public override void Sign(IRequest request, IClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey) { var signer = SelectSigner(this, _useSigV4, request, clientConfig); var aws4Signer = signer as AWS4Signer; var useV4 = aws4Signer != null; if (useV4) { AmazonS3Uri s3Uri; if (AmazonS3Uri.TryParseAmazonS3Uri(request.Endpoint, out s3Uri)) { if (s3Uri.Bucket != null) { RegionEndpoint cachedRegion; if (BucketRegionDetector.BucketRegionCache.TryGetValue(s3Uri.Bucket, out cachedRegion)) { request.AlternateEndpoint = cachedRegion; } } } var signingResult = aws4Signer.SignRequest(request, clientConfig, metrics, awsAccessKeyId, awsSecretAccessKey); request.Headers[HeaderKeys.AuthorizationHeader] = signingResult.ForAuthorizationHeader; if (request.UseChunkEncoding) request.AWS4SignerResult = signingResult; } else SignRequest(request, metrics, awsAccessKeyId, awsSecretAccessKey); }
public abstract void Sign( IRequest request, ClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey, SecureString secureKey);
private static void SignHttps(IRequest request, ClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey) { string nonce = Guid.NewGuid().ToString(); string date = AWSSDKUtils.FormattedCurrentTimestampRFC822; string stringToSign; stringToSign = date + nonce; metrics.AddProperty(Metric.StringToSign, stringToSign); string signature = ComputeHash(stringToSign, awsSecretAccessKey, clientConfig.SignatureMethod); StringBuilder builder = new StringBuilder(); builder.Append(HTTPS_SCHEME).Append(" "); builder.Append("AWSAccessKeyId=" + awsAccessKeyId + ","); builder.Append("Algorithm=" + clientConfig.SignatureMethod.ToString() + ","); builder.Append("SignedHeaders=x-amz-date;x-amz-nonce,"); builder.Append("Signature=" + signature); builder.Append(GetSignedHeadersComponent(request) + ","); request.Headers[HeaderKeys.XAmzAuthorizationHeader] = builder.ToString(); request.Headers[HeaderKeys.XAmzNonceHeader] = nonce; request.Headers[HeaderKeys.XAmzDateHeader] = date; }
public override void Sign(IRequest request, IClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey) { var signer = SelectSigner(this, _useSigV4, request, clientConfig); var aws4Signer = signer as AWS4Signer; var useV4 = aws4Signer != null; if (useV4) { AmazonS3Uri s3Uri; if (AmazonS3Uri.TryParseAmazonS3Uri(request.Endpoint, out s3Uri)) { if (s3Uri.Bucket != null) { RegionEndpoint cachedRegion; if (BucketRegionDetector.BucketRegionCache.TryGetValue(s3Uri.Bucket, out cachedRegion)) { request.AlternateEndpoint = cachedRegion; } } } var signingResult = aws4Signer.SignRequest(request, clientConfig, metrics, awsAccessKeyId, awsSecretAccessKey); request.Headers[HeaderKeys.AuthorizationHeader] = signingResult.ForAuthorizationHeader; if (request.UseChunkEncoding) { request.AWS4SignerResult = signingResult; } } else { SignRequest(request, metrics, awsAccessKeyId, awsSecretAccessKey); } }
public QueueItem( bool mutatesSolutionState, bool requiresLSPSolution, ClientCapabilities clientCapabilities, string methodName, TextDocumentIdentifier?textDocument, TRequestType request, IRequestHandler <TRequestType, TResponseType> handler, Guid activityId, ILspLogger logger, RequestTelemetryLogger telemetryLogger, CancellationToken cancellationToken) { _completionSource = new TaskCompletionSource <TResponseType?>(); // Set the tcs state to cancelled if the token gets cancelled outside of our callback (for example the server shutting down). cancellationToken.Register(() => _completionSource.TrySetCanceled(cancellationToken)); Metrics = new RequestMetrics(methodName, telemetryLogger); _handler = handler; _logger = logger; _request = request; ActivityId = activityId; MutatesSolutionState = mutatesSolutionState; RequiresLSPSolution = requiresLSPSolution; ClientCapabilities = clientCapabilities; MethodName = methodName; TextDocument = textDocument; }
/// <summary> /// Calculates and signs the specified request using the asymmetric Sigv4 (Sigv4a) signing protocol. /// The resulting signature is added to the request headers as 'Authorization'. Parameters supplied in the request, either in /// the resource path as a query string or in the Parameters collection must not have been /// uri encoded. If they have, use the SignRequest method to obtain a signature. /// </summary> /// <param name="request"> /// The request to compute the signature for. Additional headers mandated by the AWS4a protocol /// ('host' and 'x-amz-date') will be added to the request before signing. /// </param> /// <param name="clientConfig"> /// Client configuration data encompassing the service call (notably authentication /// region, endpoint and service name). /// </param> /// <param name="metrics"> /// Metrics for the request /// </param> /// <param name="credentials"> /// The AWS credentials for the account making the service call. /// </param> /// <returns>AWS4a Signing Result</returns> public AWS4aSigningResult SignRequest(IRequest request, IClientConfig clientConfig, RequestMetrics metrics, ImmutableCredentials credentials) { return(_awsSigV4AProvider.SignRequest(request, clientConfig, metrics, credentials)); }
public override void Sign(IRequest request, IClientConfig clientConfig, RequestMetrics metrics, ImmutableCredentials credentials) { this.SignCount++; }
private void SignRequest(IRequest request, AbstractAWSSigner signer, RequestMetrics metrics) { // Check if request should be signed if (credentials is AnonymousAWSCredentials) { return; } metrics.StartEvent(RequestMetrics.Metric.CredentialsRequestTime); using (ImmutableCredentials immutableCredentials = credentials.GetCredentials()) { metrics.StopEvent(RequestMetrics.Metric.CredentialsRequestTime); if (immutableCredentials.UseToken) { ClientProtocol protocol = DetermineProtocol(signer); switch (protocol) { case ClientProtocol.QueryStringProtocol: request.Parameters["SecurityToken"] = immutableCredentials.Token; break; case ClientProtocol.RestProtocol: request.Headers["x-amz-security-token"] = immutableCredentials.Token; break; default: throw new InvalidDataException("Cannot determine protocol"); } } signer.Sign(request, this.config, immutableCredentials.AccessKey, immutableCredentials.ClearSecretKey, immutableCredentials.SecureSecretKey); } }
