public override void Sign(IRequest request, IClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey)
{
var signer = SelectSigner(this, _useSigV4, request, clientConfig);
var aws4Signer = signer as AWS4Signer;
var useV4 = aws4Signer != null;
if (useV4)
{
AmazonS3Uri s3Uri;
if (AmazonS3Uri.TryParseAmazonS3Uri(request.Endpoint, out s3Uri))
{
if (s3Uri.Bucket != null)
{
RegionEndpoint cachedRegion;
if (BucketRegionDetector.BucketRegionCache.TryGetValue(s3Uri.Bucket, out cachedRegion))
{
request.AlternateEndpoint = cachedRegion;
}
}
}
var signingResult = aws4Signer.SignRequest(request, clientConfig, metrics, awsAccessKeyId, awsSecretAccessKey);
request.Headers[HeaderKeys.AuthorizationHeader] = signingResult.ForAuthorizationHeader;
if (request.UseChunkEncoding)
{
request.AWS4SignerResult = signingResult;
}
}
else
{
SignRequest(request, metrics, awsAccessKeyId, awsSecretAccessKey);
}
}
internal static async Task <bool> SharedRetryForExceptionAsync(Runtime.IExecutionContext executionContext, Exception exception,
Func <Runtime.IExecutionContext, Exception, bool?> retryForExceptionSync,
Func <Runtime.IExecutionContext, Exception, bool> baseRetryForException)
{
var syncResult = retryForExceptionSync(executionContext, exception);
if (syncResult.HasValue)
{
return(syncResult.Value);
}
else
{
var serviceException = exception as AmazonServiceException;
string correctedRegion = null;
AmazonS3Uri s3BucketUri;
if (AmazonS3Uri.TryParseAmazonS3Uri(executionContext.RequestContext.Request.Endpoint, out s3BucketUri))
{
var credentials = executionContext.RequestContext.ImmutableCredentials;
correctedRegion = await BucketRegionDetector.DetectMismatchWithHeadBucketFallbackAsync(s3BucketUri, serviceException, credentials).ConfigureAwait(false);
}
if (correctedRegion == null)
{
return(baseRetryForException(executionContext, exception));
}
else
{
// change authentication region of request and signal the handler to sign again with the new region
executionContext.RequestContext.Request.AuthenticationRegion = correctedRegion;
executionContext.RequestContext.IsSigned = false;
return(true);
}
}
}
public static AmazonS3Uri GetAmazonS3Uri(Uri uri)
{
AmazonS3Uri amazonS3Uri = null;
var success = AmazonS3Uri.TryParseAmazonS3Uri(uri, out amazonS3Uri);
return(success ? amazonS3Uri : null);
}
/// <summary>
/// Return true if the request should be retried. Implements additional checks
/// specific to S3 on top of the checks in DefaultRetryPolicy.
/// </summary>
/// <param name="executionContext">Request context containing the state of the request.</param>
/// <param name="exception">The exception thrown by the previous request.</param>
/// <returns>Return true if the request should be retried.</returns>
public override bool RetryForException(Runtime.IExecutionContext executionContext, Exception exception)
{
var syncResult = RetryForExceptionSync(executionContext, exception);
if (syncResult.HasValue)
{
return(syncResult.Value);
}
else
{
var serviceException = exception as AmazonServiceException;
string correctedRegion = null;
AmazonS3Uri s3BucketUri;
if (AmazonS3Uri.TryParseAmazonS3Uri(executionContext.RequestContext.Request.Endpoint, out s3BucketUri))
{
var credentials = executionContext.RequestContext.ImmutableCredentials;
if (credentials != null)
{
correctedRegion = BucketRegionDetector.DetectMismatchWithHeadBucketFallback(s3BucketUri, serviceException, credentials);
}
}
if (correctedRegion == null)
{
return(base.RetryForException(executionContext, exception));
}
else
{
// change authentication region of request and signal the handler to sign again with the new region
executionContext.RequestContext.Request.AuthenticationRegion = correctedRegion;
executionContext.RequestContext.IsSigned = false;
return(true);
}
}
}
#pragma warning disable CA1031 // warning CA1031: Modify '***' to catch a more specific exception type, or rethrow the exception.
#pragma warning disable CA1303 // warning CA1303: Method '***' passes a literal string as parameter 'value'
internal static Outcome <bool, string> Validate(this CommandLine commandLine)
{
Contract.Requires(null != commandLine);
// we must have staging folder
if (string.IsNullOrWhiteSpace(commandLine.StagingFolder))
{
return(new Outcome <bool, string>(false).AddErrors("Staging folder is not specified, you may want to set TEMP or HOME environment variable"));
}
if (!commandLine.StagingFolder.EndsWith(Path.DirectorySeparatorChar))
{
commandLine.StagingFolder += Path.DirectorySeparatorChar;
}
// validate
var outcome = new Outcome <bool, string>(true);
foreach (var a in commandLine.Arguments)
{
try
{
// this one throws... thank you, Amazon
var uri = new Uri(a);
if (!AmazonS3Uri.TryParseAmazonS3Uri(uri, out var s3uri))
{
outcome.AddErrors($"Invalid AWS S3 Uri: {a}");
}
}
catch (Exception x)
{
outcome.AddErrors($"{x.GetType().Name} {x.Message}: {a}");
}
}
return(outcome);
}
// See https://github.com/aws/aws-sdk-net/issues/1426
public static bool TryParse(Uri uri, out AmazonS3Uri s3uri)
{
Contract.Requires(null != uri);
#pragma warning disable CA1031 // Modify '***' to catch a more specific exception type, or rethrow the exception.
