public AuthenticationHeaderValue CalculateAuthorizationHeaderValue(HttpMethod httpMethod, string url, DateTime date, IDictionary <string, string> httpHeaders)
{
string signedHeaders;
var canonicalRequestHash = CalculateCanonicalRequestHash(httpMethod, url, httpHeaders, out signedHeaders);
var signingKey = CalculateSigningKey(date, ServiceName);
using (var hash = new HMACSHA256(signingKey))
{
var scope = $"{date:yyyyMMdd}/{AwsRegion}/{ServiceName}/aws4_request";
var stringToHash = $"AWS4-HMAC-SHA256\n{RavenAwsHelper.ConvertToString(date)}\n{scope}\n{canonicalRequestHash}";
var hashedString = hash.ComputeHash(Encoding.UTF8.GetBytes(stringToHash));
var signature = RavenAwsHelper.ConvertToHex(hashedString);
var credentials = $"{_awsAccessKey}/{date:yyyyMMdd}/{AwsRegion}/{ServiceName}/aws4_request";
return(new AuthenticationHeaderValue("AWS4-HMAC-SHA256", $"Credential={credentials},SignedHeaders={signedHeaders},Signature={signature}"));
}
}
public async Task <Blob> GetObject(string bucketName, string key)
{
await ValidateAwsRegion();
var url = GetUrl(bucketName) + "/" + key;
var now = SystemTime.UtcNow;
var payloadHash = RavenAwsHelper.CalculatePayloadHash(null);
var requestMessage = new HttpRequestMessage(HttpMethods.Get, url)
{
Headers =
{
{ "x-amz-date", RavenAwsHelper.ConvertToString(now) },
{ "x-amz-content-sha256", payloadHash }
}
};
var headers = ConvertToHeaders(bucketName, requestMessage.Headers);
var client = GetClient();
client.DefaultRequestHeaders.Authorization = CalculateAuthorizationHeaderValue(HttpMethods.Get, url, now, headers);
var response = await client.SendAsync(requestMessage);
if (response.StatusCode == HttpStatusCode.NotFound)
{
return(null);
}
if (response.IsSuccessStatusCode == false)
{
throw ErrorResponseException.FromResponseMessage(response);
}
var data = await response.Content.ReadAsStreamAsync();
var metadataHeaders = response.Headers.ToDictionary(x => x.Key, x => x.Value.FirstOrDefault());
return(new Blob(data, metadataHeaders));
}
private static string CalculateCanonicalRequestHash(HttpMethod httpMethod, string url, IDictionary <string, string> httpHeaders, out string signedHeaders)
{
var isGet = httpMethod == HttpMethods.Get;
var uri = new Uri(url);
var canonicalUri = uri.AbsolutePath;
var query = QueryHelpers.ParseQuery(uri.Query);
var canonicalQueryString = query
.OrderBy(parameter => parameter.Key)
.Select(parameter => parameter.Value.Aggregate((current, value) => current + $"{parameter.Key}={value.Trim()}&"))
.Aggregate(string.Empty, (current, parameter) => current + parameter);
if (canonicalQueryString.EndsWith("&"))
{
canonicalQueryString = canonicalQueryString.Substring(0, canonicalQueryString.Length - 1);
}
var headers = httpHeaders
.Where(x => isGet == false || x.Key.StartsWith("Date", StringComparison.OrdinalIgnoreCase) == false)
.OrderBy(x => x.Key);
var canonicalHeaders = headers
.Aggregate(string.Empty, (current, parameter) => current + $"{parameter.Key.ToLower()}:{parameter.Value.Trim()}\n");
signedHeaders = headers
.Aggregate(string.Empty, (current, parameter) => current + parameter.Key.ToLower() + ";");
if (signedHeaders.EndsWith(";"))
{
signedHeaders = signedHeaders.Substring(0, signedHeaders.Length - 1);
}
using (var hash = SHA256.Create())
{
var hashedPayload = httpHeaders["x-amz-content-sha256"];
var canonicalRequest = $"{httpMethod}\n{canonicalUri}\n{canonicalQueryString}\n{canonicalHeaders}\n{signedHeaders}\n{hashedPayload}";
return(RavenAwsHelper.ConvertToHex(hash.ComputeHash(Encoding.UTF8.GetBytes(canonicalRequest))));
}
}
public async Task <string> UploadArchive(string glacierVaultName, Stream stream, string archiveDescription, int timeoutInSeconds)
{
await ValidateAwsRegion();
var url = $"{GetUrl(null)}/-/vaults/{glacierVaultName}/archives";
var now = SystemTime.UtcNow;
var payloadHash = RavenAwsHelper.CalculatePayloadHash(stream);
var payloadTreeHash = RavenAwsHelper.CalculatePayloadTreeHash(stream);
var content = new StreamContent(stream)
{
Headers =
{
{ "x-amz-glacier-version", "2012-06-01" },
{ "x-amz-date", RavenAwsHelper.ConvertToString(now) },
{ "x-amz-content-sha256", payloadHash },
{ "x-amz-sha256-tree-hash", payloadTreeHash },
{ "x-amz-archive-description", archiveDescription }
}
};
var headers = ConvertToHeaders(glacierVaultName, content.Headers);
var client = GetClient(TimeSpan.FromSeconds(timeoutInSeconds));
var authorizationHeaderValue = CalculateAuthorizationHeaderValue(HttpMethods.Post, url, now, headers);
client.DefaultRequestHeaders.Authorization = authorizationHeaderValue;
var response = await client.PostAsync(url, content);
if (response.IsSuccessStatusCode)
{
return(ReadArchiveId(response));
}
throw ErrorResponseException.FromResponseMessage(response);
}
public async Task PutObject(string bucketName, string key, Stream stream, Dictionary <string, string> metadata, int timeoutInSeconds)
{
var url = GetUrl(bucketName) + "/" + key;
var now = SystemTime.UtcNow;
var payloadHash = RavenAwsHelper.CalculatePayloadHash(stream);
var content = new StreamContent(stream)
{
Headers =
{
{ "x-amz-date", RavenAwsHelper.ConvertToString(now) },
{ "x-amz-content-sha256", payloadHash }
}
};
foreach (var metadataKey in metadata.Keys)
{
content.Headers.Add("x-amz-meta-" + metadataKey.ToLower(), metadata[metadataKey]);
}
var headers = ConvertToHeaders(bucketName, content.Headers);
var client = GetClient(TimeSpan.FromSeconds(timeoutInSeconds));
var authorizationHeaderValue = CalculateAuthorizationHeaderValue(HttpMethods.Put, url, now, headers);
client.DefaultRequestHeaders.Authorization = authorizationHeaderValue;
var response = await client.PutAsync(url, content);
if (response.IsSuccessStatusCode)
{
return;
}
throw ErrorResponseException.FromResponseMessage(response);
}