public override void Sign(IRequest request, IClientConfig clientConfig, RequestMetrics metrics, ImmutableCredentials credentials) { var signer = SelectSigner(this, _useSigV4, request, clientConfig); var aws4Signer = signer as AWS4Signer; var aws4aSigner = signer as AWS4aSignerCRTWrapper; var useV4 = aws4Signer != null; var useV4a = aws4aSigner != null; if (useV4a) { var signingResult = aws4aSigner.SignRequest(request, clientConfig, metrics, credentials); if (request.UseChunkEncoding) { request.AWS4aSignerResult = signingResult; } } else if (useV4) { _regionDetector?.Invoke(request); var signingResult = aws4Signer.SignRequest(request, clientConfig, metrics, credentials.AccessKey, credentials.SecretKey); request.Headers[HeaderKeys.AuthorizationHeader] = signingResult.ForAuthorizationHeader; if (request.UseChunkEncoding) { request.AWS4SignerResult = signingResult; } } else { SignRequest(request, metrics, credentials.AccessKey, credentials.SecretKey); } }
public void Store(RequestMetrics db) { var response = _repository .ESClient() .Index(db, s => s .Index(RequestMetrics.Name)); }
/// <summary> /// Sign method /// </summary> /// <param name="request"></param> /// <param name="clientConfig"></param> /// <param name="metrics"></param> /// <param name="awsAccessKeyId"></param> /// <param name="awsSecretAccessKey"></param> public override void Sign(IRequest request, IClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey) { base.Sign(request, clientConfig, metrics, awsAccessKeyId, awsSecretAccessKey); //内容Md5 SetContentMd5(request); //移除Md5 //RemoveContentMd5(request); //设置Copy头 SetCopySource(request); //设置User-Agent SetUserAgent(request); //resourcePath var resourcePath = GetResourcePath(request); //待签名字符串 var canonicalString = RestUtil.MakeKS3CanonicalString(request.HttpMethod, resourcePath, request, null); var hmacBytes = HmacUtil.GetHmacSha1(canonicalString, awsSecretAccessKey); //签名 var signature = Convert.ToBase64String(hmacBytes); //默认头部添加 if (!request.Headers.ContainsKey(Headers.CONTENT_TYPE)) { request.Headers.Add(Headers.CONTENT_TYPE, Headers.DEFAULT_MIMETYPE); } //如果已经添加了认证,就移除 if (request.Headers.ContainsKey(Headers.AUTHORIZATION)) { request.Headers.Remove(Headers.AUTHORIZATION); } request.Headers.Add("Authorization", "KSS " + awsAccessKeyId + ":" + signature); }
private async Task SendReplyAsync( ulong conversationId, IMessage response, ILayerStack layerStack, RequestMetrics requestMetrics) { var sendContext = new EpoxySendContext(this, ConnectionMetrics, requestMetrics); IBonded layerData; Error layerError = LayerStackUtils.ProcessOnSend( layerStack, MessageType.RESPONSE, sendContext, out layerData, logger); // If there was a layer error, replace the response with the layer error if (layerError != null) { logger.Site().Error("{0} Sending reply for conversation ID {1} failed due to layer error (Code: {2}, Message: {3}).", this, conversationId, layerError.error_code, layerError.message); // Set layer error as result of this Bond method call, replacing original response. // Since this error will be returned to client, cleanse out internal server error details, if any. response = Message.FromError(Errors.CleanseInternalServerError(layerError)); } var frame = MessageToFrame(conversationId, null, null, EpoxyMessageType.RESPONSE, response, layerData, logger); logger.Site().Debug("{0} Sending reply for conversation ID {1}.", this, conversationId); bool wasSent = await SendFrameAsync(frame); logger.Site().Debug("{0} Sending reply for conversation ID {1} {2}.", this, conversationId, wasSent ? "succeedeed" : "failed"); }
public QueueItem( bool mutatesSolutionState, bool requiresLSPSolution, ClientCapabilities clientCapabilities, string?clientName, string methodName, TextDocumentIdentifier?textDocument, Guid activityId, ILspLogger logger, RequestTelemetryLogger telemetryLogger, Action <Exception> handleQueueFailure, Func <RequestContext?, CancellationToken, Task> callbackAsync, CancellationToken cancellationToken) { Metrics = new RequestMetrics(methodName, telemetryLogger); _callbackAsync = callbackAsync; _logger = logger; ActivityId = activityId; MutatesSolutionState = mutatesSolutionState; RequiresLSPSolution = requiresLSPSolution; ClientCapabilities = clientCapabilities; ClientName = clientName; MethodName = methodName; TextDocument = textDocument; HandleQueueFailure = handleQueueFailure; CancellationToken = cancellationToken; }
/// <summary> /// Calculates and signs the specified request using the Asymmetric SigV4 signing protocol /// by using theAWS account credentials given in the method parameters. The resulting signature /// is added to the request headers as 'Authorization'. /// </summary> /// <param name="request"> /// The request to compute the signature for. Additional headers mandated by the /// SigV4a protocol will be added to the request before signing. /// </param> /// <param name="clientConfig"> /// Client configuration data encompassing the service call (notably authentication /// region, endpoint and service name). /// </param> /// <param name="metrics">Metrics for the request</param> /// <param name="credentials">The AWS credentials for the account making the service call</param> public void Sign(IRequest request, IClientConfig clientConfig, RequestMetrics metrics, ImmutableCredentials credentials) { SignRequest(request, clientConfig, metrics, credentials); }
public override void Sign(IRequest request, IClientConfig clientConfig, RequestMetrics metrics, ImmutableCredentials credentials) { var useSigV4 = request.SignatureVersion == SignatureVersion.SigV4; var signer = SelectSigner(this, useSigV4, request, clientConfig); var aws4aSigner = signer as AWS4aSignerCRTWrapper; var aws4Signer = signer as AWS4Signer; var useV4a = aws4aSigner != null; var useV4 = aws4Signer != null; AWSSigningResultBase signingResult; if (useV4a) { signingResult = aws4aSigner.SignRequest(request, clientConfig, metrics, credentials); } else if (useV4) { signingResult = aws4Signer.SignRequest(request, clientConfig, metrics, credentials.AccessKey, credentials.SecretKey); } else { throw new AmazonClientException("EventBridge supports only SigV4 and SigV4a signature versions"); } request.Headers[HeaderKeys.AuthorizationHeader] = signingResult.ForAuthorizationHeader; }
