コード例 #1
0
    def _get_authorization(self, request, httpclient):
        uri = httpclient.get_uri(request)
        uri = url_quote(uri, '').lower()
        expiry = str(self._get_expiry())

        to_sign = uri + '\n' + expiry
        signature = url_quote(_sign_string(self.key_value, to_sign, False), '')

        auth_format = 'SharedAccessSignature sig={0}&se={1}&skn={2}&sr={3}'
        auth = auth_format.format(signature, expiry, self.key_name, uri)

        return auth
コード例 #2
0
    def _get_authorization(self, request, httpclient):
        uri = httpclient.get_uri(request)
        uri = url_quote(uri, '').lower()
        expiry = str(self._get_expiry())

        to_sign = uri + '\n' + expiry
        signature = url_quote(_sign_string(self.key_value, to_sign, False), '')

        auth_format = 'SharedAccessSignature sig={0}&se={1}&skn={2}&sr={3}'
        auth = auth_format.format(signature, expiry, self.key_name, uri)

        return auth
コード例 #3
0
def _sign_storage_blob_request(request, account_name, account_key):
    '''
    Returns the signed string for blob request which is used to set
    Authorization header. This is also used to sign queue request.
    '''

    uri_path = request.path.split('?')[0]

    # method to sign
    string_to_sign = request.method + '\n'

    # get headers to sign
    headers_to_sign = [
        'content-encoding', 'content-language', 'content-length',
        'content-md5', 'content-type', 'date', 'if-modified-since', 'if-match',
        'if-none-match', 'if-unmodified-since', 'range'
    ]

    request_header_dict = dict(
        (name.lower(), value) for name, value in request.headers if value)
    string_to_sign += '\n'.join(
        request_header_dict.get(x, '') for x in headers_to_sign) + '\n'

    # get x-ms header to sign
    x_ms_headers = []
    for name, value in request.headers:
        if 'x-ms' in name:
            x_ms_headers.append((name.lower(), value))
    x_ms_headers.sort()
    for name, value in x_ms_headers:
        if value:
            string_to_sign += ''.join([name, ':', value, '\n'])

    # get account_name and uri path to sign
    string_to_sign += '/' + account_name + uri_path

    # get query string to sign if it is not table service
    query_to_sign = request.query
    query_to_sign.sort()

    current_name = ''
    for name, value in query_to_sign:
        if value:
            if current_name != name:
                string_to_sign += '\n' + name + ':' + value
                current_name = name
            else:
                string_to_sign += '\n' + ',' + value

    # sign the request
    auth_string = 'SharedKey ' + account_name + ':' + \
        _sign_string(account_key, string_to_sign)
    return auth_string
コード例 #4
0
def _sign_storage_blob_request(request, account_name, account_key):
    '''
    Returns the signed string for blob request which is used to set
    Authorization header. This is also used to sign queue request.
    '''

    uri_path = request.path.split('?')[0]

    # method to sign
    string_to_sign = request.method + '\n'

    # get headers to sign
    headers_to_sign = [
        'content-encoding', 'content-language', 'content-length',
        'content-md5', 'content-type', 'date', 'if-modified-since',
        'if-match', 'if-none-match', 'if-unmodified-since', 'range']

    request_header_dict = dict((name.lower(), value)
                               for name, value in request.headers if value)
    string_to_sign += '\n'.join(request_header_dict.get(x, '')
                                for x in headers_to_sign) + '\n'

    # get x-ms header to sign
    x_ms_headers = []
    for name, value in request.headers:
        if 'x-ms' in name:
            x_ms_headers.append((name.lower(), value))
    x_ms_headers.sort()
    for name, value in x_ms_headers:
        if value:
            string_to_sign += ''.join([name, ':', value, '\n'])

    # get account_name and uri path to sign
    string_to_sign += '/' + account_name + uri_path

    # get query string to sign if it is not table service
    query_to_sign = request.query
    query_to_sign.sort()

    current_name = ''
    for name, value in query_to_sign:
        if value:
            if current_name != name:
                string_to_sign += '\n' + name + ':' + value
                current_name = name
            else:
                string_to_sign += '\n' + ',' + value

    # sign the request
    auth_string = 'SharedKey ' + account_name + ':' + \
        _sign_string(account_key, string_to_sign)
    return auth_string
コード例 #5
0
    def _generate_signature(self,
                            path,
                            resource_type,
                            shared_access_policy,
                            version=X_MS_VERSION,
                            cache_control=None,
                            content_disposition=None,
                            content_encoding=None,
                            content_language=None,
                            content_type=None,
                            table_name=None):
        ''' Generates signature for a given path and shared access policy. '''
        def get_value_to_append(value):
            return_value = value or ''
            return return_value + '\n'

        if path[0] != '/':
            path = '/' + path

        canonicalized_resource = '/' + self.account_name + path

        # Form the string to sign from shared_access_policy and canonicalized
        # resource. The order of values is important.
        ap = shared_access_policy.access_policy

