• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright 2021 Google LLC
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions are
6  * met:
7  *
8  *    * Redistributions of source code must retain the above copyright
9  * notice, this list of conditions and the following disclaimer.
10  *    * Redistributions in binary form must reproduce the above
11  * copyright notice, this list of conditions and the following disclaimer
12  * in the documentation and/or other materials provided with the
13  * distribution.
14  *
15  *    * Neither the name of Google LLC nor the names of its
16  * contributors may be used to endorse or promote products derived from
17  * this software without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
22  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
23  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
25  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30  */
31 
32 package com.google.auth.oauth2;
33 
34 import com.google.errorprone.annotations.CanIgnoreReturnValue;
35 import java.util.HashMap;
36 import java.util.Map;
37 
38 /**
39  * Stores the AWS API request signature based on the AWS Signature Version 4 signing process, and
40  * the parameters used in the signing process.
41  */
42 class AwsRequestSignature {
43 
44   private AwsSecurityCredentials awsSecurityCredentials;
45   private Map<String, String> canonicalHeaders;
46 
47   private String signature;
48   private String credentialScope;
49   private String url;
50   private String httpMethod;
51   private String date;
52   private String region;
53   private String authorizationHeader;
54 
AwsRequestSignature( AwsSecurityCredentials awsSecurityCredentials, Map<String, String> canonicalHeaders, String signature, String credentialScope, String url, String httpMethod, String date, String region, String authorizationHeader)55   private AwsRequestSignature(
56       AwsSecurityCredentials awsSecurityCredentials,
57       Map<String, String> canonicalHeaders,
58       String signature,
59       String credentialScope,
60       String url,
61       String httpMethod,
62       String date,
63       String region,
64       String authorizationHeader) {
65     this.awsSecurityCredentials = awsSecurityCredentials;
66     this.canonicalHeaders = canonicalHeaders;
67     this.signature = signature;
68     this.credentialScope = credentialScope;
69     this.url = url;
70     this.httpMethod = httpMethod;
71     this.date = date;
72     this.region = region;
73     this.authorizationHeader = authorizationHeader;
74   }
75 
76   /** Returns the request signature based on the AWS Signature Version 4 signing process. */
getSignature()77   String getSignature() {
78     return signature;
79   }
80 
81   /** Returns the credential scope. e.g. 20150830/us-east-1/iam/aws4_request */
getCredentialScope()82   String getCredentialScope() {
83     return credentialScope;
84   }
85 
86   /** Returns the AWS security credentials. */
getSecurityCredentials()87   AwsSecurityCredentials getSecurityCredentials() {
88     return awsSecurityCredentials;
89   }
90 
91   /** Returns the request URL. */
getUrl()92   String getUrl() {
93     return url;
94   }
95 
96   /** Returns the HTTP request method. */
getHttpMethod()97   String getHttpMethod() {
98     return httpMethod;
99   }
100 
101   /** Returns the HTTP request canonical headers. */
getCanonicalHeaders()102   Map<String, String> getCanonicalHeaders() {
103     return new HashMap<>(canonicalHeaders);
104   }
105 
106   /** Returns the request date. */
getDate()107   String getDate() {
108     return date;
109   }
110 
111   /** Returns the targeted region. */
getRegion()112   String getRegion() {
113     return region;
114   }
115 
116   /** Returns the authorization header. */
getAuthorizationHeader()117   String getAuthorizationHeader() {
118     return authorizationHeader;
119   }
120 
121   static class Builder {
122 
123     private AwsSecurityCredentials awsSecurityCredentials;
124     private Map<String, String> canonicalHeaders;
125 
126     private String signature;
127     private String credentialScope;
128     private String url;
129     private String httpMethod;
130     private String date;
131     private String region;
132     private String authorizationHeader;
133 
134     @CanIgnoreReturnValue
setSignature(String signature)135     Builder setSignature(String signature) {
136       this.signature = signature;
137       return this;
138     }
139 
140     @CanIgnoreReturnValue
setCredentialScope(String credentialScope)141     Builder setCredentialScope(String credentialScope) {
142       this.credentialScope = credentialScope;
143       return this;
144     }
145 
146     @CanIgnoreReturnValue
setSecurityCredentials(AwsSecurityCredentials awsSecurityCredentials)147     Builder setSecurityCredentials(AwsSecurityCredentials awsSecurityCredentials) {
148       this.awsSecurityCredentials = awsSecurityCredentials;
149       return this;
150     }
151 
152     @CanIgnoreReturnValue
setUrl(String url)153     Builder setUrl(String url) {
154       this.url = url;
155       return this;
156     }
157 
158     @CanIgnoreReturnValue
setHttpMethod(String httpMethod)159     Builder setHttpMethod(String httpMethod) {
160       this.httpMethod = httpMethod;
161       return this;
162     }
163 
164     @CanIgnoreReturnValue
setCanonicalHeaders(Map<String, String> canonicalHeaders)165     Builder setCanonicalHeaders(Map<String, String> canonicalHeaders) {
166       this.canonicalHeaders = new HashMap<>(canonicalHeaders);
167       return this;
168     }
169 
170     @CanIgnoreReturnValue
setDate(String date)171     Builder setDate(String date) {
172       this.date = date;
173       return this;
174     }
175 
176     @CanIgnoreReturnValue
setRegion(String region)177     Builder setRegion(String region) {
178       this.region = region;
179       return this;
180     }
181 
182     @CanIgnoreReturnValue
setAuthorizationHeader(String authorizationHeader)183     Builder setAuthorizationHeader(String authorizationHeader) {
184       this.authorizationHeader = authorizationHeader;
185       return this;
186     }
187 
build()188     AwsRequestSignature build() {
189       return new AwsRequestSignature(
190           awsSecurityCredentials,
191           canonicalHeaders,
192           signature,
193           credentialScope,
194           url,
195           httpMethod,
196           date,
197           region,
198           authorizationHeader);
199     }
200   }
201 }
202