def _load_profile(self, profile_name):
if self.environ.get(self.ENV_NAME_FOR_CREDENTIALS_FILE) is not None:
config_file_name = self.environ.get(
self.ENV_NAME_FOR_CREDENTIALS_FILE)
if config_file_name:
full_path = os.path.expanduser(config_file_name)
try:
config = load_config(full_path)
except ConfigNotFoundException as e:
raise e
else:
if profile_name not in config:
raise PartialCredentialsException(
provider='profile',
cred_var='%s section' % (profile_name))
return config[profile_name]
raise ClientException(msg='Found profile in env, but %s is empty' %
self.ENV_NAME_FOR_CREDENTIALS_FILE)
# read the default credentials file
full_path = os.path.expanduser(self.DEFAULT_NAME_FOR_CREDENTIALS_FILE)
try:
config = load_config(full_path)
except ConfigNotFoundException:
# Move on to the next potential config file name.
return None
else:
if profile_name in config:
return config[profile_name]
def refresh(self):
result = self._client.describe_images(image_id=self.image_id)
items = _new_get_key_in_response(result, 'Images.Image')
if not items:
raise ClientException(msg="Failed to find image data from DescribeImages response. "
"ImageId = {0}".format(self.image_id))
self._assign_attributes(items[0])
def refresh(self):
result = self._client.get_policy(policy_name=self.policy_name)
items = _new_get_key_in_response(result, 'Policy')
if not items:
raise ClientException(msg="Failed to find policy data from GetPolicy response. "
"PolicyName = {0}".format(self.policy_name))
self._assign_attributes(items[0])
def rotate_credentials(self):
try:
r = requests.get(url=self.URL_PATH + self.role_name)
except requests.exceptions.ConnectionError:
raise ConnectionUsingEcsRamRoleException()
data = json.loads(r.text)
if data.get("Code") != "Success":
message = "Failed to get instance profile. Code={}".format(
+data.get("Code"))
raise ClientException(msg=message)
expiration = data.get("Expiration")
if expiration:
self._expiration = time.mktime(
time.strptime(expiration, '%Y-%m-%dT%H:%M:%SZ'))
else:
# FIXME Why?
self._expiration = expiration
return SecurityCredentials(
data['AccessKeyId'],
data['AccessKeySecret'],
data['SecurityToken'],
)
def refresh(self):
result = self._client.describe_tasks(task_ids=self.task_id)
items = _new_get_key_in_response(result, 'TaskSet.Task')
if not items:
raise ClientException(msg="Failed to find task data from DescribeTasks response. "
"TaskId = {0}".format(self.task_id))
self._assign_attributes(items[0])
def _read_from_file(self):
profile = {}
if self.ENV_NAME_FOR_CONFIG_FILE in os.environ:
config_file_name = os.environ.get(self.ENV_NAME_FOR_CONFIG_FILE)
if not config_file_name:
raise ClientException(
msg='Found config profile in env, but %s is empty' %
self.ENV_NAME_FOR_CONFIG_FILE)
full_path = os.path.expanduser(config_file_name)
try:
config = load_config(full_path)
except ConfigNotFoundException as e:
raise e
else:
# Alibaba Cloud only support default
if 'default' not in config:
raise PartialCredentialsException(
provider='profile', cred_var='default section')
profile = config['default']
else:
full_path = os.path.expanduser(self.DEFAULT_NAME_FOR_CONFIG_FILE)
try:
config = load_config(full_path)
except ConfigNotFoundException:
pass
else:
if 'default' in config:
profile = config['default']
for key in dir(self):
if profile.get(key) is not None and getattr(self, key) is None:
setattr(self, key, profile.get(key))
def refresh(self):
result = self._client.get_role(role_name=self.role_name)
items = _new_get_key_in_response(result, 'Role')
if not items:
raise ClientException(msg="Failed to find role data from GetRole response. "
"RoleName = {0}".format(self.role_name))
self._assign_attributes(items[0])
def refresh(self):
result = self._client.describe_regions(region_id=self.region_id)
items = _new_get_key_in_response(result, 'Regions.Region')
if not items:
raise ClientException(msg="Failed to find region data from DescribeRegions response. "
"RegionId = {0}".format(self.region_id))
self._assign_attributes(items[0])
def refresh(self):
result = self._client.get_group(group_name=self.group_name)
items = _new_get_key_in_response(result, 'Group')
if not items:
raise ClientException(msg="Failed to find group data from GetGroup response. "
"GroupName = {0}".format(self.group_name))
self._assign_attributes(items[0])