        string_to_sign = \
            (get_value_to_append(ap.permission if ap else '') +
             get_value_to_append(ap.start if ap else '') +
             get_value_to_append(ap.expiry if ap else '') +
             get_value_to_append(canonicalized_resource) +
             get_value_to_append(shared_access_policy.id) +
             get_value_to_append(version))

        if resource_type:
            string_to_sign += \
                (get_value_to_append(cache_control) +
                get_value_to_append(content_disposition) +
                get_value_to_append(content_encoding) +
                get_value_to_append(content_language) +
                get_value_to_append(content_type))

        if table_name:
            string_to_sign += \
                (get_value_to_append(ap.start_pk if ap else '') +
                get_value_to_append(ap.start_rk if ap else '') +
                get_value_to_append(ap.end_pk if ap else '') +
                get_value_to_append(ap.end_rk if ap else ''))

        if string_to_sign[-1] == '\n':
            string_to_sign = string_to_sign[:-1]

        return _sign_string(self.account_key, string_to_sign)
コード例 #6
0
    def _generate_signature(self, path, resource_type, shared_access_policy,
                            version=X_MS_VERSION,
                            cache_control=None, content_disposition=None,
                            content_encoding=None, content_language=None,
                            content_type=None, table_name=None):
        ''' Generates signature for a given path and shared access policy. '''

        def get_value_to_append(value):
            return_value = value or ''
            return return_value + '\n'

        if path[0] != '/':
            path = '/' + path

        canonicalized_resource = '/' + self.account_name + path

        # Form the string to sign from shared_access_policy and canonicalized
        # resource. The order of values is important.
        ap = shared_access_policy.access_policy

        string_to_sign = \
            (get_value_to_append(ap.permission if ap else '') +
             get_value_to_append(ap.start if ap else '') +
             get_value_to_append(ap.expiry if ap else '') +
             get_value_to_append(canonicalized_resource) +
             get_value_to_append(shared_access_policy.id) +
             get_value_to_append(version))

        if resource_type:
            string_to_sign += \
                (get_value_to_append(cache_control) +
                get_value_to_append(content_disposition) +
                get_value_to_append(content_encoding) +
                get_value_to_append(content_language) +
                get_value_to_append(content_type))

        if table_name:
            string_to_sign += \
                (get_value_to_append(ap.start_pk if ap else '') +
                get_value_to_append(ap.start_rk if ap else '') +
                get_value_to_append(ap.end_pk if ap else '') +
                get_value_to_append(ap.end_rk if ap else ''))

        if string_to_sign[-1] == '\n':
            string_to_sign = string_to_sign[:-1]

        return _sign_string(self.account_key, string_to_sign)
コード例 #7
0
def _sign_storage_table_request(request, account_name, account_key):
    uri_path = request.path.split('?')[0]

    string_to_sign = request.method + '\n'
    headers_to_sign = ['content-md5', 'content-type', 'date']
    request_header_dict = dict(
        (name.lower(), value) for name, value in request.headers if value)
    string_to_sign += '\n'.join(
        request_header_dict.get(x, '') for x in headers_to_sign) + '\n'

    # get account_name and uri path to sign
    string_to_sign += ''.join(['/', account_name, uri_path])

    for name, value in request.query:
        if name == 'comp' and uri_path == '/':
            string_to_sign += '?comp=' + value
            break

    # sign the request
    auth_string = 'SharedKey ' + account_name + ':' + \
        _sign_string(account_key, string_to_sign)
    return auth_string
コード例 #8
0
def _sign_storage_table_request(request, account_name, account_key):
    uri_path = request.path.split('?')[0]

    string_to_sign = request.method + '\n'
    headers_to_sign = ['content-md5', 'content-type', 'date']
    request_header_dict = dict((name.lower(), value)
                               for name, value in request.headers if value)
    string_to_sign += '\n'.join(request_header_dict.get(x, '')
                                for x in headers_to_sign) + '\n'

    # get account_name and uri path to sign
    string_to_sign += ''.join(['/', account_name, uri_path])

    for name, value in request.query:
        if name == 'comp' and uri_path == '/':
            string_to_sign += '?comp=' + value
            break

    # sign the request
    auth_string = 'SharedKey ' + account_name + ':' + \
        _sign_string(account_key, string_to_sign)
    return auth_string
コード例 #9
0
 def _add_authorization_header(self, request, string_to_sign):
     signature = _sign_string(self.account_key, string_to_sign)
     auth_string = 'SharedKey ' + self.account_name + ':' + signature
     request.headers.append(('Authorization', auth_string))
コード例 #10
0
    def _sign(self, string_to_sign):
        ''' use HMAC-SHA256 to sign the string and convert it as base64
        encoded string. '''

        return _sign_string(self.account_key, string_to_sign)
コード例 #11
0
 def _add_authorization_header(self, request, string_to_sign):
     signature = _sign_string(self.account_key, string_to_sign)
     auth_string = 'SharedKey ' + self.account_name + ':' + signature
     request.headers.append(('Authorization', auth_string))