protected override void PreInvoke(IExecutionContext executionContext) { var request = executionContext.RequestContext.OriginalRequest; var config = executionContext.RequestContext.ClientConfig; var copySnapshotRequest = request as CopySnapshotRequest; if (copySnapshotRequest != null) { if (string.IsNullOrEmpty(copySnapshotRequest.DestinationRegion)) { copySnapshotRequest.DestinationRegion = AWS4Signer.DetermineSigningRegion(config, "ec2", alternateEndpoint: null); } if (string.IsNullOrEmpty(copySnapshotRequest.SourceRegion)) { throw new AmazonEC2Exception("SourceRegion is required to perform the copy snapshot."); } var endpoint = RegionEndpoint.GetBySystemName(copySnapshotRequest.SourceRegion); if (endpoint == null) { throw new AmazonEC2Exception(string.Format(CultureInfo.InvariantCulture, "No endpoint for region {0}.", copySnapshotRequest.SourceRegion)); } // Make sure the presigned URL is currently null so we don't attempt to generate // a presigned URL with a presigned URL. copySnapshotRequest.PresignedUrl = null; // Marshall this request but switch to the source region and make it a GET request. var marshaller = new CopySnapshotRequestMarshaller(); var irequest = marshaller.Marshall(copySnapshotRequest); irequest.UseQueryString = true; irequest.HttpMethod = "GET"; irequest.Parameters.Add("X-Amz-Expires", AWS4PreSignedUrlSigner.MaxAWS4PreSignedUrlExpiry.ToString(CultureInfo.InvariantCulture)); irequest.Endpoint = new Uri("https://" + endpoint.GetEndpointForService(config.RegionEndpointServiceName).Hostname); // Create presigned URL. var metrics = new RequestMetrics(); var immutableCredentials = _credentials.GetCredentials(); if (immutableCredentials.UseToken) { irequest.Parameters["X-Amz-Security-Token"] = immutableCredentials.Token; } var signingResult = AWS4PreSignedUrlSigner.SignRequest(irequest, config, metrics, immutableCredentials.AccessKey, immutableCredentials.SecretKey, "ec2", copySnapshotRequest.SourceRegion); var authorization = "&" + signingResult.ForQueryParameters; var url = AmazonServiceClient.ComposeUrl(irequest); copySnapshotRequest.PresignedUrl = url.AbsoluteUri + authorization; } }
public override void Sign(IRequest request, IClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey) { this.SignCount++; }
protected void LogFinishedResponse(RequestMetrics metrics, UnmarshallerContext context, long contentLength) { metrics.AddProperty(Metric.BytesProcessed, contentLength); if (SupportResponseLogging && (Config.LogResponse || AWSConfigs.LoggingConfig.LogResponses == ResponseLoggingOption.Always)) { this.logger.DebugFormat("Received response: [{0}]", context.ResponseBody); } }
public override void Sign(IRequest request, string awsAccessKeyId, string awsSecretAccessKey) { //请求指标 var metrics = new RequestMetrics(); SignerRequestParamsEx signerParams = new SignerRequestParamsEx(request, this.regionName, this.serviceName, "SDK-HMAC-SHA256"); SignHttp(request, metrics, awsAccessKeyId, awsSecretAccessKey, signerParams); }
/// <summary> /// Calculates and signs the specified request using the AWS4 signing protocol by using the /// AWS account credentials given in the method parameters. The resulting signature is added /// to the request headers as 'Authorization'. /// </summary> /// <param name="request"> /// The request to compute the signature for. Additional headers mandated by the AWS4 protocol /// ('host' and 'x-amz-date') will be added to the request before signing. /// </param> /// <param name="clientConfig"> /// Adding supporting data for the service call required by the signer (notably authentication /// region, endpoint and service name). /// </param> /// <param name="metrics"> /// Metrics for the request /// </param> /// <param name="awsAccessKeyId"> /// The AWS public key for the account making the service call. /// </param> /// <param name="awsSecretAccessKey"> /// The AWS secret key for the account making the call, in clear text /// </param> /// <exception cref="Amazon.Runtime.SignatureException"> /// If any problems are encountered while signing the request. /// </exception> public override void Sign(IRequest request, ClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey) { throw new InvalidOperationException("PreSignedUrl signature computation is not supported by this method; use SignRequest instead."); }
protected override void PreInvoke(IExecutionContext executionContext) { var request = executionContext.RequestContext.OriginalRequest; var config = executionContext.RequestContext.ClientConfig; var copySnapshotRequest = request as CopySnapshotRequest; if (copySnapshotRequest != null) { if (string.IsNullOrEmpty(copySnapshotRequest.DestinationRegion)) { copySnapshotRequest.DestinationRegion = AWS4Signer.DetermineSigningRegion(config, "ec2", alternateEndpoint: null); } if (string.IsNullOrEmpty(copySnapshotRequest.SourceRegion)) { throw new AmazonEC2Exception("SourceRegion is required to perform the copy snapshot."); } var endpoint = RegionEndpoint.GetBySystemName(copySnapshotRequest.SourceRegion); if(endpoint == null) { throw new AmazonEC2Exception(string.Format(CultureInfo.InvariantCulture, "No endpoint for region {0}.", copySnapshotRequest.SourceRegion)); } // Make sure the presigned URL is currently null so we don't attempt to generate // a presigned URL with a presigned URL. copySnapshotRequest.PresignedUrl = null; // Marshall this request but switch to the source region and make it a GET request. var marshaller = new CopySnapshotRequestMarshaller(); var irequest = marshaller.Marshall(copySnapshotRequest); irequest.UseQueryString = true; irequest.HttpMethod = "GET"; irequest.Parameters.Add("X-Amz-Expires", AWS4PreSignedUrlSigner.MaxAWS4PreSignedUrlExpiry.ToString(CultureInfo.InvariantCulture)); irequest.Endpoint = new Uri("https://" + endpoint.GetEndpointForService(config.RegionEndpointServiceName).Hostname); // Create presigned URL. var metrics = new RequestMetrics(); var immutableCredentials = _credentials.GetCredentials(); if (immutableCredentials.UseToken) { irequest.Parameters["X-Amz-Security-Token"] = immutableCredentials.Token; } var signingResult = AWS4PreSignedUrlSigner.SignRequest(irequest, config, metrics, immutableCredentials.AccessKey, immutableCredentials.SecretKey, "ec2", copySnapshotRequest.SourceRegion); var authorization = "&" + signingResult.ForQueryParameters; var url = AmazonServiceClient.ComposeUrl(irequest); copySnapshotRequest.PresignedUrl = url.AbsoluteUri + authorization; } }
