AwsVerifier (Restlet Framework 2.3.1 API)

java.lang.Object
- org.restlet.security.SecretVerifier
- - org.restlet.ext.crypto.internal.AwsVerifier

All Implemented Interfaces:

Verifier
```
public class AwsVerifier
extends SecretVerifier
```
Wrapped verifier that can verify HTTP requests utilizing the Amazon S3 authentication scheme. Verifies the user by computing the request signature using the local secret and comparing it to the signature provided in the request.
Per the Amazon S3 specification the Date header is required. If the Date header is missing or the request is older than the allowed time limit, specified by the maxRequestAge property, the request fails verification.

Author:

Jean-Philippe Steinmetz

See Also:

Authenticating REST Requests

Field Summary
- Fields inherited from interface org.restlet.security.Verifier
  RESULT_INVALID, RESULT_MISSING, RESULT_STALE, RESULT_UNKNOWN, RESULT_UNSUPPORTED, RESULT_VALID

Constructor Summary

Constructors
Constructor and Description
`AwsVerifier(LocalVerifier wrappedVerifier)` Creates a new HttpAwsS3Verifier instance.
`AwsVerifier(LocalVerifier wrappedVerifier, long maxRequestAge)` Creates a new HttpAwsS3Verifier instance.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected String`	`getIdentifier(Request request, Response response)` Returns the user identifier portion of an Amazon S3 compatible `Authorization` header.
`char[]`	`getLocalSecret(String identifier)` Returns the local secret associated to a given identifier.
`long`	`getMaxRequestAge()` Returns the maximum age of a request, in milliseconds, before it is considered stale.
`protected char[]`	`getSecret(Request request, Response response)` Returns the signature portion of an Amazon S3 compatible `Authorization` header.
`LocalVerifier`	`getWrappedVerifier()` Returns the wrapped local secret verifier.
`void`	`setMaxRequestAge(long value)` Sets the maximum age of a request, in milliseconds, before it is considered stale.
`void`	`setWrappedVerifier(LocalVerifier wrappedVerifier)` Sets the wrapped local secret verifier.
`int`	`verify(Request request, Response response)` Verifies that the proposed secret is correct for the specified request.
`int`	`verify(String identifier, char[] secret)` This function is not implemented because the authorization scheme requires direct access to the request.

Methods inherited from class org.restlet.security.SecretVerifier
compare, createUser

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - AwsVerifier
```
public AwsVerifier(LocalVerifier wrappedVerifier)
```
    Creates a new HttpAwsS3Verifier instance.
    
    Parameters:
    
    wrappedVerifier - The wrapped verifier containing local identifier/secret couples
  - AwsVerifier
```
public AwsVerifier(LocalVerifier wrappedVerifier,
                   long maxRequestAge)
```
    Creates a new HttpAwsS3Verifier instance.
    
    Parameters:
    
    wrappedVerifier - The wrapped verifier containing local identifier/secret couples
    
    maxRequestAge - The maximum age of a request, in milliseconds, before it is considered stale
- Method Detail
  - getIdentifier
```
protected String getIdentifier(Request request,
                               Response response)
```
    Returns the user identifier portion of an Amazon S3 compatible Authorization header.
    An Amazon S3 compatible Authorization header has the following pattern.
    Authorization: AWS id:signature
    
    Overrides:
    
    getIdentifier in class SecretVerifier
    
    Parameters:
    
    request - The request to inspect.
    
    response - The response to inspect.
    
    Returns:
    
    The user identifier.
  - getLocalSecret
```
public char[] getLocalSecret(String identifier)
```
    Returns the local secret associated to a given identifier.
    
    Parameters:
    
    identifier - The identifier to lookup.
    
    Returns:
    
    The secret associated to the identifier or null.
  - getMaxRequestAge
```
public long getMaxRequestAge()
```
    Returns the maximum age of a request, in milliseconds, before it is considered stale.
    A negative or zero value indicates no age restriction. The default value is 15 minutes.
  - getSecret
```
protected char[] getSecret(Request request,
                           Response response)
```
    Returns the signature portion of an Amazon S3 compatible Authorization header.
    An Amazon S3 compatible Authorization header has the following pattern.
    Authorization: AWS id:signature
    
    Overrides:
    
    getSecret in class SecretVerifier
    
    Parameters:
    
    request - The request to inspect.
    
    response - The response to inspect.
    
    Returns:
    
    The secret provided by the user.
  - getWrappedVerifier
```
public LocalVerifier getWrappedVerifier()
```
    Returns the wrapped local secret verifier.
    
    Returns:
    
    The local secret verifier.
  - setMaxRequestAge
```
public void setMaxRequestAge(long value)
```
    Sets the maximum age of a request, in milliseconds, before it is considered stale.
    A negative or zero value indicates no age restriction. The default value is 15 minutes.
  - setWrappedVerifier
```
public void setWrappedVerifier(LocalVerifier wrappedVerifier)
```
    Sets the wrapped local secret verifier.
    
    Parameters:
    
    wrappedVerifier - The local secret verifier.
  - verify
```
public int verify(Request request,
                  Response response)
```
    Description copied from class: SecretVerifier
    
    Verifies that the proposed secret is correct for the specified request. By default, it compares the inputSecret of the request's authentication response with the one obtain by the ChallengeResponse.getSecret() method and sets the User instance of the request's ClientInfo if successful.
    
    Specified by:
    
    verify in interface Verifier
    
    Overrides:
    
    verify in class SecretVerifier
    
    Parameters:
    
    request - The request to inspect.
    
    response - The response to inspect.
    
    Returns:
    
    Result of the verification based on the RESULT_* constants.
  - verify
```
public int verify(String identifier,
                  char[] secret)
           throws IllegalArgumentException
```
    This function is not implemented because the authorization scheme requires direct access to the request. See verify(Request, Response).
    
    Specified by:
    
    verify in class SecretVerifier
    
    Parameters:
    
    identifier - The user identifier to match.
    
    secret - The provided secret to verify.
    
    Returns:
    
    Result of the verification based on the RESULT_* constants.
    
    Throws:
    
    IllegalArgumentException

Class AwsVerifier

Field Summary

Fields inherited from interface org.restlet.security.Verifier

Constructor Summary

Method Summary

Methods inherited from class org.restlet.security.SecretVerifier

Methods inherited from class java.lang.Object

Constructor Detail

AwsVerifier

AwsVerifier

Method Detail

getIdentifier

getLocalSecret

getMaxRequestAge

getSecret

getWrappedVerifier

setMaxRequestAge

setWrappedVerifier

verify

verify