15#ifndef CPL_AWS_INCLUDED_H
16#define CPL_AWS_INCLUDED_H
30std::string CPLGetLowerCaseHexSHA256(
const void *pabyData,
size_t nBytes);
31std::string CPLGetLowerCaseHexSHA256(
const std::string &osStr);
33std::string CPLGetAWS_SIGN4_Timestamp(
GIntBig timestamp);
35std::string CPLAWSURLEncode(
const std::string &osURL,
bool bEncodeSlash =
true);
37std::string CPLAWSGetHeaderVal(
const struct curl_slist *psExistingHeaders,
40std::string CPLGetAWS_SIGN4_Signature(
41 const std::string &osSecretAccessKey,
const std::string &osAccessToken,
42 const std::string &osRegion,
const std::string &osRequestPayer,
43 const std::string &osService,
const std::string &osVerb,
44 const struct curl_slist *psExistingHeaders,
const std::string &osHost,
45 const std::string &osCanonicalURI,
46 const std::string &osCanonicalQueryString,
47 const std::string &osXAMZContentSHA256,
bool bAddHeaderAMZContentSHA256,
48 const std::string &osTimestamp, std::string &osSignedHeaders);
50std::string CPLGetAWS_SIGN4_Authorization(
51 const std::string &osSecretAccessKey,
const std::string &osAccessKeyId,
52 const std::string &osAccessToken,
const std::string &osRegion,
53 const std::string &osRequestPayer,
const std::string &osService,
54 const std::string &osVerb,
const struct curl_slist *psExistingHeaders,
55 const std::string &osHost,
const std::string &osCanonicalURI,
56 const std::string &osCanonicalQueryString,
57 const std::string &osXAMZContentSHA256,
bool bAddHeaderAMZContentSHA256,
58 const std::string &osTimestamp);
60class IVSIS3LikeHandleHelper
65 std::map<std::string, std::string> m_oMapQueryParameters{};
67 virtual void RebuildURL() = 0;
68 std::string GetQueryString(
bool bAddEmptyValueAfterEqual)
const;
71 IVSIS3LikeHandleHelper() =
default;
72 virtual ~IVSIS3LikeHandleHelper() =
default;
74 void ResetQueryParameters();
75 void AddQueryParameter(
const std::string &osKey,
76 const std::string &osValue);
78 virtual struct curl_slist *
79 GetCurlHeaders(
const std::string &osVerb,
80 const struct curl_slist *psExistingHeaders,
81 const void *pabyDataContent =
nullptr,
82 size_t nBytesContent = 0)
const = 0;
84 virtual bool AllowAutomaticRedirection()
89 virtual bool CanRestartOnError(
const char *,
const char * ,
95 virtual const std::string &GetURL()
const = 0;
96 std::string GetURLNoKVP()
const;
98 virtual std::string GetCopySourceHeader()
const
100 return std::string();
103 virtual const char *GetMetadataDirectiveREPLACE()
const
108 static bool GetBucketAndObjectKey(
const char *pszURI,
109 const char *pszFSPrefix,
111 std::string &osBucketOut,
112 std::string &osObjectKeyOut);
114 static std::string BuildCanonicalizedHeaders(
115 std::map<std::string, std::string> &oSortedMapHeaders,
116 const struct curl_slist *psExistingHeaders,
117 const char *pszHeaderPrefix);
119 static std::string GetRFC822DateTime();
122enum class AWSCredentialsSource
136class VSIS3HandleHelper final :
public IVSIS3LikeHandleHelper
140 std::string m_osURL{};
141 mutable std::string m_osSecretAccessKey{};
142 mutable std::string m_osAccessKeyId{};
143 mutable std::string m_osSessionToken{};
144 std::string m_osEndpoint{};
145 std::string m_osRegion{};
146 std::string m_osRequestPayer{};
147 std::string m_osBucket{};
148 std::string m_osObjectKey{};
149 bool m_bUseHTTPS =
false;
150 bool m_bUseVirtualHosting =
false;
151 AWSCredentialsSource m_eCredentialsSource = AWSCredentialsSource::REGULAR;
153 void RebuildURL()
override;
155 static bool GetOrRefreshTemporaryCredentialsForRole(
156 bool bForceRefresh, std::string &osSecretAccessKey,
157 std::string &osAccessKeyId, std::string &osSessionToken,
158 std::string &osRegion);
160 static bool GetConfigurationFromAssumeRoleWithWebIdentity(
161 bool bForceRefresh,
const std::string &osPathForOption,
162 const std::string &osRoleArnIn,
163 const std::string &osWebIdentityTokenFileIn,
164 std::string &osSecretAccessKey, std::string &osAccessKeyId,
165 std::string &osSessionToken);
167 static bool GetConfigurationFromEC2(
bool bForceRefresh,
168 const std::string &osPathForOption,
169 std::string &osSecretAccessKey,
170 std::string &osAccessKeyId,
