Merge pull request #169 from scireum/develop

Release 7.0.1

pom.xml

@@ -16,8 +16,8 @@
     <url>http://s3ninja.net</url>
 
     <properties>
-        <sirius.kernel>dev-21.0.1</sirius.kernel>
-        <sirius.web>dev-33.0.1</sirius.web>
+        <sirius.kernel>ga-1.0.1</sirius.kernel>
+        <sirius.web>ga-1.1.0</sirius.web>
     </properties>
 
     <repositories>

src/main/java/ninja/Aws4HashCalculator.java

@@ -48,29 +48,29 @@ public class Aws4HashCalculator {
     /**
      * Determines if the given request contains an AWS4 auth token.
      *
-     * @param ctx the request to check
+     * @param webContext the request to check
      * @return <tt>true</tt> if the request contains an AWS4 auth token, <tt>false</tt>  otherwise.
      */
-    public boolean supports(final WebContext ctx) {
-        return AWS_AUTH4_PATTERN.matcher(ctx.getHeaderValue("Authorization").asString("")).matches()
-               || X_AMZ_CREDENTIAL_PATTERN.matcher(ctx.get("X-Amz-Credential").asString("")).matches();
+    public boolean supports(final WebContext webContext) {
+        return AWS_AUTH4_PATTERN.matcher(webContext.getHeaderValue("Authorization").asString("")).matches()
+               || X_AMZ_CREDENTIAL_PATTERN.matcher(webContext.get("X-Amz-Credential").asString("")).matches();
     }
 
     /**
      * Computes the authentication hash as specified by the AWS SDK for verification purposes.
      *
-     * @param ctx        the current request to fetch parameters from
+     * @param webContext the current request to fetch parameters from
      * @param pathPrefix the path prefix to preped to the {@link S3Dispatcher#getEffectiveURI(WebContext) effective URI}
      *                   of the request
      * @return the computes hash value
      * @throws Exception when hashing fails
      */
-    public String computeHash(WebContext ctx, String pathPrefix) throws Exception {
-        Matcher matcher = AWS_AUTH4_PATTERN.matcher(ctx.getHeaderValue("Authorization").asString(""));
+    public String computeHash(WebContext webContext, String pathPrefix) throws Exception {
+        Matcher matcher = AWS_AUTH4_PATTERN.matcher(webContext.getHeaderValue("Authorization").asString(""));
 
         if (!matcher.matches()) {
             // If the header doesn't match, let's try an URL parameter as we might be processing a presigned URL
-            matcher = X_AMZ_CREDENTIAL_PATTERN.matcher(ctx.get("X-Amz-Credential").asString(""));
+            matcher = X_AMZ_CREDENTIAL_PATTERN.matcher(webContext.get("X-Amz-Credential").asString(""));
             if (!matcher.matches()) {
                 throw new IllegalArgumentException("Unknown AWS4 auth pattern");
             }
@@ -83,24 +83,27 @@ public String computeHash(WebContext ctx, String pathPrefix) throws Exception {
 
         // For header based requests, the signed headers are in the "Credentials" header, for presigned URLs
         // an extra parameter is given...
-        String signedHeaders = matcher.groupCount() == 7 ? matcher.group(6) : ctx.get("X-Amz-SignedHeaders").asString();
+        String signedHeaders =
+                matcher.groupCount() == 7 ? matcher.group(6) : webContext.get("X-Amz-SignedHeaders").asString();
 
         byte[] dateKey = hmacSHA256(("AWS4" + storage.getAwsSecretKey()).getBytes(StandardCharsets.UTF_8), date);
         byte[] dateRegionKey = hmacSHA256(dateKey, region);
         byte[] dateRegionServiceKey = hmacSHA256(dateRegionKey, service);
         byte[] signingKey = hmacSHA256(dateRegionServiceKey, serviceType);
 
-        byte[] signedData = hmacSHA256(signingKey, buildStringToSign(ctx, signedHeaders, region, service, serviceType));
+        byte[] signedData =
+                hmacSHA256(signingKey, buildStringToSign(webContext, signedHeaders, region, service, serviceType));
         return BaseEncoding.base16().lowerCase().encode(signedData);
     }
 
-    private String buildStringToSign(final WebContext ctx,
+    private String buildStringToSign(final WebContext webContext,
                                      String signedHeaders,
                                      String region,
                                      String service,
                                      String serviceType) {
-        final StringBuilder canonicalRequest = buildCanonicalRequest(ctx, signedHeaders);
-        final String amazonDateHeader = ctx.getHeaderValue("x-amz-date").asString(ctx.get("X-Amz-Date").asString());
+        final StringBuilder canonicalRequest = buildCanonicalRequest(webContext, signedHeaders);
+        final String amazonDateHeader =
+                webContext.getHeaderValue("x-amz-date").asString(webContext.get("X-Amz-Date").asString());
         return "AWS4-HMAC-SHA256\n"
                + amazonDateHeader
                + "\n"
@@ -115,30 +118,30 @@ private String buildStringToSign(final WebContext ctx,
                + hashedCanonicalRequest(canonicalRequest);
     }
 