try { return(AmazonS3Uri.TryParseAmazonS3Uri(uri, out s3uri)); }
catch (Exception) { s3uri = null; return(false); }
#pragma warning restore CA1031
}
public void S3UriWithPlusForSpaceDecodeTryParseTest()
{
AmazonS3Uri s3Uri;
bool result = AmazonS3Uri.TryParseAmazonS3Uri("https://testbucket.s3.us-east-2.amazonaws.com/C8624825821_S3+Log", true, out s3Uri);
Assert.IsTrue(result);
Assert.AreEqual(s3Uri.Key, "C8624825821_S3 Log");
}
internal static void EvaluateIfSigV4Required(IRequest request)
{
// Skip this for S3-compatible storage provider endpoints
if (request.OriginalRequest is S3.Model.GetObjectRequest &&
AmazonS3Uri.TryParseAmazonS3Uri(request.Endpoint, out var amazonS3Uri) &&
amazonS3Uri.Region?.SystemName != RegionEndpoint.USEast1.SystemName)
{
request.UseSigV4 = true;
}
}
private static void RegionDetectionUpdater(IRequest request)
{
AmazonS3Uri s3Uri;
if (AmazonS3Uri.TryParseAmazonS3Uri(request.Endpoint, out s3Uri))
{
if (s3Uri.Bucket != null)
{
RegionEndpoint cachedRegion;
if (BucketRegionDetector.BucketRegionCache.TryGetValue(s3Uri.Bucket, out cachedRegion))
{
request.AlternateEndpoint = cachedRegion;
}
}
}
}
internal static void EvaluateIfSigV4Required(IRequest request)
{
// Skip this if the request has already been "upgraded" to SigV4a
if (request.SignatureVersion == SignatureVersion.SigV4a)
{
return;
}
// Skip this for S3-compatible storage provider endpoints
if (request.OriginalRequest is S3.Model.GetObjectRequest &&
AmazonS3Uri.TryParseAmazonS3Uri(request.Endpoint, out var amazonS3Uri) &&
amazonS3Uri.Region?.SystemName != RegionEndpoint.USEast1.SystemName)
{
request.SignatureVersion = SignatureVersion.SigV4;
}
}
public static bool TryParseAmazonS3Uri(string uriString, out AmazonS3Uri amazonS3Uri)
{
try
{
if (AmazonS3Uri.TryParseAmazonS3Uri(uriString, out amazonS3Uri))
{
return(true);
}
// "s3://bucket/key.txt"
var uri = new Uri(uriString);
amazonS3Uri = CreateAmazonS3Uri(uri.Host, uri.PathAndQuery);
return(true);
}
catch (Exception)
{
amazonS3Uri = null;
return(false);
}
}
public WebRequest Create(Uri uri)
{
IAmazonS3 client = null;
AmazonS3Uri amazonS3Uri = null;
// Create client from config
AmazonS3Uri.TryParseAmazonS3Uri(uri, out amazonS3Uri);
AWSOptions awsOptions = options;
if (options == null)
{
awsOptions = new AWSOptions();
}
client = awsOptions.CreateServiceClient <IAmazonS3>();
if (amazonS3Uri == null || amazonS3Uri.IsPathStyle || S3UriParser.IsKnownScheme(uri.Scheme))
{
(client.Config as AmazonS3Config).ForcePathStyle = true;
}
S3WebRequest s3WebRequest = new S3WebRequest(uri, logger, (AmazonS3Client)client, s3BucketsConfiguration);
return(s3WebRequest);
}
public override void Sign(IRequest request, IClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey)
{
AWS4Signer val = this.SelectSigner(this, _useSigV4, request, clientConfig) as AWS4Signer;
if (val != null)
{
AmazonS3Uri amazonS3Uri;
RegionEndpoint alternateEndpoint = default(RegionEndpoint);
if (AmazonS3Uri.TryParseAmazonS3Uri(request.get_Endpoint(), out amazonS3Uri) && amazonS3Uri.Bucket != null && BucketRegionDetector.BucketRegionCache.TryGetValue(amazonS3Uri.Bucket, ref alternateEndpoint))
{
request.set_AlternateEndpoint(alternateEndpoint);
}
AWS4SigningResult val2 = val.SignRequest(request, clientConfig, metrics, awsAccessKeyId, awsSecretAccessKey);
request.get_Headers()["Authorization"] = val2.get_ForAuthorizationHeader();
if (request.get_UseChunkEncoding())
{
request.set_AWS4SignerResult(val2);
}
}
else
{
SignRequest(request, metrics, awsAccessKeyId, awsSecretAccessKey);
}
}
