1 package org.kuali.common.devops.presigned;
2
3 import static com.amazonaws.auth.SigningAlgorithm.HmacSHA1;
4 import static com.google.common.collect.Lists.newArrayList;
5 import static java.lang.Integer.toHexString;
6 import static org.apache.commons.lang.StringUtils.leftPad;
7 import static org.kuali.common.util.Encodings.UTF8;
8 import static org.kuali.common.util.encrypt.Encryption.getDefaultEncryptor;
9 import static org.kuali.common.util.log.Loggers.newLogger;
10
11 import java.net.URL;
12 import java.util.List;
13
14 import javax.crypto.Mac;
15 import javax.crypto.spec.SecretKeySpec;
16
17 import org.junit.Test;
18 import org.kuali.common.aws.model.ImmutableAWSCredentials;
19 import org.kuali.common.util.encrypt.Encryptor;
20 import org.slf4j.Logger;
21
22 import com.amazonaws.AmazonClientException;
23 import com.amazonaws.auth.AWSCredentials;
24 import com.amazonaws.auth.SigningAlgorithm;
25 import com.amazonaws.services.s3.AmazonS3Client;
26 import com.amazonaws.services.s3.model.GeneratePresignedUrlRequest;
27 import com.google.common.base.Joiner;
28
29 public class GeneratePreSignedURL {
30
31 private static final Logger logger = newLogger();
32
33 @Test
34 public void test() {
35 try {
36 String secretKey = getSecretKey();
37
38 long expiration = 1396678108436L;
39 String stringToSign = "GET\n\n\n1396678108\n/maven.kuali.org/private/com/oracle/jdk6/1.6.0-u43/jdk6-1.6.0-u43.pom";
40
41
42
43 byte[] bytes = hmacsha1bytes(stringToSign, secretKey);
44 List<String> byteList = newArrayList();
45 for (byte b : bytes) {
46 int i = b & 0xff;
47 byteList.add(leftPad(Integer.toString(i), 4, " "));
48 }
49 List<String> rawBytes = newArrayList();
50 for (byte b : bytes) {
51 rawBytes.add(leftPad(b + "", 4, " "));
52 }
53 logger.info(Joiner.on(' ').join(rawBytes));
54 logger.info(Joiner.on(' ').join(byteList));
55 List<String> hexList = hex(bytes);
56 for (int i = 0; i < hexList.size(); i++) {
57 String padded = leftPad(hexList.get(i), 4, " ");
58 hexList.set(i, padded);
59 }
60 logger.info(Joiner.on(' ').join(hexList));
61 System.out.println("expiration=" + expiration);
62 String bucket = "maven.kuali.org";
63 String key = "private/com/oracle/jdk6/1.6.0-u43/jdk6-1.6.0-u43.pom";
64 GeneratePresignedUrlRequest request = new GeneratePresignedUrlRequest(bucket, key);
65 request.setExpiration(new java.util.Date(expiration));
66 AWSCredentials foundation = getFoundationCreds(secretKey);
67 AmazonS3Client client = new AmazonS3Client(foundation);
68 URL url = client.generatePresignedUrl(request);
69 logger.info(url.toString());
70 } catch (Throwable e) {
71 e.printStackTrace();
72 }
73 }
74
75 protected String hmacsha1hex(String data, String key) throws Exception {
76 return null;
77 }
78
79 protected byte[] hmacsha1bytes(String data, String key) throws Exception {
80 return sign(data.getBytes(UTF8), key.getBytes(UTF8), HmacSHA1);
81 }
82
83 protected byte[] sign(byte[] data, byte[] key, SigningAlgorithm algorithm) throws AmazonClientException {
84 try {
85 Mac mac = Mac.getInstance(algorithm.toString());
86 mac.init(new SecretKeySpec(key, algorithm.toString()));
87 return mac.doFinal(data);
88 } catch (Exception e) {
89 throw new AmazonClientException("Unable to calculate a request signature: " + e.getMessage(), e);
90 }
91 }
92
93 private String getSecretKey() {
94 Encryptor enc = getDefaultEncryptor();
95 return enc.decrypt("5wLZjsZuyGvsbIPPXUz0XVBUhJUbOkaeqx3rZ7l+9Nc5/4WaTyn4dvlWlyVfRlzO/GSfvkRaQ+A=");
96 }
97
98 private AWSCredentials getFoundationCreds(String secretKey) {
99 Encryptor enc = getDefaultEncryptor();
100 String accessKey = enc.decrypt("PmSynm07/94iRu9BQCXrfp+ieOEfC9CIyL+u/R84LU8=");
101 return ImmutableAWSCredentials.build(accessKey, secretKey);
102 }
103
104 protected List<String> hex(byte[] bytes) {
105 List<String> list = newArrayList();
106 for (byte b : bytes) {
107 int i = b & 0xff;
108 String hex = leftPad(toHexString(i), 2, "0");
109 list.add(hex);
110 }
111 return list;
112 }
113 }