private static void SignHttpEx(IRequest request, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey, SignerRequestParamsEx param = null) { string date = "20171006T170510Z"; //AWSSDKUtils.FormattedCurrentTimestampISO8601; string hostHeader = request.Endpoint.Host; request.Headers[HttpHeaderKeys.HostHeader] = hostHeader; request.Headers[HttpHeaderKeys.SdkData] = date; }
/// <summary> /// Calculates the asymmetric Sigv4 (Sigv4a) signature for a presigned url. /// </summary> /// <param name="request"> /// The request to compute the signature for. /// </param> /// <param name="clientConfig"> /// Adding supporting data for the service call required by the signer (notably authentication /// region, endpoint and service name). /// </param> /// <param name="metrics"> /// Metrics for the request /// </param> /// <param name="credentials"> /// The AWS credentials for the account making the service call. /// </param> /// <param name="service"> /// The service to sign for /// </param> /// <param name="overrideSigningRegion"> /// The region to sign to, if null then the region the client is configured for will be used. /// </param> /// <returns>AWS4a Signing Result</returns> public AWS4aSigningResult Presign4a(IRequest request, IClientConfig clientConfig, RequestMetrics metrics, ImmutableCredentials credentials, string service, string overrideSigningRegion) { return(_awsSigV4AProvider.Presign4a(request, clientConfig, metrics, credentials, service, overrideSigningRegion)); }
public override UnmarshallerContext CreateContext( IWebResponseData response, bool readEntireResponse, Stream stream, RequestMetrics metrics, bool isException) { return(CreateContext(response, readEntireResponse, stream, metrics, isException, null)); }
/// <summary> /// Calculates and signs the specified request using the AWS4 signing protocol by using the /// AWS account credentials given in the method parameters. /// </summary> /// <param name="request"> /// The request to compute the signature for. Additional headers mandated by the AWS4 protocol /// ('host' and 'x-amz-date') will be added to the request before signing. /// </param> /// <param name="clientConfig"> /// Client configuration data encompassing the service call (notably authentication /// region, endpoint and service name). /// </param> /// <param name="metrics"> /// Metrics for the request. /// </param> /// <param name="awsAccessKeyId"> /// The AWS public key for the account making the service call. /// </param> /// <param name="awsSecretAccessKey"> /// The AWS secret key for the account making the call, in clear text. /// </param> /// <exception cref="Amazon.Runtime.SignatureException"> /// If any problems are encountered while signing the request. /// </exception> /// <remarks> /// Parameters passed as part of the resource path should be uri-encoded prior to /// entry to the signer. Parameters passed in the request.Parameters collection should /// be not be encoded; encoding will be done for these parameters as part of the /// construction of the canonical request. /// </remarks> public AWS4SigningResult SignRequest(IRequest request, ClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey) { var signedAt = InitializeHeaders(request.Headers, request.Endpoint); var region = DetermineRegion(clientConfig); var service = DetermineService(clientConfig); var resourcePathParamStart = -1; var resourcePath = string.Empty; // Extract the true resource path, less any query parameters or sub resource if (!string.IsNullOrEmpty(request.ResourcePath)) { resourcePathParamStart = request.ResourcePath.IndexOf('?'); resourcePath = resourcePathParamStart == -1 ? request.ResourcePath : request.ResourcePath.Substring(0, resourcePathParamStart); } // if UseQueryString is indicated and Parameters are present, canonicalize those (including uri encoding them) // otherwise if we spotted parameters in the resource path, canonicalize those instead (which should be encoded // already) var canonicalQueryParams = string.Empty; if (request.UseQueryString && request.Parameters.Count > 0) { canonicalQueryParams = CanonicalizeQueryParameters(request.Parameters); } else if (resourcePathParamStart != -1) { canonicalQueryParams = CanonicalizeQueryParameters(request.ResourcePath.Substring(resourcePathParamStart + 1), false); } var bodyHash = SetRequestBodyHash(request); var sortedHeaders = SortHeaders(request.Headers); var canonicalRequest = CanonicalizeRequest(resourcePath, request.HttpMethod, sortedHeaders, canonicalQueryParams, bodyHash); if (metrics != null) { metrics.AddProperty(Metric.CanonicalRequest, canonicalRequest); } return(ComputeSignature(awsAccessKeyId, awsSecretAccessKey, region, signedAt, service, CanonicalizeHeaderNames(sortedHeaders), canonicalRequest, metrics)); }
internal static void SignRequest(IRequest request, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey) { request.Headers[HeaderKeys.XAmzDateHeader] = AWSSDKUtils.FormattedCurrentTimestampRFC822; var stringToSign = BuildStringToSign(request); metrics.AddProperty(Metric.StringToSign, stringToSign); var auth = CryptoUtilFactory.CryptoInstance.HMACSign(stringToSign, awsSecretAccessKey, SigningAlgorithm.HmacSHA1); var authorization = string.Concat("AWS ", awsAccessKeyId, ":", auth); request.Headers[HeaderKeys.AuthorizationHeader] = authorization; }
/// <summary> /// Calculates and signs the specified request using the AWS4 signing protocol by using the /// AWS account credentials given in the method parameters. The resulting signature is added /// to the request headers as 'Authorization'. Parameters supplied in the request, either in /// the resource path as a query string or in the Parameters collection must not have been /// uri encoded. If they have, use the SignRequest method to obtain a signature. /// </summary> /// <param name="request"> /// The request to compute the signature for. Additional headers mandated by the AWS4 protocol /// ('host' and 'x-amz-date') will be added to the request before signing. /// </param> /// <param name="clientConfig"> /// Client configuration data encompassing the service call (notably authentication /// region, endpoint and service name). /// </param> /// <param name="metrics"> /// Metrics for the request /// </param> /// <param name="awsAccessKeyId"> /// The AWS public key for the account making the service call. /// </param> /// <param name="awsSecretAccessKey"> /// The AWS secret key for the account making the call, in clear text. /// </param> /// <exception cref="Amazon.Runtime.SignatureException"> /// If any problems are encountered while signing the request. /// </exception> public override void Sign(IRequest request, ClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey) { var signingResult = SignRequest(request, clientConfig, metrics, awsAccessKeyId, awsSecretAccessKey); request.Headers[AuthorizationHeader] = signingResult.ForAuthorizationHeader; }
protected override void ProcessPreRequestHandlers(AmazonWebServiceRequest request) { base.ProcessPreRequestHandlers(request); var requestCopySnapshot = request as CopySnapshotRequest; if (requestCopySnapshot != null) { if (string.IsNullOrEmpty(requestCopySnapshot.DestinationRegion)) { requestCopySnapshot.DestinationRegion = AWS4Signer.DetermineSigningRegion(this.Config, "ec2"); } if (string.IsNullOrEmpty(requestCopySnapshot.SourceRegion)) { throw new AmazonEC2Exception("SourceRegion is required to perform the copy snapshot."); } var endpoint = RegionEndpoint.GetBySystemName(requestCopySnapshot.SourceRegion); if (endpoint == null) { throw new AmazonEC2Exception(string.Format(CultureInfo.InvariantCulture, "No endpoint for region {0}.", requestCopySnapshot.SourceRegion)); } // Make sure the presigned URL is currently null so we don't attempt to generate // a presigned URL with a presigned URL. requestCopySnapshot.PresignedUrl = null; // Marshall this request but switch to the source region and make it a GET request. CopySnapshotRequestMarshaller marshaller = new CopySnapshotRequestMarshaller(); var irequest = marshaller.Marshall(requestCopySnapshot); irequest.UseQueryString = true; irequest.HttpMethod = "GET"; irequest.Parameters.Add("X-Amz-Expires", AWS4PreSignedUrlSigner.MaxAWS4PreSignedUrlExpiry.ToString(CultureInfo.InvariantCulture)); irequest.Endpoint = new Uri("https://" + endpoint.GetEndpointForService(this.Config.RegionEndpointServiceName).Hostname); // Create presigned URL. var metrics = new RequestMetrics(); var immutableCredentials = Credentials.GetCredentials(); var signingResult = AWS4PreSignedUrlSigner.SignRequest(irequest, this.Config, metrics, immutableCredentials.AccessKey, immutableCredentials.SecretKey, "ec2", requestCopySnapshot.SourceRegion); var authorization = "&" + signingResult.ForQueryParameters; Uri url = ComposeUrl(irequest, irequest.Endpoint); requestCopySnapshot.PresignedUrl = url.AbsoluteUri + authorization; } }
private static void SignHttp(IRequest request, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey) { SigningAlgorithm algorithm = SigningAlgorithm.HmacSHA256; string text = Guid.NewGuid().ToString(); string formattedCurrentTimestampRFC = AWSSDKUtils.FormattedCurrentTimestampRFC822; bool flag = IsHttpsRequest(request); flag = false; request.Headers["Date"] = formattedCurrentTimestampRFC; request.Headers["X-Amz-Date"] = formattedCurrentTimestampRFC; request.Headers.Remove("X-Amzn-Authorization"); string text2 = request.Endpoint.Host; if (!request.Endpoint.IsDefaultPort) { text2 = text2 + ":" + request.Endpoint.Port; } request.Headers["host"] = text2; byte[] array = null; string text3; if (flag) { request.Headers["x-amz-nonce"] = text; text3 = formattedCurrentTimestampRFC + text; array = Encoding.UTF8.GetBytes(text3); } else { Uri endpoint = request.Endpoint; if (!string.IsNullOrEmpty(request.ResourcePath)) { endpoint = new Uri(request.Endpoint, request.ResourcePath); } text3 = request.HttpMethod + "\n" + GetCanonicalizedResourcePath(endpoint) + "\n" + GetCanonicalizedQueryString(request.Parameters) + "\n" + GetCanonicalizedHeadersForStringToSign(request) + "\n" + GetRequestPayload(request); array = CryptoUtilFactory.CryptoInstance.ComputeSHA256Hash(Encoding.UTF8.GetBytes(text3)); } metrics.AddProperty(Metric.StringToSign, text3); string str = AbstractAWSSigner.ComputeHash(array, awsSecretAccessKey, algorithm); StringBuilder stringBuilder = new StringBuilder(); stringBuilder.Append(flag ? "AWS3-HTTPS" : "AWS3"); stringBuilder.Append(" "); stringBuilder.Append("AWSAccessKeyId=" + awsAccessKeyId + ","); stringBuilder.Append("Algorithm=" + algorithm.ToString() + ","); if (!flag) { stringBuilder.Append(GetSignedHeadersComponent(request) + ","); } stringBuilder.Append("Signature=" + str); string value = stringBuilder.ToString(); request.Headers["X-Amzn-Authorization"] = value; }
internal static void SignRequest(IRequest request, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey) { request.get_Headers()["X-Amz-Date"] = AWSSDKUtils.get_FormattedCurrentTimestampRFC822(); string text = BuildStringToSign(request); metrics.AddProperty(17, (object)text); string str = CryptoUtilFactory.get_CryptoInstance().HMACSign(text, awsSecretAccessKey, 0); string value = "AWS " + awsAccessKeyId + ":" + str; request.get_Headers()["Authorization"] = value; }
/// <summary> /// Signs the specified request with the AWS3 signing protocol by using the /// AWS account credentials given in the method parameters. /// </summary> /// <param name="awsAccessKeyId">The AWS public key</param> /// <param name="awsSecretAccessKey">The AWS secret key used to sign the request in clear text</param> /// <param name="metrics">Request metrics</param> /// <param name="clientConfig">The configuration that specifies which hashing algorithm to use</param> /// <param name="request">The request to have the signature compute for</param> /// <exception cref="Amazon.Runtime.SignatureException">If any problems are encountered while signing the request</exception> public override void Sign(IRequest request, ClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey) { if (UseAws3Https) { SignHttps(request, clientConfig, metrics, awsAccessKeyId, awsSecretAccessKey); } else { SignHttp(request, metrics, awsAccessKeyId, awsSecretAccessKey); } }