-    private StringBuilder buildCanonicalRequest(final WebContext ctx, final String signedHeaders) {
-        StringBuilder canonicalRequest = new StringBuilder(ctx.getRequest().method().name());
+    private StringBuilder buildCanonicalRequest(final WebContext webContext, final String signedHeaders) {
+        StringBuilder canonicalRequest = new StringBuilder(webContext.getRequest().method().name());
         canonicalRequest.append("\n");
-        canonicalRequest.append(ctx.getRawRequestedURI());
+        canonicalRequest.append(webContext.getRawRequestedURI());
         canonicalRequest.append("\n");
 
-        appendCanonicalQueryString(ctx, canonicalRequest);
+        appendCanonicalQueryString(webContext, canonicalRequest);
 
         for (String name : signedHeaders.split(";")) {
             canonicalRequest.append(name.trim());
             canonicalRequest.append(":");
-            canonicalRequest.append(Strings.join(ctx.getRequest().headers().getAll(name), ",").trim());
+            canonicalRequest.append(Strings.join(webContext.getRequest().headers().getAll(name), ",").trim());
             canonicalRequest.append("\n");
         }
         canonicalRequest.append("\n");
         canonicalRequest.append(signedHeaders);
         canonicalRequest.append("\n");
-        canonicalRequest.append(ctx.getHeaderValue("x-amz-content-sha256").asString("UNSIGNED-PAYLOAD"));
+        canonicalRequest.append(webContext.getHeaderValue("x-amz-content-sha256").asString("UNSIGNED-PAYLOAD"));
 
         return canonicalRequest;
     }
 
-    private void appendCanonicalQueryString(WebContext ctx, StringBuilder canonicalRequest) {
-        QueryStringDecoder qsd = new QueryStringDecoder(ctx.getRequest().uri(), StandardCharsets.UTF_8);
+    private void appendCanonicalQueryString(WebContext webContext, StringBuilder canonicalRequest) {
+        QueryStringDecoder qsd = new QueryStringDecoder(webContext.getRequest().uri(), StandardCharsets.UTF_8);
 
         List<Tuple<String, List<String>>> queryString = Tuple.fromMap(qsd.parameters());
         queryString.sort(Comparator.comparing(Tuple::getFirst));

src/main/java/ninja/AwsHashCalculator.java

@@ -36,23 +36,23 @@ public class AwsHashCalculator {
     /**
      * Computes the authentication hash as specified by the AWS SDK for verification purposes.
      *
-     * @param ctx        the current request to fetch parameters from
+     * @param webContext the current request to fetch parameters from
      * @param pathPrefix the path prefix to append to the current uri
      * @return the computes hash value
      */
-    public String computeHash(WebContext ctx, String pathPrefix) {
+    public String computeHash(WebContext webContext, String pathPrefix) {
         try {
-            return doComputeHash(ctx, pathPrefix);
+            return doComputeHash(webContext, pathPrefix);
         } catch (Exception e) {
             throw Exceptions.handle(UserContext.LOG, e);
         }
     }
 
-    private String doComputeHash(final WebContext ctx, final String pathPrefix) throws Exception {
-        if (aws4HashCalculator.supports(ctx)) {
-            return aws4HashCalculator.computeHash(ctx, pathPrefix);
+    private String doComputeHash(final WebContext webContext, final String pathPrefix) throws Exception {
+        if (aws4HashCalculator.supports(webContext)) {
+            return aws4HashCalculator.computeHash(webContext, pathPrefix);
         } else {
-            return legacyHashCalculator.computeHash(ctx, pathPrefix);
+            return legacyHashCalculator.computeHash(webContext, pathPrefix);
         }
     }
 }