def refresh(self):
result = self._client.get_user(user_name=self.user_name)
items = _new_get_key_in_response(result, 'User')
if not items:
raise ClientException(msg="Failed to find user data from GetUser response. "
"UserName = {0}".format(self.user_name))
self._assign_attributes(items)
def _handle_param_aliases(params, aliases):
for key, value in iteritems(aliases):
if key in params:
if value in params:
raise ClientException(
msg="Param {0} is already set.".format(value))
params[value] = params[key]
del params[key]
def _assert_is_list_but_not_string(item, name):
if not isinstance(item, str) and (isinstance(item, list)
or isinstance(item, tuple)):
pass
else:
message = "{0} should be a list or a tuple, {1} found.".format(
name, item.__class__.__name__)
raise ClientException(msg=message)
def refresh(self):
result = self._client.describe_load_balancers(load_balancer_id=self.load_balancer_id)
items = _new_get_key_in_response(result, 'LoadBalancers.LoadBalancer')
if not items:
raise ClientException(msg=
"Failed to find load_balancer data from DescribeLoadBalancers response. "
"LoadBalancerId = {0}".format(self.load_balancer_id))
self._assign_attributes(items[0])
def refresh(self):
result = self._client.describe_ca_certificates(ca_certificate_id=self.ca_certificate_id)
items = _new_get_key_in_response(result, 'CACertificates.CACertificate')
if not items:
raise ClientException(msg=
"Failed to find ca_certificate data from DescribeCACertificates response. "
"CACertificateId = {0}".format(self.ca_certificate_id))
self._assign_attributes(items[0])
def refresh(self):
result = self._client.describe_databases(
db_name=self.db_name,db_instance_id=self.db_instance_id)
items = _new_get_key_in_response(result, 'Databases.Database')
if not items:
raise ClientException(msg="Failed to find db data from DescribeDatabases response. "
"DBName = {0}".format(self.db_name))
self._assign_attributes(items[0])
def refresh(self):
response = self._client.describe_eip_addresses(allocation_id=self.allocation_id)
items = _new_get_key_in_response(response, 'EipAddresses.EipAddress')
if not items:
raise ClientException(msg="Failed to find EIP Address data from DescribeEipAddresses "
"response. "
"AllocationId = {0}".format(self.allocation_id))
self._assign_attributes(items[0])
def handle_request(self, context):
http_request = context.http_request
api_request = context.api_request
http_request.accept_format = 'JSON'
# handle params to body_params or query_params
parse_params = {
"query": (api_request._query_params, "QueryParams"),
"body": (api_request._body_params, "BodyParams"),
"path": (api_request.path_params, "PathParams"),
"header": (api_request._headers, "Headers")
}
# TODO default params is query_params
if api_request.params:
key = api_request._param_position
if key in parse_params:
params, position = parse_params[key]
params.update(self._filter_params(api_request.params))
context.client.logger.debug('Request received. Product:%s %s: %s',
context.client.product_code, position, str(params))
# handle api_request region_id, rpc and roa must
if 'RegionId' not in api_request._query_params:
api_request._query_params['RegionId'] = context.config.region_id
# handle headers
body_params = api_request._body_params
# ROA GET POST PUT DEL
# RPC GET POST
if body_params:
body = urlencode(body_params)
api_request._content = body
api_request._headers["Content-Type"] = format_type.APPLICATION_FORM
elif api_request._content and "Content-Type" not in api_request._headers:
api_request._headers["Content-Type"] = format_type.APPLICATION_OCTET_STREAM
http_request.body = api_request._content
user_agent = _modify_user_agent(context.config.user_agent)
api_request._headers['User-Agent'] = user_agent
api_request._headers['x-acs-region-id'] = str(context.config.region_id)
api_request._headers['x-sdk-client'] = 'python/2.0.0'
api_request._headers['Accept-Encoding'] = 'identity'
# handle other attr
http_request.method = api_request.method
http_request.proxy = context.config.proxy # {}
http_request.scheme = api_request.scheme # http|https
if http_request.scheme == 'https':
if context.config.enable_https:
http_request.port = context.config.https_port
else:
raise ClientException(msg='Please make sure the config enable_https is True.')
