def _load_profile(self, profile_name): if self.environ.get(self.ENV_NAME_FOR_CREDENTIALS_FILE) is not None: config_file_name = self.environ.get( self.ENV_NAME_FOR_CREDENTIALS_FILE) if config_file_name: full_path = os.path.expanduser(config_file_name) try: config = load_config(full_path) except ConfigNotFoundException as e: raise e else: if profile_name not in config: raise PartialCredentialsException( provider='profile', cred_var='%s section' % (profile_name)) return config[profile_name] raise ClientException(msg='Found profile in env, but %s is empty' % self.ENV_NAME_FOR_CREDENTIALS_FILE) # read the default credentials file full_path = os.path.expanduser(self.DEFAULT_NAME_FOR_CREDENTIALS_FILE) try: config = load_config(full_path) except ConfigNotFoundException: # Move on to the next potential config file name. return None else: if profile_name in config: return config[profile_name]
def refresh(self): result = self._client.describe_images(image_id=self.image_id) items = _new_get_key_in_response(result, 'Images.Image') if not items: raise ClientException(msg="Failed to find image data from DescribeImages response. " "ImageId = {0}".format(self.image_id)) self._assign_attributes(items[0])
def refresh(self): result = self._client.get_policy(policy_name=self.policy_name) items = _new_get_key_in_response(result, 'Policy') if not items: raise ClientException(msg="Failed to find policy data from GetPolicy response. " "PolicyName = {0}".format(self.policy_name)) self._assign_attributes(items[0])
def rotate_credentials(self): try: r = requests.get(url=self.URL_PATH + self.role_name) except requests.exceptions.ConnectionError: raise ConnectionUsingEcsRamRoleException() data = json.loads(r.text) if data.get("Code") != "Success": message = "Failed to get instance profile. Code={}".format( +data.get("Code")) raise ClientException(msg=message) expiration = data.get("Expiration") if expiration: self._expiration = time.mktime( time.strptime(expiration, '%Y-%m-%dT%H:%M:%SZ')) else: # FIXME Why? self._expiration = expiration return SecurityCredentials( data['AccessKeyId'], data['AccessKeySecret'], data['SecurityToken'], )
def refresh(self): result = self._client.describe_tasks(task_ids=self.task_id) items = _new_get_key_in_response(result, 'TaskSet.Task') if not items: raise ClientException(msg="Failed to find task data from DescribeTasks response. " "TaskId = {0}".format(self.task_id)) self._assign_attributes(items[0])
def _read_from_file(self): profile = {} if self.ENV_NAME_FOR_CONFIG_FILE in os.environ: config_file_name = os.environ.get(self.ENV_NAME_FOR_CONFIG_FILE) if not config_file_name: raise ClientException( msg='Found config profile in env, but %s is empty' % self.ENV_NAME_FOR_CONFIG_FILE) full_path = os.path.expanduser(config_file_name) try: config = load_config(full_path) except ConfigNotFoundException as e: raise e else: # Alibaba Cloud only support default if 'default' not in config: raise PartialCredentialsException( provider='profile', cred_var='default section') profile = config['default'] else: full_path = os.path.expanduser(self.DEFAULT_NAME_FOR_CONFIG_FILE) try: config = load_config(full_path) except ConfigNotFoundException: pass else: if 'default' in config: profile = config['default'] for key in dir(self): if profile.get(key) is not None and getattr(self, key) is None: setattr(self, key, profile.get(key))
def refresh(self): result = self._client.get_role(role_name=self.role_name) items = _new_get_key_in_response(result, 'Role') if not items: raise ClientException(msg="Failed to find role data from GetRole response. " "RoleName = {0}".format(self.role_name)) self._assign_attributes(items[0])
def refresh(self): result = self._client.describe_regions(region_id=self.region_id) items = _new_get_key_in_response(result, 'Regions.Region') if not items: raise ClientException(msg="Failed to find region data from DescribeRegions response. " "RegionId = {0}".format(self.region_id)) self._assign_attributes(items[0])
def refresh(self): result = self._client.get_group(group_name=self.group_name) items = _new_get_key_in_response(result, 'Group') if not items: raise ClientException(msg="Failed to find group data from GetGroup response. " "GroupName = {0}".format(self.group_name)) self._assign_attributes(items[0])
def refresh(self): result = self._client.get_user(user_name=self.user_name) items = _new_get_key_in_response(result, 'User') if not items: raise ClientException(msg="Failed to find user data from GetUser response. " "UserName = {0}".format(self.user_name)) self._assign_attributes(items)
def _handle_param_aliases(params, aliases): for key, value in iteritems(aliases): if key in params: if value in params: raise ClientException( msg="Param {0} is already set.".format(value)) params[value] = params[key] del params[key]
def _assert_is_list_but_not_string(item, name): if not isinstance(item, str) and (isinstance(item, list) or isinstance(item, tuple)): pass else: message = "{0} should be a list or a tuple, {1} found.".format( name, item.__class__.__name__) raise ClientException(msg=message)
