Merge pull request #13 from nodes-vapor/aws-error-parser

AWS error parser

Author: BrettRToomey

Package.swift

@@ -3,10 +3,9 @@ import PackageDescription
 let package = Package(
     name: "AWS",
     targets: [
-        Target(name: "AWS", dependencies: ["EC2", "S3", "Driver"]),
-        Target(name: "EC2", dependencies: ["Driver"]),
-        Target(name: "S3", dependencies: ["Driver"]),
-        Target(name: "Driver")
+        Target(name: "AWS", dependencies: ["EC2", "S3", "AWSSignatureV4"]),
+        Target(name: "EC2", dependencies: ["AWSSignatureV4"]),
+        Target(name: "S3", dependencies: ["AWSSignatureV4"]),
     ],
     dependencies: [
         .Package(url: "https://github.com/vapor/crypto.git", majorVersion: 1),

Sources/Driver/Authentication/AWSSignatureV4.swift Sources/AWSSignatureV4/AWSSignatureV4.swift

@@ -86,30 +86,23 @@ public struct AWSSignatureV4 {
     }
 
     func getCanonicalRequest(
-        payload: Payload,
+        payloadHash: String,
         method: Method,
         path: String,
         query: String,
-        headers: [String : String] = [:]
+        canonicalHeaders: String,
+        signedHeaders: String
     ) throws -> String {
         let path = try path.percentEncode(allowing: Byte.awsPathAllowed)
         let query = try query.percentEncode(allowing: Byte.awsQueryAllowed)
-        let payloadHash = try payload.hashed()
-        
-        var headers = headers
-        generateHeadersToSign(headers: &headers, host: host, hash: payloadHash)
-        
-        let sortedHeaders = alphabetize(headers)
-        let canonicalHeaders = createCanonicalHeaders(sortedHeaders)
-        let headersToSign = sortedHeaders.map { $0.key.lowercased() }.joined(separator: ";")
 
         return [
             method.rawValue,
             path,
             query,
             canonicalHeaders,
             "",
-            headersToSign,
+            signedHeaders,
             payloadHash
         ].joined(separator: "\n")
     }
@@ -146,26 +139,13 @@ extension AWSSignatureV4 {
         }.joined(separator: "\n")
     }
 
-    func signPayload(
-        _ payload: Payload,
-        mime: String?,
-        headers: inout [HeaderKey : String]
-    ) throws {
-        /*let contentLength: Int
-        
-        switch payload {
-        case .bytes(let bytes):
-            contentLength = bytes.count
-        default:
-            contentLength = 0
-        }
-        
-        headers["Content-Length"] = "\(contentLength)"
-        if let mime = mime {
-            headers["Content-Type"] = mime
-        }
-        
-        headers["x-amz-content-sha256"] = try payload.hashed()*/
+    func createAuthorizationHeader(
+        algorithm: String,
+        credentialScope: String,
+        signature: String,
+        signedHeaders: String
+    ) -> String {
+        return "\(algorithm) Credential=\(accessKey)/\(credentialScope), SignedHeaders=\(signedHeaders), Signature=\(signature)"
     }
 }
 
@@ -179,12 +159,22 @@ extension AWSSignatureV4 {
     ) throws -> [HeaderKey : String] {
         let algorithm = "AWS4-HMAC-SHA256"
         let credentialScope = getCredentialScope()
+        let payloadHash = try payload.hashed()
+        
+        var headers = headers
+        generateHeadersToSign(headers: &headers, host: host, hash: payloadHash)
+        
+        let sortedHeaders = alphabetize(headers)
+        let signedHeaders = sortedHeaders.map { $0.key.lowercased() }.joined(separator: ";")
+        let canonicalHeaders = createCanonicalHeaders(sortedHeaders)
 
         let canonicalRequest = try getCanonicalRequest(
-            payload: payload,
+            payloadHash: payloadHash,
             method: method,
             path: path,
-            query: query ?? ""
+            query: query ?? "",
+            canonicalHeaders: canonicalHeaders,
+            signedHeaders: signedHeaders
         )
 
         let canonicalHash = try Hash.make(.sha256, canonicalRequest).hexString
@@ -198,11 +188,16 @@ extension AWSSignatureV4 {
 
         let signature = try getSignature(stringToSign)
 
