def test_handle_custom_get_call_arguments(self):
"""
L{QueryAPI.handle} uses L{QueryAPI.get_call_arguments} to get the
arguments for a call.
"""
creds = AWSCredentials("access", "secret")
endpoint = AWSServiceEndpoint("http://uri")
api = AlternativeWireFormatQueryAPI(self.registry)
params = {"foo": "bar", "access_key": creds.access_key}
signature = Signature(creds,
endpoint,
params.copy(),
signature_method="Hmacsha256",
signature_version=2)
params["signature"] = signature.compute()
request = FakeRequest(params, endpoint)
def check(ignored):
self.assertTrue(request.finished)
self.assertEqual("data", request.response)
self.assertEqual("4", request.headers["Content-Length"])
self.assertEqual("text/plain", request.headers["Content-Type"])
self.assertEqual(200, request.code)
api.principal = TestPrincipal(creds)
return api.handle(request).addCallback(check)
def test_handle_custom_get_call_arguments(self):
"""
L{QueryAPI.handle} uses L{QueryAPI.get_call_arguments} to get the
arguments for a call.
"""
creds = AWSCredentials("access", "secret")
endpoint = AWSServiceEndpoint("http://uri")
api = AlternativeWireFormatQueryAPI(self.registry)
params = {"foo": "bar", "access_key": creds.access_key}
signature = Signature(
creds, endpoint, params.copy(),
signature_method="Hmacsha256",
signature_version=2)
params["signature"] = signature.compute()
request = FakeRequest(params, endpoint)
def check(ignored):
self.assertTrue(request.finished)
self.assertEqual("data", request.response)
self.assertEqual("4", request.headers["Content-Length"])
self.assertEqual("text/plain", request.headers["Content-Type"])
self.assertEqual(200, request.code)
api.principal = TestPrincipal(creds)
return api.handle(request).addCallback(check)
def _validate_signature(self, request, principal, args, params):
"""Validate the signature."""
creds = AWSCredentials(principal.access_key, principal.secret_key)
endpoint = AWSServiceEndpoint()
endpoint.set_method(request.method)
endpoint.set_canonical_host(request.getHeader("Host"))
path = request.path
if self.path is not None:
path = "%s/%s" % (self.path.rstrip("/"), path.lstrip("/"))
endpoint.set_path(path)
signature = Signature(
creds,
endpoint,
params,
signature_method=args["signature_method"],
signature_version=args["signature_version"],
)
if signature.compute() != args["signature"]:
raise APIError(
403,
"SignatureDoesNotMatch",
"The request signature we calculated does not "
"match the signature you provided. Check your "
"key and signing method.",
)
def _validate_signature(self, request, principal, args, params):
"""Validate the signature."""
creds = AWSCredentials(principal.access_key, principal.secret_key)
endpoint = AWSServiceEndpoint()
endpoint.set_method(request.method)
endpoint.set_canonical_host(request.getHeader("Host"))
path = request.path
if self.path is not None:
path = "%s/%s" % (self.path.rstrip("/"), path.lstrip("/"))
endpoint.set_path(path)
params.pop("Signature")
signature = Signature(creds, endpoint, params)
if signature.compute() != args.Signature:
raise APIError(403, "SignatureDoesNotMatch",
"The request signature we calculated does not "
"match the signature you provided. Check your "
"key and signing method.")
def test_signature_verification_custom_get_call_arguments(self):
"""
The 'raw_args' returned from L{QueryAPI.get_call_arguments} is used for
signature verification.
"""
creds = AWSCredentials("access", "secret")
endpoint = AWSServiceEndpoint("http://uri")
api = AlternativeWireFormatQueryAPI(self.registry)
params = {"foo": "bar", "access_key": creds.access_key}
signature = Signature(
creds, endpoint, params.copy(),
signature_method="Hmacsha256",
signature_version=2)
params["signature"] = signature.compute()
params["foo"] = "HACKEDNOTBAR"
request = FakeRequest(params, endpoint)
def check(ignored):
self.assertTrue(request.finished)
self.assertIn("SignatureDoesNotMatch", request.response)
api.principal = TestPrincipal(creds)
return api.handle(request).addCallback(check)
def test_signature_verification_custom_get_call_arguments(self):
"""
The 'raw_args' returned from L{QueryAPI.get_call_arguments} is used for
signature verification.
"""
creds = AWSCredentials("access", "secret")
endpoint = AWSServiceEndpoint("http://uri")
api = AlternativeWireFormatQueryAPI(self.registry)
params = {"foo": "bar", "access_key": creds.access_key}
signature = Signature(creds,
endpoint,
params.copy(),
signature_method="Hmacsha256",
signature_version=2)
params["signature"] = signature.compute()
params["foo"] = "HACKEDNOTBAR"
request = FakeRequest(params, endpoint)
def check(ignored):
self.assertTrue(request.finished)
self.assertIn("SignatureDoesNotMatch", request.response)
api.principal = TestPrincipal(creds)
return api.handle(request).addCallback(check)