src/main/java/ninja/AwsLegacyHashCalculator.java

@@ -62,27 +62,27 @@ public class AwsLegacyHashCalculator {
     /**
      * Computes the authentication hash as specified by the AWS SDK for verification purposes.
      *
-     * @param ctx        the current request to fetch parameters from
+     * @param webContext the current request to fetch parameters from
      * @param pathPrefix the path prefix to preped to the {@link S3Dispatcher#getEffectiveURI(WebContext) effective URI}
      *                   of the request
      * @return the computes hash value
      * @throws Exception when hashing fails
      */
-    public String computeHash(WebContext ctx, String pathPrefix) throws Exception {
-        StringBuilder stringToSign = new StringBuilder(ctx.getRequest().method().name());
+    public String computeHash(WebContext webContext, String pathPrefix) throws Exception {
+        StringBuilder stringToSign = new StringBuilder(webContext.getRequest().method().name());
         stringToSign.append("\n");
-        stringToSign.append(ctx.getHeaderValue("Content-MD5").asString(""));
+        stringToSign.append(webContext.getHeaderValue("Content-MD5").asString(""));
         stringToSign.append("\n");
-        stringToSign.append(ctx.getHeaderValue("Content-Type").asString(""));
+        stringToSign.append(webContext.getHeaderValue("Content-Type").asString(""));
         stringToSign.append("\n");
 
-        String date = ctx.get("Expires").asString(ctx.getHeaderValue("Date").asString(""));
-        if (ctx.getHeaderValue("x-amz-date").isNull()) {
+        String date = webContext.get("Expires").asString(webContext.getHeaderValue("Date").asString(""));
+        if (webContext.getHeaderValue("x-amz-date").isNull()) {
             stringToSign.append(date);
         }
         stringToSign.append("\n");
 
-        HttpHeaders requestHeaders = ctx.getRequest().headers();
+        HttpHeaders requestHeaders = webContext.getRequest().headers();
         List<String> headers = requestHeaders.names()
                                              .stream()
                                              .filter(this::relevantAmazonHeader)
@@ -95,14 +95,14 @@ public String computeHash(WebContext ctx, String pathPrefix) throws Exception {
             stringToSign.append("\n");
         }
 
-        stringToSign.append(pathPrefix).append('/').append(S3Dispatcher.getEffectiveURI(ctx));
+        stringToSign.append(pathPrefix).append('/').append(S3Dispatcher.getEffectiveURI(webContext));
 
         char separator = '?';
-        for (String parameterName : ctx.getParameterNames().stream().sorted().collect(Collectors.toList())) {
+        for (String parameterName : webContext.getParameterNames().stream().sorted().collect(Collectors.toList())) {
             // Skip parameters that aren't part of the canonical signed string
             if (SIGNED_PARAMETERS.contains(parameterName)) {
                 stringToSign.append(separator).append(parameterName);
-                String parameterValue = ctx.get(parameterName).asString();
+                String parameterValue = webContext.get(parameterName).asString();
                 if (Strings.isFilled(parameterValue)) {
                     stringToSign.append("=").append(parameterValue);
                 }

src/main/java/ninja/Bucket.java

@@ -67,7 +67,8 @@ public class Bucket {
 
     private final File publicMarker;
 
-    private static final Cache<String, Boolean> publicAccessCache = CacheManager.createLocalCache("public-bucket-access");
+    private static final Cache<String, Boolean> publicAccessCache =
+            CacheManager.createLocalCache("public-bucket-access");
 
     /**
      * Creates a new bucket based on the given directory.
@@ -195,7 +196,7 @@ public void outputObjects(XMLStructuredOutput output, int limit, @Nullable Strin
     /**
      * Very simplified stand-in for {@link Files#walkFileTree(Path, FileVisitor)} where we control the traversal order.
      *
-     * @param path the start path.
+     * @param path    the start path.
      * @param visitor the visitor processing the files.
      * @throws IOException forwarded from nested I/O operations.
      */
@@ -205,9 +206,7 @@ private void walkFileTreeOurWay(Path path, FileVisitor<? super Path> visitor) th
         }
 
         try (Stream<Path> children = Files.list(path)) {
-            children.filter(p -> filterObjects(p.toFile()))
-                    .sorted(Bucket::compareUtf8Binary)
-                    .forEach(p -> {
+            children.filter(p -> filterObjects(p.toFile())).sorted(Bucket::compareUtf8Binary).forEach(p -> {
                 try {
                     BasicFileAttributes attrs = Files.readAttributes(p, BasicFileAttributes.class);
                     visitor.visitFile(p, attrs);

src/main/java/ninja/BucketMigrator.java

@@ -79,7 +79,7 @@ private static void migratePublicMarkerVersion1To2(Bucket bucket) {
      * The legacy file name is considered as-is and URL-encoded for general UTF-8 support. The properties file is
      * prefixed with <tt>$</tt>, avoiding name clashes with other object files (where <tt>$</tt> would be encoded).
      *
-     * @param bucket the bucket to migrate
+     * @param bucket       the bucket to migrate
      * @param legacyObject the legacy object to migrate
      */
     private static void migrateObjectVersion1To2(Bucket bucket, File legacyObject) {