| static private GetRegion ( string endpoint ) : string | ||
| endpoint | string | S3 API endpoint |
| 리턴 | string | |
public void Authenticate(IRestClient client, IRestRequest request)
{
DateTime signingDate = DateTime.UtcNow;
SetContentMd5(request);
SetContentSha256(request);
SetHostHeader(client, request);
SetDateHeader(request, signingDate);
SortedDictionary <string, string> headersToSign = GetHeadersToSign(request);
string signedHeaders = GetSignedHeaders(headersToSign);
string region = Regions.GetRegion(client.BaseUrl.Host);
string canonicalRequest = GetCanonicalRequest(client, request, headersToSign);
byte[] canonicalRequestBytes = System.Text.Encoding.UTF8.GetBytes(canonicalRequest);
string canonicalRequestHash = BytesToHex(ComputeSha256(canonicalRequestBytes));
string stringToSign = GetStringToSign(region, canonicalRequestHash, signingDate);
byte[] signingKey = GenerateSigningKey(region, signingDate);
byte[] stringToSignBytes = System.Text.Encoding.UTF8.GetBytes(stringToSign);
byte[] signatureBytes = SignHmac(signingKey, stringToSignBytes);
string signature = BytesToHex(signatureBytes);
string authorization = GetAuthorizationHeader(signedHeaders, signature, signingDate, region);
request.AddHeader("Authorization", authorization);
}
/// <summary>
/// Presigns any input client object with a requested expiry.
/// </summary>
/// <param name="client">Instantiated client</param>
/// <param name="request">Instantiated request</param>
/// <param name="expires">Expiration in seconds</param>
/// <returns>Presigned url</returns>
public string PresignURL(IRestClient client, IRestRequest request, int expires)
{
DateTime signingDate = DateTime.UtcNow;
string region = Regions.GetRegion(client.BaseUrl.Host);
string requestQuery = "";
string path = request.Resource;
requestQuery = "X-Amz-Algorithm=AWS4-HMAC-SHA256&";
requestQuery += "X-Amz-Credential="
+ this.accessKey
+ Uri.EscapeDataString("/" + GetScope(region, signingDate))
+ "&";
requestQuery += "X-Amz-Date="
+ signingDate.ToString("yyyyMMddTHHmmssZ")
+ "&";
requestQuery += "X-Amz-Expires="
+ expires
+ "&";
requestQuery += "X-Amz-SignedHeaders=host";
string canonicalRequest = GetPresignCanonicalRequest(client, request, requestQuery);
byte[] canonicalRequestBytes = System.Text.Encoding.UTF8.GetBytes(canonicalRequest);
string canonicalRequestHash = BytesToHex(ComputeSha256(canonicalRequestBytes));
string stringToSign = GetStringToSign(region, signingDate, canonicalRequestHash);
byte[] signingKey = GenerateSigningKey(region, signingDate);
byte[] stringToSignBytes = System.Text.Encoding.UTF8.GetBytes(stringToSign);
byte[] signatureBytes = SignHmac(signingKey, stringToSignBytes);
string signature = BytesToHex(signatureBytes);
// Return presigned url.
return(client.BaseUrl + path + "?" + requestQuery + "&X-Amz-Signature=" + signature);
}
/// <summary>
/// Creates and returns an Cloud Storage client
/// </summary>
/// <param name="uri">Location of the server, supports HTTP and HTTPS</param>
/// <param name="accessKey">Access Key for authenticated requests</param>
/// <param name="secretKey">Secret Key for authenticated requests</param>
/// <returns>Client with the uri set as the server location and authentication parameters set.</returns>
public MinioClient(Uri uri, string accessKey, string secretKey)
{
if (uri == null)
{
throw new NullReferenceException();
}
if (!(uri.Scheme == "http" || uri.Scheme == "https"))
{
throw new UriFormatException("Expecting http or https");
}
if (uri.Query.Length != 0)
{
throw new UriFormatException("Expecting no query");
}
if (!(uri.AbsolutePath.Length == 0 || (uri.AbsolutePath.Length == 1 && uri.AbsolutePath[0] == '/')))
{
throw new UriFormatException("Expecting AbsolutePath to be empty");
}
String path = uri.Scheme + "://" + uri.Host + ":" + uri.Port + "/";
uri = new Uri(path);
this.client = new RestClient(uri);
this.region = Regions.GetRegion(uri.Host);
this.client.UserAgent = this.FullUserAgent;
if (accessKey != null && secretKey != null)
{
this.client.Authenticator = new V4Authenticator(accessKey, secretKey);
}
}
/// <summary>
/// Presigned post policy
/// </summary>
public Dictionary <string, string> PresignedPostPolicy(PostPolicy policy)
{
if (!policy.IsBucketSet())
{
throw new ArgumentException("bucket should be set");
}
if (!policy.IsKeySet())
{
throw new ArgumentException("key should be set");
}
if (!policy.IsExpirationSet())
{
throw new ArgumentException("expiration should be set");
}
string region = Regions.GetRegion(this.client.BaseUrl.Host);
DateTime signingDate = DateTime.UtcNow;
policy.SetAlgorithm("AWS4-HMAC-SHA256");
policy.SetCredential(this.authenticator.GetCredentialString(signingDate, region));
policy.SetDate(signingDate);
string policyBase64 = policy.Base64();
string signature = this.authenticator.PresignPostSignature(region, signingDate, policyBase64);
policy.SetPolicy(policyBase64);
policy.SetSignature(signature);
return(policy.GetFormData());
}
