Class AwsSignatureV4Constants
- java.lang.Object
-
- org.jclouds.s3.filters.AwsSignatureV4Constants
-
public abstract class AwsSignatureV4Constants extends Object
AWS Signature Version 4 Constants.
-
-
Field Summary
Fields Modifier and Type Field Description static String
AMZ_ALGORITHM_HMAC_SHA256
This string identifies AWS Signature Version 4 (AWS4) and the HMAC-SHA256 algorithm (HMAC-SHA256).static String
AMZ_ALGORITHM_PARAM
For AWS Signature Version 4, you set this parameter value to "AWS4-HMAC-SHA256".static String
AMZ_CONTENT_SHA256_HEADER
AWS content sha256 header keystatic String
AMZ_CREDENTIAL_PARAM
In addition to your access key ID, this parameter also provides scope information identifying the region and service for which the signature is valid.static String
AMZ_DATE_HEADER
AWS date header keystatic String
AMZ_DATE_PARAM
The date in ISO 8601 format, for example, 20130721T201207Z.static String
AMZ_DECODED_CONTENT_LENGTH_HEADER
'x-amz-decoded-content-length' is used to transmit the actualstatic String
AMZ_EXPIRES_PARAM
Provides the time period, in seconds, for which the generated presigned URL is valid.static String
AMZ_SECURITY_TOKEN_HEADER
AWS security token keystatic String
AMZ_SECURITY_TOKEN_PARAM
This header can be used in the following scenarios: Provide security tokens for Amazon DevPay operations—Each request that uses Amazon DevPay requires two x-amz-security-token headers: one for the product token and one for the user token.static String
AMZ_SIGNATURE_PARAM
X-Amz-Signature Provides the signature to authenticate your request.static String
AMZ_SIGNEDHEADERS_PARAM
Lists the headers that you used to calculate the signature.static String
AUTHORIZATION_HEADER
AWS authorization header keystatic String
CHUNK_SIGNATURE_HEADER
static String
CHUNK_STRING_TO_SIGN_PREFIX
static String
CLRF
static String
CONTENT_ENCODING_HEADER_AWS_CHUNKED
Content-Encodingstatic byte[]
FINAL_CHUNK
static int
SIGNATURE_LENGTH
static String
STREAMING_BODY_SHA256
SHA256 substitute marker used in place of x-amz-content-sha256 when employing chunked uploadsstatic String
UNSIGNED_PAYLOAD
You don't include a payload hash in the Canonical Request, because when you create a presigned URL,
-
-
-
Field Detail
-
AUTHORIZATION_HEADER
public static final String AUTHORIZATION_HEADER
AWS authorization header key- See Also:
- Constant Field Values
-
AMZ_CONTENT_SHA256_HEADER
public static final String AMZ_CONTENT_SHA256_HEADER
AWS content sha256 header key- See Also:
- Constant Field Values
-
AMZ_DATE_HEADER
public static final String AMZ_DATE_HEADER
AWS date header key- See Also:
- Constant Field Values
-
AMZ_SECURITY_TOKEN_HEADER
public static final String AMZ_SECURITY_TOKEN_HEADER
AWS security token key- See Also:
- Constant Field Values
-
AMZ_ALGORITHM_PARAM
public static final String AMZ_ALGORITHM_PARAM
For AWS Signature Version 4, you set this parameter value to "AWS4-HMAC-SHA256".- See Also:
- Constant Field Values
-
AMZ_ALGORITHM_HMAC_SHA256
public static final String AMZ_ALGORITHM_HMAC_SHA256
This string identifies AWS Signature Version 4 (AWS4) and the HMAC-SHA256 algorithm (HMAC-SHA256).- See Also:
- Constant Field Values
-
AMZ_CREDENTIAL_PARAM
public static final String AMZ_CREDENTIAL_PARAM
In addition to your access key ID, this parameter also provides scope information identifying the region and service for which the signature is valid.This value should match the scope that you use to calculate the signing key, as discussed in the following section.
The general form for this parameter value is as follows:
<your-access-key-id>/<date>/<AWS-region>/<AWS-service>/aws4_request.
