work on signURL

aozarov · aozarov · commit fc88158961e9 · 2015-05-20T22:50:24.000-07:00
diff --git a/src/main/java/com/google/gcloud/AuthCredentials.java b/src/main/java/com/google/gcloud/AuthCredentials.java
@@ -62,7 +62,7 @@ private Object readResolve() throws ObjectStreamException {
     }
   }
 
-  private static class ServiceAccountAuthCredentials extends AuthCredentials {
+  public static class ServiceAccountAuthCredentials extends AuthCredentials {
 
     private static final long serialVersionUID = 8007708734318445901L;
     private final String account;
@@ -94,6 +94,14 @@ protected HttpRequestInitializer httpRequestInitializer(
       return builder.build();
     }
 
+    public String account() {
+      return account;
+    }
+
+    public PrivateKey privateKey() {
+      return privateKey;
+    }
+
     @Override
     public int hashCode() {
       return Objects.hash(account, privateKey);
@@ -187,7 +195,7 @@ public static AuthCredentials createApplicationDefaults() throws IOException {
     return new ApplicationDefaultAuthCredentials();
   }
 
-  public static AuthCredentials createFor(String account, PrivateKey privateKey) {
+  public static ServiceAccountAuthCredentials createFor(String account, PrivateKey privateKey) {
     return new ServiceAccountAuthCredentials(account, privateKey);
   }
 
diff --git a/src/main/java/com/google/gcloud/storage/Cors.java b/src/main/java/com/google/gcloud/storage/Cors.java
@@ -53,14 +53,10 @@ public Bucket.Cors apply(Cors cors) {
   };
 
   private final Integer maxAgeSeconds;
-  private final ImmutableList<Method> methods;
+  private final ImmutableList<HttpMethod> methods;
   private final ImmutableList<Origin> origins;
   private final ImmutableList<String> responseHeaders;
 
-  public enum Method {
-    ANY, GET, HEAD, PUT, POST, DELETE
-  }
-
   public static final class Origin implements Serializable {
 
     private static final long serialVersionUID = -4447958124895577993L;
@@ -118,7 +114,7 @@ public String value() {
   public static final class Builder {
 
     private Integer maxAgeSeconds;
-    private ImmutableList<Method> methods;
+    private ImmutableList<HttpMethod> methods;
     private ImmutableList<Origin> origins;
     private ImmutableList<String> responseHeaders;
 
@@ -129,7 +125,7 @@ public Builder maxAgeSeconds(Integer maxAgeSeconds) {
       return this;
     }
 
-    public Builder methods(Iterable<Method> methods) {
+    public Builder methods(Iterable<HttpMethod> methods) {
       this.methods = methods != null ? ImmutableList.copyOf(methods) : null;
       return this;
     }
@@ -160,7 +156,7 @@ public Integer maxAgeSeconds() {
     return maxAgeSeconds;
   }
 
-  public List<Method> methods() {
+  public List<HttpMethod> methods() {
     return methods;
   }
 
@@ -217,10 +213,10 @@ Bucket.Cors toPb() {
   static Cors fromPb(Bucket.Cors cors) {
     Builder builder = builder().maxAgeSeconds(cors.getMaxAgeSeconds());
     if (cors.getMethod() != null) {
-      builder.methods(transform(cors.getMethod(), new Function<String, Method>() {
+      builder.methods(transform(cors.getMethod(), new Function<String, HttpMethod>() {
         @Override
-        public Method apply(String name) {
-          return Method.valueOf(name.toUpperCase());
+        public HttpMethod apply(String name) {
+          return HttpMethod.valueOf(name.toUpperCase());
         }
       }));
     }
diff --git a/src/main/java/com/google/gcloud/storage/HttpMethod.java b/src/main/java/com/google/gcloud/storage/HttpMethod.java
@@ -0,0 +1,24 @@
+/*
+ * Copyright 2015 Google Inc. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.gcloud.storage;
+
+/**
+ *
+ */
+public enum HttpMethod {
+  GET, HEAD, PUT, POST, DELETE
+}
diff --git a/src/main/java/com/google/gcloud/storage/StorageService.java b/src/main/java/com/google/gcloud/storage/StorageService.java
@@ -16,14 +16,19 @@
 
 package com.google.gcloud.storage;
 