-        let authorizationHeader = "\(algorithm) Credential=\(accessKey)/\(credentialScope), SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=\(signature)"
+        let authorizationHeader = createAuthorizationHeader(
+            algorithm: algorithm,
+            credentialScope: credentialScope,
+            signature: signature,
+            signedHeaders: signedHeaders
+        )
 
         return [
             "X-Amz-Date": amzDate,
-            "x-amz-content-sha256": try payload.hashed(),
+            "x-amz-content-sha256": payloadHash,
             "Authorization": authorizationHeader
         ]
     }

Sources/AWSSignatureV4/ErrorParser/AWSError.swift

@@ -0,0 +1,83 @@
+public enum AWSError: String {
+    case accessDenied = "AccessDenied"
+    case accountProblem = "AccountProblem"
+    case ambiguousGrantByEmailAddress = "AmbiguousGrantByEmailAddress"
+    case authorizationHeaderMalformed = "AuthorizationHeaderMalformed"
+    case badDigest = "BadDigest"
+    case bucketAlreadyExists = "BucketAlreadyExists"
+    case bucketAlreadyOwnedByYou = "BucketAlreadyOwnedByYou"
+    case bucketNotEmpty = "BucketNotEmpty"
+    case credentialsNotSupported = "CredentialsNotSupported"
+    case crossLocationLoggingProhibited = "CrossLocationLoggingProhibited"
+    case entityTooSmall = "EntityTooSmall"
+    case entityTooLarge = "EntityTooLarge"
+    case expiredToken = "ExpiredToken"
+    case illegalVersioningConfigurationException = "IllegalVersioningConfigurationException"
+    case incompleteBody = "IncompleteBody"
+    case incorrectNumberOfFilesInPostRequest = "IncorrectNumberOfFilesInPostRequest"
+    case inlineDataTooLarge = "InlineDataTooLarge"
+    case internalError = "InternalError"
+    case invalidAccessKeyId = "InvalidAccessKeyId"
+    case invalidAddressingHeader = "InvalidAddressingHeader"
+    case invalidArgument = "InvalidArgument"
+    case invalidBucketName = "InvalidBucketName"
+    case invalidDigest = "InvalidDigest"
+    case invalidEncryptionAlgorithmError = "InvalidEncryptionAlgorithmError"
+    case invalidLocationConstraint = "InvalidLocationConstraint"
+    case invalidObjectState = "InvalidObjectState"
+    case invalidPart = "InvalidPart"
+    case invalidPartOrder = "InvalidPartOrder"
+    case invalidPayer = "InvalidPayer"
+    case invalidPolicyDocument = "InvalidPolicyDocument"
+    case invalidRange = "InvalidRange"
+    case invalidRequest = "InvalidRequest"
+    case invalidSecurity = "InvalidSecurity"
+    case invalidSOAPRequest = "InvalidSOAPRequest"
+    case invalidStorageClass = "InvalidStorageClass"
+    case invalidTargetBucketForLogging = "InvalidTargetBucketForLogging"
+    case invalidToken = "InvalidToken"
+    case invalidURI = "InvalidURI"
+    case keyTooLong = "KeyTooLong"
+    case malformedACLError = "MalformedACLError"
+    case malformedPOSTRequest = "MalformedPOSTRequest"
+    case malformedXML = "MalformedXML"
+    case maxMessageLengthExceeded = "MaxMessageLengthExceeded"
+    case maxPostPreDataLengthExceededError = "MaxPostPreDataLengthExceededError"
+    case metadataTooLarge = "MetadataTooLarge"
+    case methodNotAllowed = "MethodNotAllowed"
+    case missingAttachment = "MissingAttachment"
+    case missingContentLength = "MissingContentLength"
+    case missingRequestBodyError = "MissingRequestBodyError"
+    case missingSecurityElement = "MissingSecurityElement"
+    case missingSecurityHeader = "MissingSecurityHeader"
+    case noLoggingStatusForKey = "NoLoggingStatusForKey"
+    case noSuchBucket = "NoSuchBucket"
+    case noSuchKey = "NoSuchKey"
+    case noSuchLifecycleConfiguration = "NoSuchLifecycleConfiguration"
+    case noSuchUpload = "NoSuchUpload"
+    case noSuchVersion = "NoSuchVersion"
+    case notImplemented = "NotImplemented"
+    case notSignedUp = "NotSignedUp"
+    case noSuchBucketPolicy = "NoSuchBucketPolicy"
+    case operationAborted = "OperationAborted"
+    case peramentRedirect = "PeramentRedirect"
+    case preconditionFailed = "PreconditionFailed"
+    case redirect = "Redirect"
+    case restoreAlreadyInProgress = "RestoreAlreadyInProgress"
+    case requestIsNotMultiPartContent = "RequestIsNotMultiPartContent"
+    case requestTimeout = "RequestTimeout"
+    case requestTimeTooSkewed = "RequestTimeTooSkewed"
+    case requestTorrentOfBucketError = "RequestTorrentOfBucketError"
+    case signatureDoesNotMatch = "SignatureDoesNotMatch"
+    case serviceUnavailable = "ServiceUnavailable"
+    case slowDown = "SlowDown"
+    case temporaryRedirect = "TemporaryRedirect"
+    case tokenRefreshRequired = "TokenRefreshRequired"
+    case tooManyBuckets = "TooManyBuckets"
+    case unexpectedContent = "UnexpectedContent"
+    case unresolvableGrantByEmailAddress = "UnresolvableGrantByEmailAddress"
+    case userKeyMustBeSpecified = "UserKeyMustBeSpecified"
+}
+
+extension AWSError: Error {
+}

