public Map computeSignature()

in java-operator/src/main/java/com/amazonwebservices/blogs/containers/sigv4/AWS4SignerForAuthorizationHeader.java [47:118]

• 50 lines of code
• 2 McCabe index (conditional complexity)

    public Map<String,String> computeSignature(
    		Map<String, String> headers,
            Map<String, String> queryParameters,
            Map<String, String> authParameters,
            String bodyHash,
            String awsAccessKey,
            String awsSecretKey) {
        // first get the date and time for the subsequent request, and convert
        // to ISO 8601 format for use in signature generation
        Date now = new Date();
        String dateTimeStamp = dateTimeFormat.format(now);

        // update the headers with required 'x-amz-date' and 'host' values
        // headers.put("x-amz-date", dateTimeStamp);
        
        String hostHeader = endpointUrl.getHost();
        int port = endpointUrl.getPort();
        if ( port > -1 ) {
            hostHeader.concat(":" + Integer.toString(port));
        }
        headers.put("Host", hostHeader);
        
        // canonicalize the headers; we need the set of header names as well as the
        // names and values to go into the signature process
        String canonicalizedHeaderNames = getCanonicalizeHeaderNames(headers);
        String canonicalizedHeaders = getCanonicalizedHeaderString(headers);
        
        // if any query string parameters have been supplied, canonicalize them
        String canonicalizedOpQueryParameters = getCanonicalizedQueryString(queryParameters);
        String canonicalizedAuthQueryParameters = getCanonicalizedQueryString(authParameters);
        String canonicalizedQueryParameters = canonicalizedOpQueryParameters.concat("&").concat(canonicalizedAuthQueryParameters);
        
        // canonicalize the various components of the request
        String canonicalRequest = getCanonicalRequest(
        		endpointUrl, 
        		httpMethod,
        		canonicalizedQueryParameters, 
                canonicalizedHeaderNames,
                canonicalizedHeaders, bodyHash);
        logger.info(String.format("CanonicalRequest:\n%s", canonicalRequest));
        
        // construct the string to be signed
        String dateStamp = dateStampFormat.format(now);
        String scope =  dateStamp + "/" + regionName + "/" + serviceName + "/" + TERMINATOR;
        String stringToSign = getStringToSign(SCHEME, ALGORITHM, dateTimeStamp, scope, canonicalRequest);
        logger.info(String.format("StringToSign:\n%s", stringToSign));
        
        // compute the signing key
        byte[] kSecret = (SCHEME + awsSecretKey).getBytes();
        byte[] kDate = sign(dateStamp, kSecret, "HmacSHA256");
        byte[] kRegion = sign(regionName, kDate, "HmacSHA256");
        byte[] kService = sign(serviceName, kRegion, "HmacSHA256");
        byte[] kSigning = sign(TERMINATOR, kService, "HmacSHA256");
        byte[] signature = sign(stringToSign, kSigning, "HmacSHA256");
        logger.info(String.format("Signature:\n%s", BinaryUtils.toHex(signature)));

        String credentialsAuthorizationHeader = "Credential=" + awsAccessKey + "/" + scope;
        String signedHeadersAuthorizationHeader = "SignedHeaders=" + canonicalizedHeaderNames;
        String signatureAuthorizationHeader = "Signature=" + BinaryUtils.toHex(signature);

        String authorizationHeader = SCHEME + "-" + ALGORITHM + " "
                + credentialsAuthorizationHeader + ", "
                + signedHeadersAuthorizationHeader + ", "
                + signatureAuthorizationHeader;

        //logger.info(String.format("Authorization = %s", authorizationHeader));
        
        Map<String,String> signingArtifacts = new HashMap<String,String>();
        signingArtifacts.put("Signature", BinaryUtils.toHex(signature));
        signingArtifacts.put("QueryParameters", canonicalizedQueryParameters);
        return signingArtifacts;
    }