Package org.jclouds.s3.filters

Class AwsSignatureV4Constants

java.lang.Object
org.jclouds.s3.filters.AwsSignatureV4Constants
public abstract class AwsSignatureV4Constants extends Object
AWS Signature Version 4 Constants.

  • Field Details

    • AUTHORIZATION_HEADER

      public static final String AUTHORIZATION_HEADER
      AWS authorization header key
      See Also:

    • AMZ_CONTENT_SHA256_HEADER

      public static final String AMZ_CONTENT_SHA256_HEADER
      AWS content sha256 header key
      See Also:

    • AMZ_DATE_HEADER

      public static final String AMZ_DATE_HEADER
      AWS date header key
      See Also:

    • AMZ_SECURITY_TOKEN_HEADER

      public static final String AMZ_SECURITY_TOKEN_HEADER
      AWS security token key
      See Also:

    • AMZ_ALGORITHM_PARAM

      public static final String AMZ_ALGORITHM_PARAM
      For AWS Signature Version 4, you set this parameter value to "AWS4-HMAC-SHA256".
      See Also:

    • AMZ_ALGORITHM_HMAC_SHA256

      public static final String AMZ_ALGORITHM_HMAC_SHA256
      This string identifies AWS Signature Version 4 (AWS4) and the HMAC-SHA256 algorithm (HMAC-SHA256).
      See Also:

    • AMZ_CREDENTIAL_PARAM

      public static final String AMZ_CREDENTIAL_PARAM
      In addition to your access key ID, this parameter also provides scope information identifying the region and service for which the signature is valid.

      This value should match the scope that you use to calculate the signing key, as discussed in the following section.

      The general form for this parameter value is as follows:

      <your-access-key-id>/<date>/<AWS-region>/<AWS-service>/aws4_request.

      For example: AKIAIOSFODNN7EXAMPLE/20130721/us-east-1/s3/aws4_request.
      For Amazon S3, the AWS-service string is "s3". For a list of AWS-region strings, go to Regions and Endpoints in the Amazon Web Services General Reference

      See Also:

    • AMZ_SECURITY_TOKEN_PARAM

      public static final String AMZ_SECURITY_TOKEN_PARAM
      This header can be used in the following scenarios:
      • Provide security tokens for Amazon DevPay operations—Each request that uses Amazon DevPay requires two x-amz-security-token headers: one for the product token and one for the user token. When Amazon S3 receives an authenticated request, it compares the computed signature with the provided signature. Improperly formatted multi-value headers used to calculate a signature can cause authentication issues
      • Provide security token when using temporary security credentials—When making requests using temporary security credentials you obtained from IAM you must provide a security token using this header. To learn more about temporary security credentials, go to Making Requests.
      This header is required for requests that use Amazon DevPay and requests that are signed using temporary security credentials.
      See Also:

    • AMZ_DATE_PARAM

      public static final String AMZ_DATE_PARAM
      The date in ISO 8601 format, for example, 20130721T201207Z. This value must match the date value used to calculate the signature.
      See Also:

    • AMZ_EXPIRES_PARAM

      public static final String AMZ_EXPIRES_PARAM
      Provides the time period, in seconds, for which the generated presigned URL is valid.

      For example, 86400 (24 hours). This value is an integer. The minimum value you can set is 1, and the maximum is 604800 (seven days).

      A presigned URL can be valid for a maximum of seven days because the signing key you use in signature calculation is valid for up to seven days.

      See Also:

    • AMZ_SIGNEDHEADERS_PARAM

      public static final String AMZ_SIGNEDHEADERS_PARAM
      Lists the headers that you used to calculate the signature.

      The HTTP host header is required. Any x-amz-* headers that you plan to add to the request are also required for signature calculation.

      In general, for added security, you should sign all the request headers that you plan to include in your request.

      See Also:

    • AMZ_SIGNATURE_PARAM

      public static final String AMZ_SIGNATURE_PARAM
      X-Amz-Signature Provides the signature to authenticate your request.

      This signature must match the signature Amazon S3 calculates; otherwise, Amazon S3 denies the request. For example, 733255ef022bec3f2a8701cd61d4b371f3f28c9f193a1f02279211d48d5193d7

      See Also:

    • UNSIGNED_PAYLOAD

      public static final String UNSIGNED_PAYLOAD
      You don't include a payload hash in the Canonical Request, because when you create a presigned URL,

      you don't know anything about the payload. Instead, you use a constant string "UNSIGNED-PAYLOAD".

      See Also:

    • STREAMING_BODY_SHA256

      public static final String STREAMING_BODY_SHA256
      SHA256 substitute marker used in place of x-amz-content-sha256 when employing chunked uploads
      See Also:

    • CHUNK_STRING_TO_SIGN_PREFIX

      public static final String CHUNK_STRING_TO_SIGN_PREFIX
      See Also:

    • CLRF

      public static final String CLRF
      See Also:

    • CHUNK_SIGNATURE_HEADER

      public static final String CHUNK_SIGNATURE_HEADER
      See Also:

    • SIGNATURE_LENGTH

      public static final int SIGNATURE_LENGTH
      See Also:

    • FINAL_CHUNK

      public static final byte[] FINAL_CHUNK

    • CONTENT_ENCODING_HEADER_AWS_CHUNKED

      public static final String CONTENT_ENCODING_HEADER_AWS_CHUNKED
      Content-Encoding

      Set the value to aws-chunked.
      Amazon S3 supports multiple content encodings, for example,
      Content-Encoding : aws-chunked, gzip
      That is, you can specify your custom content-encoding when using Signature Version 4 streaming API.

      See Also:

    • AMZ_DECODED_CONTENT_LENGTH_HEADER

      public static final String AMZ_DECODED_CONTENT_LENGTH_HEADER
      'x-amz-decoded-content-length' is used to transmit the actual
      See Also: