Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Issue #1060: add dynamic loading of HTTP request signing algorithms.
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
- Loading branch information
Showing
17 changed files
with
672 additions
and
55 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
94 changes: 94 additions & 0 deletions
94
...a/org/eclipse/ditto/connectivity/service/messaging/httppush/AwsRequestSigningFactory.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,94 @@ | ||
/* | ||
* Copyright (c) 2021 Contributors to the Eclipse Foundation | ||
* | ||
* See the NOTICE file(s) distributed with this work for additional | ||
* information regarding copyright ownership. | ||
* | ||
* This program and the accompanying materials are made available under the | ||
* terms of the Eclipse Public License 2.0 which is available at | ||
* http://www.eclipse.org/legal/epl-2.0 | ||
* | ||
* SPDX-License-Identifier: EPL-2.0 | ||
*/ | ||
package org.eclipse.ditto.connectivity.service.messaging.httppush; | ||
|
||
import java.time.Duration; | ||
import java.util.List; | ||
import java.util.stream.Collectors; | ||
|
||
import org.eclipse.ditto.connectivity.model.HmacCredentials; | ||
import org.eclipse.ditto.json.JsonArray; | ||
import org.eclipse.ditto.json.JsonFieldDefinition; | ||
import org.eclipse.ditto.json.JsonObject; | ||
import org.eclipse.ditto.json.JsonValue; | ||
|
||
import akka.actor.ActorSystem; | ||
|
||
/** | ||
* Creator of the signing process {@code AWS4-HMAC-SHA256}. | ||
*/ | ||
public final class AwsRequestSigningFactory implements RequestSigningFactory { | ||
|
||
/** | ||
* Token timeout to evaluate the body of outgoing requests, which should take very little time as it does not | ||
* depend on IO. | ||
*/ | ||
private static final Duration TIMEOUT = Duration.ofSeconds(10); | ||
|
||
/** | ||
* Which header to sign by default. | ||
*/ | ||
private static final List<String> DEFAULT_CANONICAL_HEADERS = List.of("host"); | ||
|
||
@Override | ||
public RequestSigning create(final ActorSystem actorSystem, final HmacCredentials credentials) { | ||
final JsonObject parameters = credentials.getParameters(); | ||
final String region = parameters.getValueOrThrow(JsonFields.REGION); | ||
final String service = parameters.getValueOrThrow(JsonFields.SERVICE); | ||
final String accessKey = parameters.getValueOrThrow(JsonFields.ACCESS_KEY); | ||
final String secretKey = parameters.getValueOrThrow(JsonFields.SECRET_KEY); | ||
final boolean doubleEncode = parameters.getValue(JsonFields.DOUBLE_ENCODE).orElse(true); | ||
final List<String> canonicalHeaders = parameters.getValue(JsonFields.CANONICAL_HEADERS) | ||
.map(array -> array.stream().map(JsonValue::asString).collect(Collectors.toList())) | ||
.orElse(DEFAULT_CANONICAL_HEADERS); | ||
return new AwsRequestSigning(actorSystem, canonicalHeaders, region, service, accessKey, secretKey, doubleEncode, | ||
TIMEOUT); | ||
} | ||
|
||
/** | ||
* JSON fields of algorithm parameters. | ||
*/ | ||
public static final class JsonFields { | ||
|
||
/** | ||
* Obligatory: The AWS region of the signed requests. | ||
*/ | ||
public static JsonFieldDefinition<String> REGION = JsonFieldDefinition.ofString("region"); | ||
|
||
/** | ||
* Obligatory: The service for which the signed requests are intended. | ||
*/ | ||
public static JsonFieldDefinition<String> SERVICE = JsonFieldDefinition.ofString("service"); | ||
|
||
/** | ||
* Obligatory: Access key to sign requests with. | ||
*/ | ||
public static JsonFieldDefinition<String> ACCESS_KEY = JsonFieldDefinition.ofString("accessKey"); | ||
|
||
/** | ||
* Obligatory: Secret key to sign requests with. | ||
*/ | ||
public static JsonFieldDefinition<String> SECRET_KEY = JsonFieldDefinition.ofString("secretKey"); | ||
|
||
/** | ||
* Optional: Whether to double-encode and normalize path segments. True by default. Set to false for S3. | ||
*/ | ||
public static JsonFieldDefinition<Boolean> DOUBLE_ENCODE = JsonFieldDefinition.ofBoolean("doubleEncode"); | ||
|
||
/** | ||
* Optional: Which headers to sign. They differ for each AWS service. By default only "host" is signed. | ||
*/ | ||
public static JsonFieldDefinition<JsonArray> CANONICAL_HEADERS = | ||
JsonFieldDefinition.ofJsonArray("canonicalHeaders"); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
57 changes: 57 additions & 0 deletions
57
...eclipse/ditto/connectivity/service/messaging/httppush/AzMonitorRequestSigningFactory.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
/* | ||
* Copyright (c) 2021 Contributors to the Eclipse Foundation | ||
* | ||
* See the NOTICE file(s) distributed with this work for additional | ||
* information regarding copyright ownership. | ||
* | ||
* This program and the accompanying materials are made available under the | ||
* terms of the Eclipse Public License 2.0 which is available at | ||
* http://www.eclipse.org/legal/epl-2.0 | ||
* | ||
* SPDX-License-Identifier: EPL-2.0 | ||
*/ | ||
package org.eclipse.ditto.connectivity.service.messaging.httppush; | ||
|
||
import java.time.Duration; | ||
|
||
import org.eclipse.ditto.connectivity.model.HmacCredentials; | ||
import org.eclipse.ditto.json.JsonFieldDefinition; | ||
import org.eclipse.ditto.json.JsonObject; | ||
|
||
import akka.actor.ActorSystem; | ||
|
||
/** | ||
* Creator of the signing process for Azure Monitor Data Collector. | ||
*/ | ||
public final class AzMonitorRequestSigningFactory implements RequestSigningFactory { | ||
|
||
/** | ||
* Token timeout to evaluate the body of outgoing requests, which should take very little time as it does not | ||
* depend on IO. | ||
*/ | ||
private static final Duration TIMEOUT = Duration.ofSeconds(10); | ||
|
||
@Override | ||
public RequestSigning create(final ActorSystem actorSystem, final HmacCredentials credentials) { | ||
final JsonObject parameters = credentials.getParameters(); | ||
final String workspaceId = parameters.getValueOrThrow(JsonFields.WORKSPACE_ID); | ||
final String sharedKey = parameters.getValueOrThrow(JsonFields.SHARED_KEY); | ||
return AzMonitorRequestSigning.of(actorSystem, workspaceId, sharedKey, TIMEOUT); | ||
} | ||
|
||
/** | ||
* JSON fields of algorithm parameters. | ||
*/ | ||
public static final class JsonFields { | ||
|
||
/** | ||
* Obligatory: The Azure workspace ID of the signed requests. | ||
*/ | ||
public static JsonFieldDefinition<String> WORKSPACE_ID = JsonFieldDefinition.ofString("workspaceId"); | ||
|
||
/** | ||
* Obligatory: The shared key with which to sign requests. | ||
*/ | ||
public static JsonFieldDefinition<String> SHARED_KEY = JsonFieldDefinition.ofString("sharedKey"); | ||
} | ||
} |
Oops, something went wrong.