+import static com.google.common.base.MoreObjects.firstNonNull;
 import static com.google.common.base.Preconditions.checkArgument;
 import static com.google.common.base.Preconditions.checkNotNull;
 
 import com.google.common.collect.ImmutableList;
+import com.google.gcloud.AuthCredentials.ServiceAccountAuthCredentials;
 import com.google.gcloud.Service;
 import com.google.gcloud.spi.StorageRpc;
 
+import org.joda.time.DateTime;
+
 import java.io.Serializable;
+import java.net.URL;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.LinkedHashSet;
@@ -407,6 +412,139 @@ public static Builder builder() {
     }
   }
 
+  /**
+   * A request for signing a URL.
+   */
+  class SignUrlRequest implements Serializable {
+
+    private final Blob blob;
+    private final HttpMethod httpMethod;
+    private final Long expiration;
+    private final boolean includeContentType;
+    private final boolean includeMd5;
+    private final String headers;
+    private final ServiceAccountAuthCredentials authCredentials;
+
+    public static class Builder {
+
+      private Blob blob;
+      private HttpMethod httpMethod;
+      private long expiration;
+      private boolean includeContentType;
+      private boolean includeMd5;
+      private String headers;
+      private ServiceAccountAuthCredentials authCredentials;
+
+      private Builder() {}
+
+      public Builder blob(Blob blob) {
+        this.blob = blob;
+        return this;
+      }
+
+      /**
+       * The HTTP method to be used with the signed URL.
+       */
+      public Builder httpMethod(HttpMethod httpMethod) {
+        this.httpMethod = httpMethod;
+        return this;
+      }
+
+      /**
+       * Sets expiration time for the URL.
+       * Defaults to one day.
+       */
+      public Builder expiration(long expiration) {
+        this.expiration = expiration;
+        return this;
+      }
+
+      /**
+       * Indicate if signature should include the blob's content-type.
+       * If {@code true} users of the signed URL should include
+       * the same content-type with their request.
+       */
+      public Builder includeContentType(boolean includeContentType) {
+        this.includeContentType = includeContentType;
+        return this;
+      }
+
+      /**
+       * Indicate if signature should include the blob's md5.
+       * If {@code true} users of the signed URL should include it with their requests.
+       */
+      public Builder includeMd5(boolean includeMd5) {
+        this.includeMd5 = includeMd5;
+        return this;
+      }
+
+      /**
+       *  If headers are provided, the server will check to make sure that the client
+       *  provides matching values.
+       *  For information about how to create canonical headers for signing,
+       *  see <a href="https://cloud.google.com/storage/docs/access-control#About-CanonicalExtensionHeaders">About Canonical Extension Headers</a>.
+       */
+      public Builder canonicalizedExtensionHeaders(String headers) {
+        this.headers = headers;
+        return this;
+      }
+
+      /**
+       * The service account credentials for signing the URL.
+       */
+      public Builder serviceAccountAuthCredentials(ServiceAccountAuthCredentials authCredentials) {
+        this.authCredentials = authCredentials;
+        return this;
+      }
+
+      public SignUrlRequest build() {
+        return new SignUrlRequest(this);
+      }
+    }
+
+    private SignUrlRequest(Builder builder) {
+      blob = checkNotNull(builder.blob);
+      httpMethod = builder.httpMethod;
+      expiration = firstNonNull(builder.expiration, new DateTime().plusDays(1).getMillis());
+      includeContentType = builder.includeContentType; // verify blob has content-type
+      includeMd5 = builder.includeMd5; // verify blob  has md5
+      authCredentials = builder.authCredentials; // default if null
+      headers = builder.headers;
+    }
+
+    public Blob blob() {
+      return blob;
+    }
+
+    public HttpMethod httpMethod() {
+      return httpMethod;
+    }
+
+    public String canonicalizedExtensionHeaders() {
+      return headers;
+    }
+
+    public long expiration() {
+      return expiration;
+    }
+
+    public ServiceAccountAuthCredentials authCredentials() {
+      return authCredentials;
+    }
+
+    public boolean includeContentType() {
+      return includeContentType;
+    }
+
+    public boolean includeMd5() {
+      return includeMd5;
+    }
+
+    public static Builder builder() {
+      return new Builder();
+    }
+  }
+
   /**
    * Create a new bucket.
    *
@@ -528,4 +666,14 @@ public static Builder builder() {
    * @throws StorageServiceException upon failure
    */
   BlobWriteChannel writer(Blob blob, BlobTargetOption... options);
+
+  /**
+   * Generates a signed URL for a blob.
+   * If you have a blob that you want to allow access to for a set
+   * amount of time, you can use this method to generate a URL that
+   * is only valid within a certain time period.
+   * This is particularly useful if you don't want publicly
+   * accessible blobs, but don't want to require users to explicitly log in.
+   */
+  URL signUrl(SignUrlRequest request);
 }
diff --git a/src/main/java/com/google/gcloud/storage/StorageServiceImpl.java b/src/main/java/com/google/gcloud/storage/StorageServiceImpl.java
@@ -29,7 +29,6 @@
 import static com.google.gcloud.spi.StorageRpc.Option.IF_SOURCE_METAGENERATION_MATCH;
 import static com.google.gcloud.spi.StorageRpc.Option.IF_SOURCE_METAGENERATION_NOT_MATCH;
 import static java.net.HttpURLConnection.HTTP_NOT_FOUND;
-import static java.util.concurrent.Executors.callable;
 