internal void SignRequest(IRequest request, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey) { request.Headers["x-amz-date"] = AWSSDKUtils.FormattedCurrentTimestampRFC822; string toSign = buildSigningString(request.HttpMethod, request.CanonicalResource, request.Parameters, request.Headers); metrics.AddProperty(Metric.StringToSign, toSign); string auth = CryptoUtilFactory.CryptoInstance.HMACSign(toSign, awsSecretAccessKey, SigningAlgorithm.HmacSHA1); string authorization = string.Concat("AWS ", awsAccessKeyId, ":", auth); request.Headers[S3QueryParameter.Authorization.ToString()] = authorization; }
public override void Sign(IRequest request, ClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey, SecureString secureKey) { if (String.IsNullOrEmpty(awsAccessKeyId)) { throw new Exception("The AWS Access Key ID cannot be NULL or a Zero length string"); } string dateTime = AWSSDKUtils.GetFormattedTimestampRFC822(0); request.Headers.Add("X-Amz-Date", dateTime); string signature = ComputeHash(dateTime, awsSecretAccessKey, secureKey, SigningAlgorithm.HmacSHA1); request.Headers.Add("Authorization", "AWS " + awsAccessKeyId + ":" + signature); }
public void Emit(RequestMetrics metrics) { var sb = new StringBuilder(nameof(RequestMetrics) + " {\n"); sb.Append($"\trequest ID: {metrics.request_id}\n"); sb.Append($"\tconnection ID: {metrics.connection_id}\n"); sb.Append($"\tendpoints: {metrics.local_endpoint} <-> {metrics.remote_endpoint}\n"); sb.Append($"\tmethod: {metrics.method_name}\n"); sb.Append($"\ttotal millis: {metrics.total_time_millis}\n"); sb.Append($"\tservice millis: {metrics.service_method_time_millis}\n"); var errstr = metrics.error?.ToString() ?? "none"; sb.Append($"\terror: {errstr}\n"); sb.Append("}\n"); Console.Write(sb); }
public override void Sign(IRequest request, ClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey) { var signer = SelectSigner(this, _useSigV4, request, clientConfig); var aws4Signer = signer as AWS4Signer; var useV4 = aws4Signer != null; //var aws4Signer = SelectSigner(clientConfig) as AWS4Signer; if (useV4) { var signingResult = aws4Signer.SignRequest(request, clientConfig, metrics, awsAccessKeyId, awsSecretAccessKey); request.Headers[HeaderKeys.AuthorizationHeader] = signingResult.ForAuthorizationHeader; if (request.UseChunkEncoding) request.AWS4SignerResult = signingResult; } else SignRequest(request, metrics, awsAccessKeyId, awsSecretAccessKey); }
/// <summary> /// Signs the specified request with the AWS2 signing protocol by using the /// AWS account credentials given in the method parameters. /// </summary> /// <param name="awsAccessKeyId">The AWS public key</param> /// <param name="awsSecretAccessKey">The AWS secret key used to sign the request in clear text</param> /// <param name="metrics">Request metrics</param> /// <param name="clientConfig">The configuration that specifies which hashing algorithm to use</param> /// <param name="request">The request to have the signature compute for</param> /// <exception cref="Amazon.Runtime.SignatureException">If any problems are encountered while signing the request</exception> public override void Sign(IRequest request, ClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey) { if (String.IsNullOrEmpty(awsAccessKeyId)) { throw new ArgumentOutOfRangeException("awsAccessKeyId", "The AWS Access Key ID cannot be NULL or a Zero length string"); } request.Parameters["AWSAccessKeyId"] = awsAccessKeyId; request.Parameters["SignatureVersion"] = clientConfig.SignatureVersion; request.Parameters["SignatureMethod"] = clientConfig.SignatureMethod.ToString(); request.Parameters["Timestamp"] = AWSSDKUtils.FormattedCurrentTimestampISO8601; string toSign = AWSSDKUtils.CalculateStringToSignV2(request.Parameters, clientConfig.DetermineServiceURL()); metrics.AddProperty(Metric.StringToSign, toSign); string auth = ComputeHash(toSign, awsSecretAccessKey, clientConfig.SignatureMethod); request.Parameters["Signature"] = auth; }
protected SendContext(ConnectionMetrics connectionMetrics, RequestMetrics requestMetrics) : base(connectionMetrics, requestMetrics) {}
protected ReceiveContext(ConnectionMetrics connectionMetrics, RequestMetrics requestMetrics) : base(connectionMetrics, requestMetrics) {}
public void Emit(RequestMetrics metrics) { LastRequestMetrics = metrics; RequestMetricsReceived++; }
/// <summary> /// Create a signed URL allowing access to a resource that would /// usually require authentication. /// </summary> /// <remarks> /// <para> /// When using query string authentication you create a query, /// specify an expiration time for the query, sign it with your /// signature, place the data in an HTTP request, and distribute /// the request to a user or embed the request in a web page. /// </para> /// <para> /// A PreSigned URL can be generated for GET, PUT, DELETE and HEAD /// operations on your bucketName, keys, and versions. /// </para> /// </remarks> /// <param name="request">The GetPreSignedUrlRequest that defines the /// parameters of the operation.</param> /// <returns>A string that is the signed http request.</returns> /// <exception cref="T:System.ArgumentException" /> /// <exception cref="T:System.ArgumentNullException" /> public string GetPreSignedURL(GetPreSignedUrlRequest request) { if (Credentials == null) throw new AmazonS3Exception("Credentials must be specified, cannot call method anonymously"); if (request == null) throw new ArgumentNullException("request", "The PreSignedUrlRequest specified is null!"); if (!request.IsSetExpires()) throw new InvalidOperationException("The Expires specified is null!"); var aws4Signing = AWSConfigs.S3Config.UseSignatureVersion4; var region = AWS4Signer.DetermineSigningRegion(Config, "s3", alternateEndpoint: null, request: null); if (aws4Signing && string.IsNullOrEmpty(region)) throw new InvalidOperationException("To use AWS4 signing, a region must be specified in the client configuration using the AuthenticationRegion or Region properties, or be determinable from the service URL."); RegionEndpoint endpoint = RegionEndpoint.GetBySystemName(region); if (endpoint.GetEndpointForService("s3").SignatureVersionOverride == "4") aws4Signing = true; var immutableCredentials = Credentials.GetCredentials(); var irequest = Marshall(request, immutableCredentials.AccessKey, immutableCredentials.Token, aws4Signing); irequest.Endpoint = EndpointResolver.DetermineEndpoint(this.Config, irequest); var context = new Amazon.Runtime.Internal.ExecutionContext(new Amazon.Runtime.Internal.RequestContext(true) { Request = irequest, ClientConfig = this.Config }, null); AmazonS3PostMarshallHandler handler = new AmazonS3PostMarshallHandler(); handler.ProcessRequestHandlers(context); var metrics = new RequestMetrics(); string authorization; if (aws4Signing) { var aws4Signer = new AWS4PreSignedUrlSigner(); var signingResult = aws4Signer.SignRequest(irequest, this.Config, metrics, immutableCredentials.AccessKey, immutableCredentials.SecretKey); authorization = "&" + signingResult.ForQueryParameters; } else { this.Signer.Sign(irequest, this.Config, metrics, immutableCredentials.AccessKey, immutableCredentials.SecretKey); authorization = irequest.Headers[HeaderKeys.AuthorizationHeader]; authorization = authorization.Substring(authorization.IndexOf(":", StringComparison.Ordinal) + 1); authorization = "&Signature=" + AmazonS3Util.UrlEncode(authorization, false); } Uri url = AmazonServiceClient.ComposeUrl(irequest); string result = url.AbsoluteUri + authorization; Protocol protocol = DetermineProtocol(); if (request.Protocol != protocol) { switch (protocol) { case Protocol.HTTP: result = result.Replace("http://", "https://"); break; case Protocol.HTTPS: result = result.Replace("https://", "http://"); break; } } return result; }
public static void FinishRequestMetrics(RequestMetrics requestMetrics, Stopwatch totalTime) { requestMetrics.total_time_millis = totalTime.Elapsed.TotalMilliseconds; }
private void SignHttps(IRequest request, ClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey, SecureString secureKey) { string nonce = Guid.NewGuid().ToString(); string date = AWSSDKUtils.FormattedCurrentTimestampRFC822; string stringToSign; stringToSign = date + nonce; metrics.AddProperty(RequestMetrics.Metric.StringToSign, stringToSign); string signature = ComputeHash(stringToSign, awsSecretAccessKey, secureKey, clientConfig.SignatureMethod); StringBuilder builder = new StringBuilder(); builder.Append(HTTPS_SCHEME).Append(" "); builder.Append("AWSAccessKeyId=" + awsAccessKeyId + ","); builder.Append("Algorithm=" + clientConfig.SignatureMethod.ToString() + ","); builder.Append("SignedHeaders=x-amz-date;x-amz-nonce,"); builder.Append("Signature=" + signature); request.Headers[AUTHORIZATION_HEADER] = builder.ToString(); request.Headers[NONCE_HEADER] = nonce; request.Headers["x-amz-date"] = date; }
/// <summary> /// Calculates and signs the specified request using the AWS4 signing protocol by using the /// AWS account credentials given in the method parameters. /// </summary> /// <param name="awsAccessKeyId">The AWS public key</param> /// <param name="awsSecretAccessKey">The AWS secret key used to sign the request in clear text</param> /// <param name="clientConfig">The configuration that specifies which hashing algorithm to use</param> /// <param name="request">The request to have the signature compute for</param> /// <param name="secureKey">The AWS secret key stored in a secure string</param> /// <param name="metrics">Request metrics</param> /// <exception cref="Amazon.Runtime.SignatureException">If any problems are encountered while signing the request</exception> public override void Sign(IRequest request, ClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey, SecureString secureKey) { // clean up request from previous execution request.Headers.Remove("Authorization"); string signingAlgorithm = SigningAlgorithm.HmacSHA256.ToString().ToUpper(); DateTime dt = DateTime.UtcNow; string dateTime = dt.ToString(AWSSDKUtils.ISO8601BasicDateTimeFormat, CultureInfo.InvariantCulture); string dateStamp = dt.ToString("yyyyMMdd", CultureInfo.InvariantCulture); string region = DetermineRegion(clientConfig); string service = DetermineService(clientConfig); if (!request.Headers.ContainsKey("Host")) { string hostHeader = request.Endpoint.Host; if (!request.Endpoint.IsDefaultPort) hostHeader += ":" + request.Endpoint.Port; request.Headers.Add("Host", hostHeader); } request.Headers["X-Amz-Date"] = dateTime; string scope = string.Format("{0}/{1}/{2}/{3}", dateStamp, region, service, TERMINATOR); List<string> headersToSign = GetHeadersForSigning(request.Headers); var queryString = request.UseQueryString ? AWSSDKUtils.GetParametersAsString(request.Parameters) : ""; string canonicalRequest = GetCanonicalRequest(headersToSign, new Uri(request.Endpoint, request.ResourcePath), queryString, request.Headers, request.UseQueryString ? "" : GetRequestPayload(request), request.ContentStreamHash, request.HttpMethod); StringBuilder stringToSignBuilder = new StringBuilder(); stringToSignBuilder.AppendFormat("{0}-{1}\n{2}\n{3}\n", SCHEME, ALGORITHM, dateTime, scope); byte[] canonicalRequestHashBytes = CanonicalizationHash.ComputeHash(Encoding.UTF8.GetBytes(canonicalRequest)); stringToSignBuilder.Append(AWSSDKUtils.ToHex(canonicalRequestHashBytes, true)); KeyedHashAlgorithm kha = KeyedHashAlgorithm.Create(signingAlgorithm); kha.Key = ComposeSigningKey(signingAlgorithm, awsSecretAccessKey, secureKey, region, dateStamp, service); string stringToSign = stringToSignBuilder.ToString(); metrics.AddProperty(RequestMetrics.Metric.StringToSign, stringToSign); byte[] signature = kha.ComputeHash(Encoding.UTF8.GetBytes(stringToSign)); StringBuilder authorizationHeader = new StringBuilder(); authorizationHeader.AppendFormat("{0}-{1} ", SCHEME, ALGORITHM); authorizationHeader.AppendFormat("Credential={0}/{1}, ", awsAccessKeyId, scope); authorizationHeader.AppendFormat("SignedHeaders={0}, ", GetSignedHeaders(headersToSign)); authorizationHeader.AppendFormat("Signature={0}", AWSSDKUtils.ToHex(signature, true)); request.Headers["Authorization"] = authorizationHeader.ToString(); }
protected Context(ConnectionMetrics connectionMetrics, RequestMetrics requestMetrics) { ConnectionMetrics = connectionMetrics; RequestMetrics = requestMetrics; }
public SimpleInMemSendContext(SimpleInMemConnection connection, ConnectionMetrics connectionMetrics, RequestMetrics requestMetrics) : base(connectionMetrics, requestMetrics) { Connection = connection; }