Sources/AWSSignatureV4/ErrorParser/ErrorParser+Grammar.swift

@@ -0,0 +1,172 @@
+import Core
+
+extension ErrorParser {
+    static let awsGrammar: Trie<AWSError> = {
+        let trie = Trie<AWSError>()
+        
+        insert(into: trie, .accessDenied)
+        insert(into: trie, .accountProblem)
+        insert(into: trie, .ambiguousGrantByEmailAddress)
+        insert(into: trie, .authorizationHeaderMalformed)
+        insert(into: trie, .badDigest)
+        insert(into: trie, .bucketAlreadyExists)
+        insert(into: trie, .bucketAlreadyOwnedByYou)
+        insert(into: trie, .bucketNotEmpty)
+        insert(into: trie, .credentialsNotSupported)
+        insert(into: trie, .crossLocationLoggingProhibited)
+        insert(into: trie, .entityTooSmall)
+        insert(into: trie, .entityTooLarge)
+        insert(into: trie, .expiredToken)
+        insert(into: trie, .illegalVersioningConfigurationException)
+        insert(into: trie, .incompleteBody)
+        insert(into: trie, .incorrectNumberOfFilesInPostRequest)
+        insert(into: trie, .inlineDataTooLarge)
+        insert(into: trie, .internalError)
+        insert(into: trie, .invalidAccessKeyId)
+        insert(into: trie, .invalidAddressingHeader)
+        insert(into: trie, .invalidArgument)
+        insert(into: trie, .invalidBucketName)
+        insert(into: trie, .invalidDigest)
+        insert(into: trie, .invalidEncryptionAlgorithmError)
+        insert(into: trie, .invalidLocationConstraint)
+        insert(into: trie, .invalidObjectState)
+        insert(into: trie, .invalidPart)
+        insert(into: trie, .invalidPartOrder)
+        insert(into: trie, .invalidPayer)
+        insert(into: trie, .invalidPolicyDocument)
+        insert(into: trie, .invalidRange)
+        insert(into: trie, .invalidRequest)
+        insert(into: trie, .invalidSecurity)
+        insert(into: trie, .invalidSOAPRequest)
+        insert(into: trie, .invalidStorageClass)
+        insert(into: trie, .invalidTargetBucketForLogging)
+        insert(into: trie, .invalidToken)
+        insert(into: trie, .invalidURI)
+        insert(into: trie, .keyTooLong)
+        insert(into: trie, .malformedACLError)
+        insert(into: trie, .malformedPOSTRequest)
+        insert(into: trie, .malformedXML)
+        insert(into: trie, .maxMessageLengthExceeded)
+        insert(into: trie, .maxPostPreDataLengthExceededError)
+        insert(into: trie, .metadataTooLarge)
+        insert(into: trie, .methodNotAllowed)
+        insert(into: trie, .missingAttachment)
+        insert(into: trie, .missingContentLength)
+        insert(into: trie, .missingRequestBodyError)
+        insert(into: trie, .missingSecurityElement)
+        insert(into: trie, .missingSecurityHeader)
+        insert(into: trie, .noLoggingStatusForKey)
+        insert(into: trie, .noSuchBucket)
+        insert(into: trie, .noSuchKey)
+        insert(into: trie, .noSuchLifecycleConfiguration)
+        insert(into: trie, .noSuchUpload)
+        insert(into: trie, .noSuchVersion)
+        insert(into: trie, .notImplemented)
+        insert(into: trie, .notSignedUp)