 import com.google.api.services.storage.model.StorageObject;
 import com.google.common.base.Function;
@@ -47,6 +46,7 @@
 import com.google.gcloud.spi.StorageRpc.Tuple;
 
 import java.io.Serializable;
+import java.net.URL;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Map;
@@ -429,6 +429,12 @@ public BlobWriteChannel writer(Blob blob, BlobTargetOption... options) {
     return new BlobWriterChannelImpl(options(), blob, optionsMap);
   }
 
+  @Override
+  public URL signUrl(SignUrlRequest request) {
+    // todo: implement and add test
+    return null;
+  }
+
   private Map<StorageRpc.Option, ?> optionMap(Long generation, Long metaGeneration,
       Iterable<? extends Option> options) {
     return optionMap(generation, metaGeneration, options, false);
diff --git a/src/test/java/com/google/gcloud/storage/CorsTest.java b/src/test/java/com/google/gcloud/storage/CorsTest.java
@@ -19,7 +19,6 @@
 import static org.junit.Assert.assertEquals;
 
 import com.google.common.collect.ImmutableList;
-import com.google.gcloud.storage.Cors.Method;
 import com.google.gcloud.storage.Cors.Origin;
 
 import org.junit.Test;
@@ -39,7 +38,7 @@ public void testOrigin() {
   public void corsTest() {
     List<Origin> origins = ImmutableList.of(Origin.any(), Origin.of("o"));
     List<String> headers = ImmutableList.of("h1", "h2");
-    List<Method> methods = ImmutableList.of(Method.ANY);
+    List<HttpMethod> methods = ImmutableList.of(HttpMethod.ANY);
     Cors cors = Cors.builder()
         .maxAgeSeconds(100)
         .origins(origins)

Original file line number	Diff line number	Diff line change
`@@ -62,7 +62,7 @@ private Object readResolve() throws ObjectStreamException {`
`62`	`62`	`}`
`63`	`63`	`}`
`64`	`64`
`65`		`- private static class ServiceAccountAuthCredentials extends AuthCredentials {`
	`65`	`+ public static class ServiceAccountAuthCredentials extends AuthCredentials {`
`66`	`66`
`67`	`67`	`private static final long serialVersionUID = 8007708734318445901L;`
`68`	`68`	`private final String account;`
`@@ -94,6 +94,14 @@ protected HttpRequestInitializer httpRequestInitializer(`
`94`	`94`	`return builder.build();`
`95`	`95`	`}`
`96`	`96`
	`97`	`+ public String account() {`
	`98`	`+ return account;`
	`99`	`+ }`
	`100`	`+`
	`101`	`+ public PrivateKey privateKey() {`
	`102`	`+ return privateKey;`
	`103`	`+ }`
	`104`	`+`
`97`	`105`	`@Override`
`98`	`106`	`public int hashCode() {`
`99`	`107`	`return Objects.hash(account, privateKey);`
`@@ -187,7 +195,7 @@ public static AuthCredentials createApplicationDefaults() throws IOException {`
`187`	`195`	`return new ApplicationDefaultAuthCredentials();`
`188`	`196`	`}`
`189`	`197`
`190`		`- public static AuthCredentials createFor(String account, PrivateKey privateKey) {`
	`198`	`+ public static ServiceAccountAuthCredentials createFor(String account, PrivateKey privateKey) {`
`191`	`199`	`return new ServiceAccountAuthCredentials(account, privateKey);`
`192`	`200`	`}`
`193`	`201`