Esempio n. 1
0
    def test_headers_to_sign_sigv4(self):
        environ = {
            'REQUEST_METHOD': 'GET'}

        # host and x-amz-date
        x_amz_date = self.get_v4_amz_date_header()
        headers = {
            'Authorization':
                'AWS4-HMAC-SHA256 '
                'Credential=test/20130524/US/s3/aws4_request, '
                'SignedHeaders=host;x-amz-content-sha256;x-amz-date,'
                'Signature=X',
            'X-Amz-Content-SHA256': '0123456789',
            'Date': self.get_date_header(),
            'X-Amz-Date': x_amz_date}

        req = Request.blank('/', environ=environ, headers=headers)
        sigv4_req = SigV4Request(req.environ)

        headers_to_sign = sigv4_req._headers_to_sign()
        self.assertEqual(['host', 'x-amz-content-sha256', 'x-amz-date'],
                         sorted(headers_to_sign.keys()))
        self.assertEqual(headers_to_sign['host'], 'localhost:80')
        self.assertEqual(headers_to_sign['x-amz-date'], x_amz_date)
        self.assertEqual(headers_to_sign['x-amz-content-sha256'], '0123456789')

        # no x-amz-date
        headers = {
            'Authorization':
                'AWS4-HMAC-SHA256 '
                'Credential=test/20130524/US/s3/aws4_request, '
                'SignedHeaders=host;x-amz-content-sha256,'
                'Signature=X',
            'X-Amz-Content-SHA256': '0123456789',
            'Date': self.get_date_header()}

        req = Request.blank('/', environ=environ, headers=headers)
        sigv4_req = SigV4Request(req.environ)

        headers_to_sign = sigv4_req._headers_to_sign()
        self.assertEqual(['host', 'x-amz-content-sha256'],
                         sorted(headers_to_sign.keys()))
        self.assertEqual(headers_to_sign['host'], 'localhost:80')
        self.assertEqual(headers_to_sign['x-amz-content-sha256'], '0123456789')

        # SignedHeaders says, host and x-amz-date included but there is not
        # X-Amz-Date header
        headers = {
            'Authorization':
                'AWS4-HMAC-SHA256 '
                'Credential=test/20130524/US/s3/aws4_request, '
                'SignedHeaders=host;x-amz-content-sha256;x-amz-date,'
                'Signature=X',
            'X-Amz-Content-SHA256': '0123456789',
            'Date': self.get_date_header()}

        req = Request.blank('/', environ=environ, headers=headers)
        with self.assertRaises(SignatureDoesNotMatch):
            sigv4_req = SigV4Request(req.environ)
            sigv4_req._headers_to_sign()
Esempio n. 2
0
    def test_canonical_uri_sigv4(self):
        environ = {'HTTP_HOST': 'bucket.s3.test.com', 'REQUEST_METHOD': 'GET'}

        # host and x-amz-date
        x_amz_date = self.get_v4_amz_date_header()
        headers = {
            'Authorization':
            'AWS4-HMAC-SHA256 '
            'Credential=test/20130524/US/s3/aws4_request, '
            'SignedHeaders=host;x-amz-content-sha256;x-amz-date,'
            'Signature=X',
            'X-Amz-Content-SHA256':
            '0123456789',
            'Date':
            self.get_date_header(),
            'X-Amz-Date':
            x_amz_date
        }

        # Virtual hosted-style
        with patch('swift3.cfg.CONF.storage_domain', 's3.test.com'):
            req = Request.blank('/', environ=environ, headers=headers)
            sigv4_req = SigV4Request(req.environ)
            uri = sigv4_req._canonical_uri()

            self.assertEqual(uri, '/')
            self.assertEqual(req.environ['PATH_INFO'], '/')

            req = Request.blank('/obj1', environ=environ, headers=headers)
            sigv4_req = SigV4Request(req.environ)
            uri = sigv4_req._canonical_uri()

            self.assertEqual(uri, '/obj1')
            self.assertEqual(req.environ['PATH_INFO'], '/obj1')

        environ = {'HTTP_HOST': 's3.test.com', 'REQUEST_METHOD': 'GET'}

        # Path-style
        with patch('swift3.cfg.CONF.storage_domain', ''):
            req = Request.blank('/', environ=environ, headers=headers)
            sigv4_req = SigV4Request(req.environ)
            uri = sigv4_req._canonical_uri()

            self.assertEqual(uri, '/')
            self.assertEqual(req.environ['PATH_INFO'], '/')

            req = Request.blank('/bucket/obj1',
                                environ=environ,
                                headers=headers)
            sigv4_req = SigV4Request(req.environ)
            uri = sigv4_req._canonical_uri()

            self.assertEqual(uri, '/bucket/obj1')
            self.assertEqual(req.environ['PATH_INFO'], '/bucket/obj1')
Esempio n. 3
0
        def _get_req(path, environ):
            if '?' in path:
                path, query_string = path.split('?', 1)
            else:
                query_string = ''

            env = {
                'REQUEST_METHOD':
                'GET',
                'PATH_INFO':
                path,
                'QUERY_STRING':
                query_string,
                'HTTP_DATE':
                'Mon, 09 Sep 2011 23:36:00 GMT',
                'HTTP_X_AMZ_CONTENT_SHA256':
                'e3b0c44298fc1c149afbf4c8996fb924'
                '27ae41e4649b934ca495991b7852b855',
                'HTTP_AUTHORIZATION':
                'AWS4-HMAC-SHA256 '
                'Credential=X:Y/dt/reg/host/blah, '
                'SignedHeaders=content-md5;content-type;date, '
                'Signature=x',
            }
            env.update(environ)
            with patch('swift3.request.Request._validate_headers'):
                req = SigV4Request(env)
            return req
Esempio n. 4
0
    def _test_request_timestamp_sigv4(self, date_header):
        # signature v4 here
        environ = {'REQUEST_METHOD': 'GET'}

        if 'X-Amz-Date' in date_header:
            included_header = 'x-amz-date'
        elif 'Date' in date_header:
            included_header = 'date'
        else:
            self.fail('Invalid date header specified as test')

        headers = {
            'Authorization':
            'AWS4-HMAC-SHA256 '
            'Credential=test/20130524/US/s3/aws4_request, '
            'SignedHeaders=%s,'
            'Signature=X' % ';'.join(sorted(['host', included_header])),
            'X-Amz-Content-SHA256':
            '0123456789'
        }

        headers.update(date_header)
        req = Request.blank('/', environ=environ, headers=headers)
        sigv4_req = SigV4Request(req.environ)

        if 'X-Amz-Date' in date_header:
            timestamp = mktime(date_header['X-Amz-Date'],
                               SIGV4_X_AMZ_DATE_FORMAT)
        elif 'Date' in date_header:
            timestamp = mktime(date_header['Date'])

        self.assertEqual(timestamp, int(sigv4_req.timestamp))
Esempio n. 5
0
        def canonical_string(path, environ):
            if '?' in path:
                path, query_string = path.split('?', 1)
            else:
                query_string = ''

            env = {
                'REQUEST_METHOD':
                'GET',
                'PATH_INFO':
                path,
                'QUERY_STRING':
                query_string,
                'HTTP_DATE':
                'Mon, 09 Sep 2011 23:36:00 GMT',
                'HTTP_X_AMZ_CONTENT_SHA256':
                ('e3b0c44298fc1c149afbf4c8996fb924'
                 '27ae41e4649b934ca495991b7852b855')
            }
            env.update(environ)
            with patch('swift3.request.Request._validate_headers'):
                req = SigV4Request(env)
            return req._string_to_sign()