm algorithm)
Computes an RFC 2104-compliant HMAC signature and returns the result as a
Base64 encoded string.
|
byte[] |
signWithMac(String stringData,
Mac mac) |
public static final String EMPTY_STRING_SHA256_HEX
protected String signAndBase64Encode(String data, String key, SigningAlgorithm algorithm) throws SdkClientException
SdkClientException
protected String signAndBase64Encode(byte[] data, String key, SigningAlgorithm algorithm) throws SdkClientException
SdkClientException
public byte[] sign(String stringData, byte[] key, SigningAlgorithm algorithm) throws SdkClientException
SdkClientException
protected byte[] sign(byte[] data, byte[] key, SigningAlgorithm algorithm) throws SdkClientException
SdkClientException
public byte[] hash(String text) throws SdkClientException
text
- The string to hash.SdkClientException
- If the hash cannot be computed.protected byte[] hash(InputStream input) throws SdkClientException
SdkClientException
public byte[] hash(byte[] data) throws SdkClientException
data
- The binary data to hash.SdkClientException
- If the hash cannot be computed.protected String getCanonicalizedQueryString(Map<String,List<String>> parameters)
The canonicalized query string is formed by first sorting all the query string parameters, then URI encoding both the key and value and then joining them, in order, separating key value pairs with an '&'.
parameters
- The query string parameters to be canonicalized.protected String getCanonicalizedQueryString(SignableRequest<?> request)
protected byte[] getBinaryRequestPayload(SignableRequest<?> request)
request
- The requestprotected String getRequestPayload(SignableRequest<?> request)
request
- The requestprotected String getRequestPayloadWithoutQueryParams(SignableRequest<?> request)
request
- The requestprotected byte[] getBinaryRequestPayloadWithoutQueryParams(SignableRequest<?> request)
request
- The requestprotected InputStream getBinaryRequestPayloadStream(SignableRequest<?> request)
protected InputStream getBinaryRequestPayloadStreamWithoutQueryParams(SignableRequest<?> request)
protected String getCanonicalizedResourcePath(String resourcePath, boolean urlEncode)
resourcePath
- a path that may be urlEncodedurlEncode
- true if canonicalization should include double url encodeprotected AWSCredentials sanitizeCredentials(AWSCredentials credentials)
Returns either a BasicSessionCredentials
or a
BasicAWSCredentials
object, depending on the input type.
credentials
- protected String newString(byte[] bytes)
bytes
- UTF-8 encoded binary character data.protected Date getSignatureDate(int offsetInSeconds)
offsetInSeconds
- offset in seconds@Deprecated protected int getTimeOffset(SignableRequest<?> request)
protected abstract void addSessionCredentials(SignableRequest<?> request, AWSSessionCredentials credentials)
request
- The request to add session credentials information tocredentials
- The session credentials to add to the requestCopyright © 2021. All rights reserved.