Grcov report - sigv4a_signer

1

#pragma once

2

3

#include <memory>

4

5

#include "source/extensions/common/aws/credentials_provider.h"

6

#include "source/extensions/common/aws/signer_base_impl.h"

7

#include "source/extensions/common/aws/signers/sigv4a_key_derivation.h"

8

9

namespace Envoy {

10

namespace Extensions {

11

namespace Common {

12

namespace Aws {

13

14

/**

15

 * Implementation of the Signature V4A signing process.

16

 * See https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html

17

18

 * Query parameter support is implemented as per:

19

 * https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html

20

*/

21

22

class SigV4ASignerImpl : public SignerBaseImpl {

23

24

  // Allow friend access for signer corpus testing

25

  friend class SigV4ASignerImplFriend;

26

27

public:

28

  SigV4ASignerImpl(

29

      absl::string_view service_name, absl::string_view region,

30

      const CredentialsProviderChainSharedPtr& credentials_provider,

31

      Server::Configuration::CommonFactoryContext& context,

32

      const AwsSigningHeaderMatcherVector& exclude_matcher_config,

33

      const AwsSigningHeaderMatcherVector& include_matcher_config, const bool query_string = false,

34

      const uint16_t expiration_time = SignatureQueryParameterValues::DefaultExpiration,

35

      std::unique_ptr<SigV4AKeyDerivationBase> key_derivation_ptr =

36

          std::make_unique<SigV4AKeyDerivation>())

37

180

      : SignerBaseImpl(service_name, region, credentials_provider, context, exclude_matcher_config,

38

180

                       include_matcher_config, query_string, expiration_time),

39

180

        key_derivation_ptr_(std::move(key_derivation_ptr)) {}

40

41

private:

42

  void addRegionHeader(Http::RequestHeaderMap& headers,

43

                       const absl::string_view override_region) const override;

44

45

  void addRegionQueryParam(Envoy::Http::Utility::QueryParamsMulti& query_params,

46

                           const absl::string_view override_region) const override;

47

48

  std::string createCredentialScope(const absl::string_view short_date,

49

                                    const absl::string_view override_region) const override;

50

51

  std::string createStringToSign(const absl::string_view canonical_request,

52

                                 const absl::string_view long_date,

53

                                 const absl::string_view credential_scope) const override;

54

55

  std::string

56

  createSignature(const absl::string_view access_key_id, const absl::string_view secret_access_key,

57

                  ABSL_ATTRIBUTE_UNUSED const absl::string_view short_date,

58

                  const absl::string_view string_to_sign,

59

                  ABSL_ATTRIBUTE_UNUSED const absl::string_view override_region) const override;

60

61

  std::string createAuthorizationHeader(const absl::string_view access_key_id,

62

                                        const absl::string_view credential_scope,

63

                                        const std::map<std::string, std::string>& canonical_headers,

64

                                        const absl::string_view signature) const override;

65

66

  absl::string_view getAlgorithmString() const override;

67

  std::unique_ptr<SigV4AKeyDerivationBase> key_derivation_ptr_;

68

};

69

70

} // namespace Aws

71

} // namespace Common

72

} // namespace Extensions

73

} // namespace Envoy