def validate_signature(self, parameters, signature=None, raise_error=False, url_end_point=None):
if conf.DEFAULT_SIGNATURE_VERSION == "2":
assert url_end_point, "The url_end_point is a required parameter for version 2 Signatures."
# @TODO - the api call won't work since api.py imports base.py (circular import). Need to resolve circular import or implement PKI method (ugh!).
#client = api.ApiClient()
#response = client.verify_signature(url_end_point, parameters)
http_parameters = urllib.urlencode(parameters)
assert type(http_parameters) in [str, unicode], "http_parameters must be a string"
self.endpoint = SANDBOX_ENDPOINT if conf.RUN_IN_SANDBOX else ENDPOINT
timestamp = time.strftime(TIME_FORMAT, time.gmtime())
qs = util.query_string({
'Action':'VerifySignature',
'Timestamp':timestamp,
'AWSAccessKeyId': self.access_key_id,
'Version': AMAZON_FPS_API_VERSION,
'UrlEndPoint': url_end_point,
'HttpParameters': http_parameters,})
url = self.endpoint+'/'+qs
try:
data = urllib2.urlopen(url).read()
response = xml.VerifySignatureResponse(data)
except urllib2.HTTPError, e:
data = e.read()
response = xml.Response(data)
try:
matches = response.verificationStatus == 'Success'
except AttributeError:
matches = False
if not matches:
LOGGER.error("Signature Verification failed.")
if raise_error:
raise InvalidSignatureError("Invalid Signature.", "", parameters)
return matches
def get_query_string(self, parameters):
"""Return a query string for the given keyword arguments.
This will include the correct calleryKey, version, and
generated query signature needed by amazon.
"""
parameters.setdefault('callerKey', self.access_key_id)
parameters.setdefault('version', AMAZON_FPS_VERSION)
parameters['awsSignature'] = util.get_signature(self.secret_key, parameters)
return util.query_string(parameters)
def get_query_string(self, parameters):
"""Return a query string for the given keyword arguments.
This will include the correct calleryKey, version, and
generated query signature needed by amazon.
"""
parameters.setdefault('AWSAccessKeyId', self.access_key_id)
parameters.setdefault('Version', AMAZON_FPS_API_VERSION)
parameters['SignatureVersion'] = '2'
if parameters.get('SignatureVersion') == '2':
parameters['SignatureMethod'] = 'HmacSHA256'
parameters['Signature'] = util.get_signature(self.secret_key, parameters, self.endpoint)
return util.query_string(parameters)
def verify_signature(self, url_end_point, http_parameters):
assert type(http_parameters) in [str, unicode], "http_parameters must be a string"
timestamp = time.strftime(TIME_FORMAT, time.gmtime())
qs = util.query_string({
'Action':'VerifySignature',
'Timestamp':timestamp,
'AWSAccessKeyId': self.access_key_id,
'Version': AMAZON_FPS_API_VERSION,
'UrlEndPoint': url_end_point,
'HttpParameters': http_parameters,})
url = self.endpoint+'/'+qs
data, success = self.call(url)
if success:
response = xml.VerifySignatureResponse(data)
else:
response = xml.Response(data)
return response
def test_query_string(self):
self.assertEquals(util.query_string(dict(foo="bar", one=1, two=None)),
'?foo=bar&one=1')