+        insert(into: trie, .noSuchBucketPolicy)
+        insert(into: trie, .operationAborted)
+        insert(into: trie, .peramentRedirect)
+        insert(into: trie, .preconditionFailed)
+        insert(into: trie, .redirect)
+        insert(into: trie, .restoreAlreadyInProgress)
+        insert(into: trie, .requestIsNotMultiPartContent)
+        insert(into: trie, .requestTimeout)
+        insert(into: trie, .requestTimeTooSkewed)
+        insert(into: trie, .requestTorrentOfBucketError)
+        insert(into: trie, .signatureDoesNotMatch)
+        insert(into: trie, .serviceUnavailable)
+        insert(into: trie, .slowDown)
+        insert(into: trie, .temporaryRedirect)
+        insert(into: trie, .tokenRefreshRequired)
+        insert(into: trie, .tooManyBuckets)
+        insert(into: trie, .unexpectedContent)
+        insert(into: trie, .unresolvableGrantByEmailAddress)
+        insert(into: trie, .userKeyMustBeSpecified)
+        
+        return trie
+    }()
+    
+    static func insert(into trie: Trie<AWSError>, _ error: AWSError) {
+        trie.insert(error, for: error.rawValue.bytes)
+    }
+}
+
+/*
+ case accessDenied
+ case accountProblem
+ case ambiguousGrantByEmailAddress
+ case badDigest
+ case bucketAlreadyExists
+ case bucketAlreadyOwnedByYou
+ case bucketNotEmpty
+ case credentialsNotSupported
+ case crossLocationLoggingProhibited
+ case entityTooSmall
+ case entityTooLarge
+ case expiredToken
+ case illegalVersioningConfigurationException
+ case incompleteBody
+ case incorrectNumberOfFilesInPostRequest
+ case inlineDataTooLarge
+ case internalError
+ case invalidAccessKeyId
+ case invalidAddressingHeader
+ case invalidArgument
+ case invalidBucketName
+ case invalidDigest
+ case invalidEncryptionAlgorithmError
+ case invalidLocationConstraint
+ case invalidObjectState
+ case invalidPart
+ case invalidPartOrder
+ case invalidPayer
+ case invalidPolicyDocument
+ case invalidRange
+ case invalidRequest
+ case invalidSecurity
+ case invalidSOAPRequest
+ case invalidStorageClass
+ case invalidTargetBucketForLogging
+ case invalidToken
+ case invalidURI
+ case keyTooLong
+ case malformedACLError
+ case malformedPOSTRequest
+ case malformedXML
+ case maxMessageLengthExceeded
+ case maxPostPreDataLengthExceededError
+ case metadataTooLarge
+ case methodNotAllowed
+ case missingAttachment
+ case missingContentLength
+ case missingRequestBodyError
+ case missingSecurityElement
+ case missingSecurityHeader
+ case noLoggingStatusForKey
+ case noSuchBucket
+ case noSuchKey
+ case noSuchLifecycleConfiguration
+ case noSuchUpload
+ case noSuchVersion
+ case notImplemented
+ case notSignedUp
+ case noSuchBucketPolicy
+ case operationAborted
+ case peramentRedirect
+ case preconditionFailed
+ case redirect
+ case restoreAlreadyInProgress
+ case requestIsNotMultiPartContent
+ case requestTimeout
+ case requestTimeTooSkewed
+ case requestTorrentOfBucketError
+ case signatureDoesNotMatch
+ case serviceUnavailable
+ case slowDown
+ case temporaryRedirect
+ case tokenRefreshRequired
+ case tooManyBuckets
+ case unexpectedContent
+ case unresolvableGrantByEmailAddress
+ case userKeyMustBeSpecified
+ */