113
113
ByteArrayOutputStream bos = new ByteArrayOutputStream();
114
114
httpRequest.getContent( ).readBytes( bos, httpRequest.getContent( ).readableBytes( ) );
115
115
String blah = bos.toString( );
116
117
if ( !parameters.containsKey( SecurityParameter.AWSAccessKeyId.toString( ) ) ) throw new AuthenticationException( "Missing required parameter: " + SecurityParameter.AWSAccessKeyId );
117
118
if ( !parameters.containsKey( SecurityParameter.Signature.toString( ) ) ) throw new AuthenticationException( "Missing required parameter: " + SecurityParameter.Signature );
118
119
// :: note we remove the sig :://
141
142
int sigVersion = Integer.parseInt( sigVersionString );
142
143
if ( sigVersion == 1 ) {
143
144
String canonicalString = HmacUtils.makeSubjectString( parameters );
144
LOG.debug( "VERSION1-STRING: " + canonicalString );
145
LOG.trace( "VERSION1-STRING: " + canonicalString );
145
146
String computedSig = HmacUtils.getSignature( secretKey, canonicalString, Hashes.Mac.HmacSHA1 );
146
LOG.debug( "VERSION1-SHA1: " + computedSig + " -- " + sig );
147
LOG.trace( "VERSION1-SHA1: " + computedSig + " -- " + sig );
147
148
String decodedSig = URLDecoder.decode( sig ).replaceAll( "=", "" );
148
149
if ( !computedSig.equals( sig.replaceAll( "=", "" ) ) && !computedSig.equals( decodedSig ) && !computedSig.equals( sig ) ) {
149
150
throw new AuthenticationException( "User authentication failed." );
153
154
String canonicalStringWithPort = HmacUtils.makeV2SubjectString( verb, headerHost + ":" + headerPort, addr, parameters );
154
155
String computedSig = HmacUtils.getSignature( secretKey, canonicalString, Hashes.Mac.HmacSHA256 );
155
156
String computedSigWithPort = HmacUtils.getSignature( secretKey, canonicalStringWithPort, Hashes.Mac.HmacSHA256 );
156
LOG.debug( "VERSION2-STRING: " + canonicalString );
157
LOG.debug( "VERSION2-SHA256: " + computedSig + " -- " + sig );
158
LOG.debug( "VERSION2-STRING-PORT: " + canonicalString );
159
LOG.debug( "VERSION2-SHA256-PORT: " + computedSigWithPort + " -- " + sig );
157
LOG.trace( "VERSION2-STRING: " + canonicalString );
158
LOG.trace( "VERSION2-SHA256: " + computedSig + " -- " + sig );
159
LOG.trace( "VERSION2-STRING-PORT: " + canonicalString );
160
LOG.trace( "VERSION2-SHA256-PORT: " + computedSigWithPort + " -- " + sig );
160
161
if ( !computedSig.equals( sig ) && !computedSigWithPort.equals( sig ) ) {
161
162
sig = URLDecoder.decode( sig ).replaceAll("=","");
162
computedSig = HmacUtils.getSignature( secretKey, canonicalString.replaceAll("\\+","%20"), Hashes.Mac.HmacSHA256 ).replaceAll("\\+"," ");
163
computedSigWithPort = HmacUtils.getSignature( secretKey, canonicalStringWithPort.replaceAll("\\+","%20"), Hashes.Mac.HmacSHA256 ).replaceAll("\\+"," ");
163
computedSig = HmacUtils.getSignature( secretKey, canonicalString.replaceAll("\\+","%2B"), Hashes.Mac.HmacSHA256 ).replaceAll("\\+"," ");
164
computedSigWithPort = HmacUtils.getSignature( secretKey, canonicalStringWithPort.replaceAll("\\+","%2B"), Hashes.Mac.HmacSHA256 ).replaceAll("\\+"," ");
164
165
if( !computedSig.equals( sig ) && !computedSigWithPort.equals( sig ) ) {
165
throw new AuthenticationException( "User authentication failed." );
166
computedSig = HmacUtils.getSignature( secretKey, canonicalString.replaceAll("\\+","%20"), Hashes.Mac.HmacSHA256 ).replaceAll("\\+"," ");
167
computedSigWithPort = HmacUtils.getSignature( secretKey, canonicalStringWithPort.replaceAll("\\+","%20"), Hashes.Mac.HmacSHA256 ).replaceAll("\\+"," ");
168
if( !computedSig.equals( sig ) && !computedSigWithPort.equals( sig ) ) {
169
throw new AuthenticationException( "User authentication failed." );
added
removed
clc/modules/wsstack/src/main/java/com/eucalyptus/ws/handlers/HmacV2Handler.java