else:
http_request.port = context.config.http_port
def refresh(self):
result = self._client.describe_backups(
backup_id=self.backup_id, db_instance_id=self.db_instance_id)
items = _new_get_key_in_response(result, 'Items.Backup')
if not items:
raise ClientException(
msg="Failed to find backup data from DescribeBackups response. "
"BackupId = {0}".format(self.backup_id))
self._assign_attributes(items[0])
def refresh(self):
result = self._client.describe_domain_extensions(
domain_extension_id=self.domain_extension_id)
items = _new_get_key_in_response(result, 'DomainExtensions.DomainExtension')
if not items:
raise ClientException(msg=
"Failed to find domain_extension data from DescribeDomainExtensions response. "
"DomainExtensionId = {0}".format(self.domain_extension_id))
self._assign_attributes(items[0])
def refresh(self):
result = self._client.describe_accounts(
account_name=self.account_name,
db_instance_id=self.db_instance_id)
items = _new_get_key_in_response(result, 'Accounts.DBInstanceAccount')
if not items:
raise ClientException(msg="Failed to find account data from DescribeAccounts response. "
"AccountName = {0}".format(self.account_name))
self._assign_attributes(items[0])
def refresh(self):
result = self._client.describe_db_instances(db_instance_id=self.db_instance_id)
items = _new_get_key_in_response(result, 'Items.DBInstance')
if not items:
raise ClientException(
msg="Failed to find db_instance data from DescribeDBInstances response. "
"DBInstanceId = {0}".format(
self.db_instance_id))
self._assign_attributes(items[0])
def handle_response(self, context):
if not context.exception:
try:
context.result = json.loads(context.http_response.text)
except ValueError:
# failed to parse body as json format
raise ClientException(
msg='Failed to parse response as json format.Response:%s' % str(
context.http_response.text))
def _new_get_key_in_response(response, key):
# response type dic
json_response = json.dumps(response)
# new_response = json.loads(json_response.decode('utf-8'), object_hook=_SearchableDict)
new_response = json.loads(json_response, object_hook=_SearchableDict)
result = jmespath.search(key, new_response)
if result is None:
raise ClientException(msg="No '{0}' in server response.".format(key))
return result
def refresh(self):
response = self._client.describe_disks(
disk_ids=json.dumps([self.disk_id]))
items = _new_get_key_in_response(response, 'Disks.Disk')
if not items:
raise ClientException(
msg="Failed to find disk data from DescribeDiks "
"response. "
"DiskId = {0}".format(self.disk_id))
self._assign_attributes(items[0])
def refresh(self):
result = self._client.describe_instances(
instance_ids=json.dumps([self.instance_id]))
items = _new_get_key_in_response(result, 'Instances.Instance')
if not items:
raise ClientException(
msg=
"Failed to find instance data from DescribeInstances response. "
"InstanceId = {0}".format(self.instance_id))
self._assign_attributes(items[0])
def refresh(self):
response = self._client.describe_instance_history_events(event_id=[
self.event_id,
])
items = _new_get_key_in_response(
response, 'InstanceSystemEventSet.InstanceSystemEventType')
if not items:
raise ClientException(
msg="Failed to find event data from "
"DescribeInstanceHistoryEventsRequest response. "
"EventId = {0}".format(self.event_id))
self._assign_attributes(items[0])
def _get_provider_by_profile(self, profile):
def _get_value(key):
if key not in profile:
raise PartialCredentialsException(provider='profile',
cred_var=key)
return profile[key]
if profile:
type_ = profile.get('type')
if not type_:
type_ = 'access_key' # use access_key for default type
if type_ == 'access_key':
return StaticCredentialsProvider(
AccessKeyCredentials(
_get_value('access_key_id'),
_get_value('access_key_secret'),
))
elif type_ == 'ecs_ram_role':
return InstanceProfileCredentialsProvider(
_get_value('role_name'))
elif type_ == 'ram_role_arn':
return RamRoleCredentialsProvider(
self.client_config,
AccessKeyCredentials(
_get_value('access_key_id'),
_get_value('access_key_secret'),
),
_get_value('role_arn'),
role_session_name=_get_value('role_session_name'))
elif type_ == 'bearer_token':
return StaticCredentialsProvider(
BearerTokenCredentials(_get_value('bearer_token'), ))
elif type_ == 'rsa_key_pair':
raise ClientException(
msg="RSA Key Pair credentials are not supported.")
elif type_ == 'sts_token':
return StaticCredentialsProvider(
SecurityCredentials(
_get_value('access_key_id'),
_get_value('access_key_secret'),
_get_value('security_token'),
))
else:
raise Exception(
"Unexpected credentials type: {}".format(type_))
def _param_expand_to_json(params, rules, singular=True):
for key, value in iteritems(rules):
# key is like: instance_id or instance_ids
# value is like: InstanceIds
if key in params:
if singular:
to_add = [params[key]]
else:
to_add = params[key]
_assert_is_list_but_not_string(to_add, key)
del params[key]
if value in params:
raise ClientException(
msg="Param {0} is already set.".format(value))
params[value] = json.dumps(to_add)
def init_client(service_name):
temp_client = get_client(service_name=service_name, api_version=api_version,
region_id=region_id, endpoint=endpoint,
access_key_id=access_key_id,
access_key_secret=access_key_secret,
credentials_provider=credentials_provider,
retry_policy=retry_policy,
endpoint_resolver=endpoint_resolver, config=config)
if enable_stream_logger:
temp_client.add_stream_log_handler(**stream_logger_handler)
if enable_file_logger:
if file_logger_handler.get('path') is None:
raise ClientException(
msg="The params file_logger_path is needed. If you want add file logger handler.")
temp_client.add_rotating_file_log_handler(**file_logger_handler)
return temp_client
def sign_string(self, source, access_secret):
if platform.system() != "Windows":
from Crypto.Signature import PKCS1_v1_5
from Crypto.Hash import SHA256
from Crypto.PublicKey import RSA
key = RSA.importKey(b64_decode_bytes(ensure_bytes(access_secret)))
h = SHA256.new(ensure_bytes(source))
signer = PKCS1_v1_5.new(key)
signed_bytes = signer.sign(h)
signed_base64 = b64_encode_bytes(signed_bytes)
signature = ensure_string(signed_base64).replace('\n', '')
return signature
else:
message = "auth type [publicKeyId] is disabled in Windows " \
"because 'pycrypto' is not supported, we will resolve " \
"this soon"
raise ClientException(msg=message)