def refresh(self): result = self._client.describe_load_balancers(load_balancer_id=self.load_balancer_id) items = _new_get_key_in_response(result, 'LoadBalancers.LoadBalancer') if not items: raise ClientException(msg= "Failed to find load_balancer data from DescribeLoadBalancers response. " "LoadBalancerId = {0}".format(self.load_balancer_id)) self._assign_attributes(items[0])
def refresh(self): result = self._client.describe_ca_certificates(ca_certificate_id=self.ca_certificate_id) items = _new_get_key_in_response(result, 'CACertificates.CACertificate') if not items: raise ClientException(msg= "Failed to find ca_certificate data from DescribeCACertificates response. " "CACertificateId = {0}".format(self.ca_certificate_id)) self._assign_attributes(items[0])
def refresh(self): result = self._client.describe_databases( db_name=self.db_name,db_instance_id=self.db_instance_id) items = _new_get_key_in_response(result, 'Databases.Database') if not items: raise ClientException(msg="Failed to find db data from DescribeDatabases response. " "DBName = {0}".format(self.db_name)) self._assign_attributes(items[0])
def refresh(self): response = self._client.describe_eip_addresses(allocation_id=self.allocation_id) items = _new_get_key_in_response(response, 'EipAddresses.EipAddress') if not items: raise ClientException(msg="Failed to find EIP Address data from DescribeEipAddresses " "response. " "AllocationId = {0}".format(self.allocation_id)) self._assign_attributes(items[0])
def handle_request(self, context): http_request = context.http_request api_request = context.api_request http_request.accept_format = 'JSON' # handle params to body_params or query_params parse_params = { "query": (api_request._query_params, "QueryParams"), "body": (api_request._body_params, "BodyParams"), "path": (api_request.path_params, "PathParams"), "header": (api_request._headers, "Headers") } # TODO default params is query_params if api_request.params: key = api_request._param_position if key in parse_params: params, position = parse_params[key] params.update(self._filter_params(api_request.params)) context.client.logger.debug('Request received. Product:%s %s: %s', context.client.product_code, position, str(params)) # handle api_request region_id, rpc and roa must if 'RegionId' not in api_request._query_params: api_request._query_params['RegionId'] = context.config.region_id # handle headers body_params = api_request._body_params # ROA GET POST PUT DEL # RPC GET POST if body_params: body = urlencode(body_params) api_request._content = body api_request._headers["Content-Type"] = format_type.APPLICATION_FORM elif api_request._content and "Content-Type" not in api_request._headers: api_request._headers["Content-Type"] = format_type.APPLICATION_OCTET_STREAM http_request.body = api_request._content user_agent = _modify_user_agent(context.config.user_agent) api_request._headers['User-Agent'] = user_agent api_request._headers['x-acs-region-id'] = str(context.config.region_id) api_request._headers['x-sdk-client'] = 'python/2.0.0' api_request._headers['Accept-Encoding'] = 'identity' # handle other attr http_request.method = api_request.method http_request.proxy = context.config.proxy # {} http_request.scheme = api_request.scheme # http|https if http_request.scheme == 'https': if context.config.enable_https: http_request.port = context.config.https_port else: raise ClientException(msg='Please make sure the config enable_https is True.') else: http_request.port = context.config.http_port
def refresh(self): result = self._client.describe_backups( backup_id=self.backup_id, db_instance_id=self.db_instance_id) items = _new_get_key_in_response(result, 'Items.Backup') if not items: raise ClientException( msg="Failed to find backup data from DescribeBackups response. " "BackupId = {0}".format(self.backup_id)) self._assign_attributes(items[0])
def refresh(self): result = self._client.describe_domain_extensions( domain_extension_id=self.domain_extension_id) items = _new_get_key_in_response(result, 'DomainExtensions.DomainExtension') if not items: raise ClientException(msg= "Failed to find domain_extension data from DescribeDomainExtensions response. " "DomainExtensionId = {0}".format(self.domain_extension_id)) self._assign_attributes(items[0])
def refresh(self): result = self._client.describe_accounts( account_name=self.account_name, db_instance_id=self.db_instance_id) items = _new_get_key_in_response(result, 'Accounts.DBInstanceAccount') if not items: raise ClientException(msg="Failed to find account data from DescribeAccounts response. " "AccountName = {0}".format(self.account_name)) self._assign_attributes(items[0])
def refresh(self): result = self._client.describe_db_instances(db_instance_id=self.db_instance_id) items = _new_get_key_in_response(result, 'Items.DBInstance') if not items: raise ClientException( msg="Failed to find db_instance data from DescribeDBInstances response. " "DBInstanceId = {0}".format( self.db_instance_id)) self._assign_attributes(items[0])