171 std::string &osSessionToken);
173 static bool GetConfigurationFromAWSConfigFiles(
174 const std::string &osPathForOption,
const char *pszProfile,
175 std::string &osSecretAccessKey, std::string &osAccessKeyId,
176 std::string &osSessionToken, std::string &osRegion,
177 std::string &osCredentials, std::string &osRoleArn,
178 std::string &osSourceProfile, std::string &osExternalId,
179 std::string &osMFASerial, std::string &osRoleSessionName,
180 std::string &osWebIdentityTokenFile);
182 static bool GetConfiguration(
const std::string &osPathForOption,
184 std::string &osSecretAccessKey,
185 std::string &osAccessKeyId,
186 std::string &osSessionToken,
187 std::string &osRegion,
188 AWSCredentialsSource &eCredentialsSource);
190 void RefreshCredentials(
const std::string &osPathForOption,
191 bool bForceRefresh)
const;
196 const std::string &osSecretAccessKey,
const std::string &osAccessKeyId,
197 const std::string &osSessionToken,
const std::string &osEndpoint,
198 const std::string &osRegion,
const std::string &osRequestPayer,
199 const std::string &osBucket,
const std::string &osObjectKey,
200 bool bUseHTTPS,
bool bUseVirtualHosting,
201 AWSCredentialsSource eCredentialsSource);
202 ~VSIS3HandleHelper();
204 static VSIS3HandleHelper *BuildFromURI(
const char *pszURI,
205 const char *pszFSPrefix,
208 static std::string BuildURL(
const std::string &osEndpoint,
209 const std::string &osBucket,
210 const std::string &osObjectKey,
bool bUseHTTPS,
211 bool bUseVirtualHosting);
214 GetCurlHeaders(
const std::string &osVerb,
215 const struct curl_slist *psExistingHeaders,
216 const void *pabyDataContent =
nullptr,
217 size_t nBytesContent = 0)
const override;
219 bool AllowAutomaticRedirection()
override
224 bool CanRestartOnError(
const char *,
const char *pszHeaders,
225 bool bSetError)
override;
227 const std::string &GetURL()
const override
232 const std::string &GetBucket()
const
237 const std::string &GetObjectKey()
const
239 return m_osObjectKey;
242 const std::string &GetEndpoint()
const
247 const std::string &GetRegion()
const
252 const std::string &GetRequestPayer()
const
254 return m_osRequestPayer;
257 bool GetVirtualHosting()
const
259 return m_bUseVirtualHosting;
262 void SetEndpoint(
const std::string &osStr);
263 void SetRegion(
const std::string &osStr);
264 void SetRequestPayer(
const std::string &osStr);
265 void SetVirtualHosting(
bool b);
267 std::string GetCopySourceHeader()
const override
269 return "x-amz-copy-source";
272 const char *GetMetadataDirectiveREPLACE()
const override
274 return "x-amz-metadata-directive: REPLACE";
279 static void CleanMutex();
280 static void ClearCache();
283class VSIS3UpdateParams
286 std::string m_osRegion{};
287 std::string m_osEndpoint{};
288 std::string m_osRequestPayer{};
289 bool m_bUseVirtualHosting =
false;
291 explicit VSIS3UpdateParams(
const VSIS3HandleHelper *poHelper)
292 : m_osRegion(poHelper->GetRegion()),
293 m_osEndpoint(poHelper->GetEndpoint()),
294 m_osRequestPayer(poHelper->GetRequestPayer()),
295 m_bUseVirtualHosting(poHelper->GetVirtualHosting())
299 void UpdateHandlerHelper(VSIS3HandleHelper *poHelper)
301 poHelper->SetRegion(m_osRegion);
302 poHelper->SetEndpoint(m_osEndpoint);
303 poHelper->SetRequestPayer(m_osRequestPayer);
304 poHelper->SetVirtualHosting(m_bUseVirtualHosting);
307 static std::mutex gsMutex;
308 static std::map<std::string, VSIS3UpdateParams> goMapBucketsToS3Params;
311 VSIS3UpdateParams() =
default;
313 static void UpdateMapFromHandle(VSIS3HandleHelper *poS3HandleHelper);
314 static void UpdateHandleFromMap(VSIS3HandleHelper *poS3HandleHelper);
315 static void ClearCache();
#define CPL_DISALLOW_COPY_ASSIGN(ClassName)
Helper to remove the copy and assignment constructors so that the compiler will not generate the defa...
Definition: cpl_port.h:1030
char ** CSLConstList
Type of a constant null-terminated list of nul terminated strings.
Definition: cpl_port.h:1179
long long GIntBig
Large signed integer type (generally 64-bit integer type).
Definition: cpl_port.h:199
Various convenience functions for working with strings and string lists.