Hi Mike, I went further this morning and fully implemented the AWS challenge scheme in Noelios Restlet Engine! I was able to generate the exact same authorization header as in "REST Authentication: Example 1" document at Amazon S3.
It's all in SVN now, including a sample test (attached to this email too). I'll release a new snapshot of beta 20 later today. Best regards, Jerome > -----Message d'origine----- > De : Jerome Louvel [mailto:[EMAIL PROTECTED] > Envoyé : jeudi 26 octobre 2006 19:50 > À : discuss@restlet.tigris.org > Objet : RE: Adding standard headers > > > Hi Mikkel, > > Interesting usage! The Restlet API has been designed to > support multiple > authorization mechanisms (aka challenge schemes in HTTP terminology). > Following the S3 docs: > http://docs.amazonwebservices.com/AmazonS3/2006-03-01/RESTAuth > entication.htm > l > > // Create a request > Request request = new Request(Method.GET, "http://***"); > request.setEntity(myEntity); > > // Compute the credentials > String credentials = awsAccessKeyId + ":" + > base64(hmac-sha1(VERB + > "\n" > + "\n" > + > myEntity.getMediaType() + "\n" > + > myEntity.getModificationDate() + "\n" > + > CanonicalizedAmzHeaders + "\n" > + > CanonicalizedResource)) > > // Set the challenge response > ChallengeScheme cs = new ChallengeScheme("Amazon S3", "AWS"); > ChallengeResponse cr = new ChallengeResponse(cs, credentials); > request.setChallengeResponse(authentication); > > The NRE provides a Base64 implementation: > com.noelios.restlet.impl.util.Base64 but not an > implementation of HMAC-SHA1. > However, I'm sure you can find one around (anyway you would > need one to > build the raw header). > > Typical usage of Base64: > Base64.encodeBytes(myString.getBytes("US-ASCII")); > > Let me know how it works, it would be very useful to provide built-in > support for the S3 authentication scheme in a later release of NRE. > > Best regards, > Jerome > > > -----Message d'origine----- > > De : news [mailto:[EMAIL PROTECTED] De la part de Mikkel Jensen > > Envoyé : jeudi 26 octobre 2006 18:55 > > À : discuss@restlet.tigris.org > > Objet : Adding standard headers > > > > I'm writing an application for connecting to the Amazon S3 > > REST service. > > This means I need to follow their custom authentication > > mechanism and construct > > an "Authorization" header based upon the "Date" and > > "Content-Type" headers > > among other things. > > Unfortunately the HttpConverter class does not allow me to > > manipulate standard > > headers or even read the Date and Content-Type headers prior > > to transmission. > > > > Is it possible to use custom authentication schemes in client > > requests or will > > I need to go back to using HttpUrlConnection class for > > low-level control? > > > > Best regards, > > > > Mikkel > > > > > >
AwsTest.java
Description: Binary data