git.basschouten.com Git - openhab-addons.git/blob

   1 /**
   2  * Copyright (c) 2010-2023 Contributors to the openHAB project
   3  *
   4  * See the NOTICE file(s) distributed with this work for additional
   5  * information.
   6  *
   7  * This program and the accompanying materials are made available under the
   8  * terms of the Eclipse Public License 2.0 which is available at
   9  * http://www.eclipse.org/legal/epl-2.0
  10  *
  11  * SPDX-License-Identifier: EPL-2.0
  12  */
  13 package org.openhab.binding.folderwatcher.internal.api.auth;
  14
  15 import java.net.URL;
  16 import java.util.Date;
  17 import java.util.Map;
  18
  19 import org.eclipse.jdt.annotation.NonNullByDefault;
  20 import org.openhab.binding.folderwatcher.internal.api.util.BinaryUtils;
  21
  22 /**
  23  * The {@link AWS4SignerForAuthorizationHeader} class contains methods for AWS S3 API authentication using HTTP(S)
  24  * headers.
  25  * <p>
  26  * Based on offical AWS example {@see https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-examples-using-sdks.html}
  27  *
  28  * @author Alexandr Salamatov - Initial contribution
  29  */
  30 @NonNullByDefault
  31 public class AWS4SignerForAuthorizationHeader extends AWS4SignerBase {
  32
  33     public AWS4SignerForAuthorizationHeader(URL endpointUrl, String httpMethod, String serviceName, String regionName) {
  34         super(endpointUrl, httpMethod, serviceName, regionName);
  35     }
  36
  37     public String computeSignature(Map<String, String> headers, Map<String, String> queryParameters, String bodyHash,
  38             String awsAccessKey, String awsSecretKey) {
  39         Date now = new Date();
  40         String dateTimeStamp = dateTimeFormat.format(now);
  41         headers.put("x-amz-date", dateTimeStamp);
  42         String hostHeader = endpointUrl.getHost();
  43         int port = endpointUrl.getPort();
  44         if (port > -1) {
  45             hostHeader.concat(":" + Integer.toString(port));
  46         }
  47         headers.put("Host", hostHeader);
  48
  49         String canonicalizedHeaderNames = getCanonicalizeHeaderNames(headers);
  50         String canonicalizedHeaders = getCanonicalizedHeaderString(headers);
  51         String canonicalizedQueryParameters = getCanonicalizedQueryString(queryParameters);
  52         String canonicalRequest = getCanonicalRequest(endpointUrl, httpMethod, canonicalizedQueryParameters,
  53                 canonicalizedHeaderNames, canonicalizedHeaders, bodyHash);
  54         String dateStamp = dateStampFormat.format(now);
  55         String scope = dateStamp + "/" + regionName + "/" + serviceName + "/" + TERMINATOR;
  56         String stringToSign = getStringToSign(SCHEME, ALGORITHM, dateTimeStamp, scope, canonicalRequest);
  57         byte[] kSecret = (SCHEME + awsSecretKey).getBytes();
  58         byte[] kDate = sign(dateStamp, kSecret, "HmacSHA256");
  59         byte[] kRegion = sign(regionName, kDate, "HmacSHA256");
  60         byte[] kService = sign(serviceName, kRegion, "HmacSHA256");
  61         byte[] kSigning = sign(TERMINATOR, kService, "HmacSHA256");
  62         byte[] signature = sign(stringToSign, kSigning, "HmacSHA256");
  63         String credentialsAuthorizationHeader = "Credential=" + awsAccessKey + "/" + scope;
  64         String signedHeadersAuthorizationHeader = "SignedHeaders=" + canonicalizedHeaderNames;
  65         String signatureAuthorizationHeader = "Signature=" + BinaryUtils.toHex(signature);
  66         String authorizationHeader = SCHEME + "-" + ALGORITHM + " " + credentialsAuthorizationHeader + ", "
  67                 + signedHeadersAuthorizationHeader + ", " + signatureAuthorizationHeader;
  68         return authorizationHeader;
  69     }
  70 }