For example:
AKIAIOSFODNN7EXAMPLE/20130721/us-east-1/s3/aws4_request.
For Amazon S3, the AWS-service string is "s3". For a list of AWS-region strings, go to Regions and Endpoints in the Amazon Web Services General Reference- See Also:
- Constant Field Values
-
AMZ_SECURITY_TOKEN_PARAM
public static final String AMZ_SECURITY_TOKEN_PARAM
This header can be used in the following scenarios:- Provide security tokens for Amazon DevPay operations—Each request that uses Amazon DevPay requires two x-amz-security-token headers: one for the product token and one for the user token. When Amazon S3 receives an authenticated request, it compares the computed signature with the provided signature. Improperly formatted multi-value headers used to calculate a signature can cause authentication issues
- Provide security token when using temporary security credentials—When making requests using temporary security credentials you obtained from IAM you must provide a security token using this header. To learn more about temporary security credentials, go to Making Requests.
- See Also:
- Constant Field Values
-
AMZ_DATE_PARAM
public static final String AMZ_DATE_PARAM
The date in ISO 8601 format, for example, 20130721T201207Z. This value must match the date value used to calculate the signature.- See Also:
- Constant Field Values
-
AMZ_EXPIRES_PARAM
public static final String AMZ_EXPIRES_PARAM
Provides the time period, in seconds, for which the generated presigned URL is valid.For example, 86400 (24 hours). This value is an integer. The minimum value you can set is 1, and the maximum is 604800 (seven days).
A presigned URL can be valid for a maximum of seven days because the signing key you use in signature calculation is valid for up to seven days.
- See Also:
- Constant Field Values
-
AMZ_SIGNEDHEADERS_PARAM
public static final String AMZ_SIGNEDHEADERS_PARAM
Lists the headers that you used to calculate the signature.The HTTP host header is required. Any x-amz-* headers that you plan to add to the request are also required for signature calculation.
In general, for added security, you should sign all the request headers that you plan to include in your request.
- See Also:
- Constant Field Values
-
AMZ_SIGNATURE_PARAM
public static final String AMZ_SIGNATURE_PARAM
X-Amz-Signature Provides the signature to authenticate your request.This signature must match the signature Amazon S3 calculates; otherwise, Amazon S3 denies the request. For example, 733255ef022bec3f2a8701cd61d4b371f3f28c9f193a1f02279211d48d5193d7
- See Also:
- Constant Field Values
-
UNSIGNED_PAYLOAD
public static final String UNSIGNED_PAYLOAD
You don't include a payload hash in the Canonical Request, because when you create a presigned URL,you don't know anything about the payload. Instead, you use a constant string "UNSIGNED-PAYLOAD".
- See Also:
- Constant Field Values
-
STREAMING_BODY_SHA256
public static final String STREAMING_BODY_SHA256
SHA256 substitute marker used in place of x-amz-content-sha256 when employing chunked uploads- See Also:
- Constant Field Values
-
CHUNK_STRING_TO_SIGN_PREFIX
public static final String CHUNK_STRING_TO_SIGN_PREFIX
- See Also:
- Constant Field Values
-
CLRF
public static final String CLRF
- See Also:
- Constant Field Values
-
CHUNK_SIGNATURE_HEADER
public static final String CHUNK_SIGNATURE_HEADER
- See Also:
- Constant Field Values
-
SIGNATURE_LENGTH
public static final int SIGNATURE_LENGTH
- See Also:
- Constant Field Values
-
FINAL_CHUNK
public static final byte[] FINAL_CHUNK
-
CONTENT_ENCODING_HEADER_AWS_CHUNKED
public static final String CONTENT_ENCODING_HEADER_AWS_CHUNKED
Content-EncodingSet the value to aws-chunked.
Amazon S3 supports multiple content encodings, for example,
Content-Encoding : aws-chunked, gzip
That is, you can specify your custom content-encoding when using Signature Version 4 streaming API.- See Also:
- Constant Field Values
-
AMZ_DECODED_CONTENT_LENGTH_HEADER
public static final String AMZ_DECODED_CONTENT_LENGTH_HEADER
'x-amz-decoded-content-length' is used to transmit the actual- See Also:
- Constant Field Values
-
-