private void SignHttp(IRequest request, ClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey, SecureString secureKey) { SigningAlgorithm algorithm = SigningAlgorithm.HmacSHA256; string nonce = Guid.NewGuid().ToString(); string date = AWSSDKUtils.FormattedCurrentTimestampRFC822; bool isHttps = IsHttpsRequest(request); // Temporarily disabling the AWS3 HTTPS signing scheme and only using AWS3 HTTP isHttps = false; request.Headers["Date"] = date; request.Headers["X-Amz-Date"] = date; // AWS3 HTTP requires that we sign the Host header // so we have to have it in the request by the time we sign. string hostHeader = request.Endpoint.Host; if (!request.Endpoint.IsDefaultPort) hostHeader += ":" + request.Endpoint.Port; request.Headers["Host"] = hostHeader; byte[] bytesToSign; string stringToSign; if (isHttps) { request.Headers[NONCE_HEADER] = nonce; stringToSign = date + nonce; bytesToSign = Encoding.UTF8.GetBytes(stringToSign); } else { Uri url = request.Endpoint; if (!string.IsNullOrEmpty(request.ResourcePath)) url = new Uri(request.Endpoint, request.ResourcePath); stringToSign = request.HttpMethod + "\n" + GetCanonicalizedResourcePath(url) + "\n" + GetCanonicalizedQueryString(request.Parameters) + "\n" + GetCanonicalizedHeadersForStringToSign(request) + "\n" + GetRequestPayload(request); bytesToSign = CanonicalizationHash.ComputeHash(Encoding.UTF8.GetBytes(stringToSign)); } metrics.AddProperty(RequestMetrics.Metric.StringToSign, stringToSign); string signature = ComputeHash(bytesToSign, awsSecretAccessKey, secureKey, algorithm); StringBuilder builder = new StringBuilder(); builder.Append(isHttps ? HTTPS_SCHEME : HTTP_SCHEME); builder.Append(" "); builder.Append("AWSAccessKeyId=" + awsAccessKeyId + ","); builder.Append("Algorithm=" + algorithm.ToString() + ","); if (!isHttps) { builder.Append(GetSignedHeadersComponent(request) + ","); } builder.Append("Signature=" + signature); string authorizationHeader = builder.ToString(); request.Headers[AUTHORIZATION_HEADER] = authorizationHeader; }
/// <summary> /// Signs the specified request with the AWS3 signing protocol by using the /// AWS account credentials given in the method parameters. /// </summary> /// <param name="awsAccessKeyId">The AWS public key</param> /// <param name="awsSecretAccessKey">The AWS secret key used to sign the request in clear text</param> /// <param name="clientConfig">The configuration that specifies which hashing algorithm to use</param> /// <param name="request">The request to have the signature compute for</param> /// <param name="secureKey">The AWS secret key stored in a secure string</param> /// <param name="metrics">Request metrics</param> /// <exception cref="Amazon.Runtime.SignatureException">If any problems are encountered while signing the request</exception> public override void Sign(IRequest request, ClientConfig clientConfig, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey, SecureString secureKey) { if (UseAws3Https) { SignHttps(request, clientConfig, metrics, awsAccessKeyId, awsSecretAccessKey, secureKey); } else { SignHttp(request, clientConfig, metrics, awsAccessKeyId, awsSecretAccessKey, secureKey); } }
public void Emit(RequestMetrics metrics) { RequestMetricses.Add(metrics); }
public override UnmarshallerContext CreateContext(IWebResponseData response, bool readEntireResponse, Stream stream, RequestMetrics metrics) { if (response.IsHeaderPresent(AMZ_ID_2)) metrics.AddProperty(Metric.AmzId2, response.GetHeaderValue(AMZ_ID_2)); return base.CreateContext(response, readEntireResponse, stream, metrics); }
/// <summary> /// This method was copied from AWS4PreSignedUrlSigner.SignRequest and adapted for this utility. /// </summary> /// <param name="request"></param> /// <param name="metrics"></param> /// <param name="awsAccessKeyId"></param> /// <param name="awsSecretAccessKey"></param> /// <param name="service"></param> /// <param name="region"></param> /// <returns></returns> public static AWS4SigningResult SignSynthesizeSpeechRequest(IRequest request, RequestMetrics metrics, string awsAccessKeyId, string awsSecretAccessKey, string service, string region) { // clean up any prior signature in the headers if resigning request.Headers.Remove(HeaderKeys.AuthorizationHeader); if (!request.Headers.ContainsKey(HeaderKeys.HostHeader)) { var hostHeader = request.Endpoint.Host; if (!request.Endpoint.IsDefaultPort) hostHeader += ":" + request.Endpoint.Port; request.Headers.Add(HeaderKeys.HostHeader, hostHeader); } var signedAt = AWSSDKUtils.CorrectedUtcNow; // AWS4 presigned urls got S3 are expected to contain a 'UNSIGNED-PAYLOAD' magic string // during signing (other services use the empty-body sha) if (request.Headers.ContainsKey(HeaderKeys.XAmzContentSha256Header)) request.Headers.Remove(HeaderKeys.XAmzContentSha256Header); var sortedHeaders = SortAndPruneHeaders(request.Headers); var canonicalizedHeaderNames = CanonicalizeHeaderNames(sortedHeaders); var parametersToCanonicalize = GetParametersToCanonicalize(request); parametersToCanonicalize.Add(XAmzAlgorithm, AWS4AlgorithmTag); parametersToCanonicalize.Add(XAmzCredential, string.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}/{3}/{4}", awsAccessKeyId, FormatDateTime(signedAt, AWSSDKUtils.ISO8601BasicDateFormat), region, service, Terminator)); parametersToCanonicalize.Add(HeaderKeys.XAmzDateHeader, FormatDateTime(signedAt, AWSSDKUtils.ISO8601BasicDateTimeFormat)); parametersToCanonicalize.Add(HeaderKeys.XAmzSignedHeadersHeader, canonicalizedHeaderNames); var canonicalQueryParams = CanonicalizeQueryParametersForSynthesizeSpeech(parametersToCanonicalize, true); var canonicalRequest = CanonicalizeRequest(request.Endpoint, request.ResourcePath, request.HttpMethod, sortedHeaders, canonicalQueryParams, service == "s3" ? UnsignedPayload : EmptyBodySha256); if (metrics != null) metrics.AddProperty(Metric.CanonicalRequest, canonicalRequest); return ComputeSignature(awsAccessKeyId, awsSecretAccessKey, region, signedAt, service, canonicalizedHeaderNames, canonicalRequest, metrics); }
public void Emit(RequestMetrics metrics) { Sink?.Emit(metrics); }
internal TimingEvent(RequestMetrics metrics, Metric metric) { this.metrics = metrics; this.metric = metric; }
public EpoxySendContext(EpoxyConnection connection, ConnectionMetrics connectionMetrics, RequestMetrics requestMetrics) : base(connectionMetrics, requestMetrics) { Connection = connection; }