def handle_response(self, context): if not context.exception: try: context.result = json.loads(context.http_response.text) except ValueError: # failed to parse body as json format raise ClientException( msg='Failed to parse response as json format.Response:%s' % str( context.http_response.text))
def _new_get_key_in_response(response, key): # response type dic json_response = json.dumps(response) # new_response = json.loads(json_response.decode('utf-8'), object_hook=_SearchableDict) new_response = json.loads(json_response, object_hook=_SearchableDict) result = jmespath.search(key, new_response) if result is None: raise ClientException(msg="No '{0}' in server response.".format(key)) return result
def refresh(self): response = self._client.describe_disks( disk_ids=json.dumps([self.disk_id])) items = _new_get_key_in_response(response, 'Disks.Disk') if not items: raise ClientException( msg="Failed to find disk data from DescribeDiks " "response. " "DiskId = {0}".format(self.disk_id)) self._assign_attributes(items[0])
def refresh(self): result = self._client.describe_instances( instance_ids=json.dumps([self.instance_id])) items = _new_get_key_in_response(result, 'Instances.Instance') if not items: raise ClientException( msg= "Failed to find instance data from DescribeInstances response. " "InstanceId = {0}".format(self.instance_id)) self._assign_attributes(items[0])
def refresh(self): response = self._client.describe_instance_history_events(event_id=[ self.event_id, ]) items = _new_get_key_in_response( response, 'InstanceSystemEventSet.InstanceSystemEventType') if not items: raise ClientException( msg="Failed to find event data from " "DescribeInstanceHistoryEventsRequest response. " "EventId = {0}".format(self.event_id)) self._assign_attributes(items[0])
def _get_provider_by_profile(self, profile): def _get_value(key): if key not in profile: raise PartialCredentialsException(provider='profile', cred_var=key) return profile[key] if profile: type_ = profile.get('type') if not type_: type_ = 'access_key' # use access_key for default type if type_ == 'access_key': return StaticCredentialsProvider( AccessKeyCredentials( _get_value('access_key_id'), _get_value('access_key_secret'), )) elif type_ == 'ecs_ram_role': return InstanceProfileCredentialsProvider( _get_value('role_name')) elif type_ == 'ram_role_arn': return RamRoleCredentialsProvider( self.client_config, AccessKeyCredentials( _get_value('access_key_id'), _get_value('access_key_secret'), ), _get_value('role_arn'), role_session_name=_get_value('role_session_name')) elif type_ == 'bearer_token': return StaticCredentialsProvider( BearerTokenCredentials(_get_value('bearer_token'), )) elif type_ == 'rsa_key_pair': raise ClientException( msg="RSA Key Pair credentials are not supported.") elif type_ == 'sts_token': return StaticCredentialsProvider( SecurityCredentials( _get_value('access_key_id'), _get_value('access_key_secret'), _get_value('security_token'), )) else: raise Exception( "Unexpected credentials type: {}".format(type_))
def _param_expand_to_json(params, rules, singular=True): for key, value in iteritems(rules): # key is like: instance_id or instance_ids # value is like: InstanceIds if key in params: if singular: to_add = [params[key]] else: to_add = params[key] _assert_is_list_but_not_string(to_add, key) del params[key] if value in params: raise ClientException( msg="Param {0} is already set.".format(value)) params[value] = json.dumps(to_add)
def init_client(service_name): temp_client = get_client(service_name=service_name, api_version=api_version, region_id=region_id, endpoint=endpoint, access_key_id=access_key_id, access_key_secret=access_key_secret, credentials_provider=credentials_provider, retry_policy=retry_policy, endpoint_resolver=endpoint_resolver, config=config) if enable_stream_logger: temp_client.add_stream_log_handler(**stream_logger_handler) if enable_file_logger: if file_logger_handler.get('path') is None: raise ClientException( msg="The params file_logger_path is needed. If you want add file logger handler.") temp_client.add_rotating_file_log_handler(**file_logger_handler) return temp_client
def sign_string(self, source, access_secret): if platform.system() != "Windows": from Crypto.Signature import PKCS1_v1_5 from Crypto.Hash import SHA256 from Crypto.PublicKey import RSA key = RSA.importKey(b64_decode_bytes(ensure_bytes(access_secret))) h = SHA256.new(ensure_bytes(source)) signer = PKCS1_v1_5.new(key) signed_bytes = signer.sign(h) signed_base64 = b64_encode_bytes(signed_bytes) signature = ensure_string(signed_base64).replace('\n', '') return signature else: message = "auth type [publicKeyId] is disabled in Windows " \ "because 'pycrypto' is not supported, we will resolve " \ "this soon" raise ClientException(msg=message)