def from_arn(cls, arn): ''' Return a new HeatIdentifier generated by parsing the supplied ARN. ''' fields = arn.split(':') if len(fields) < 6 or fields[0].lower() != 'arn': raise ValueError(_('"%s" is not a valid ARN') % arn) id_fragment = ':'.join(fields[5:]) path = cls.path_re.match(id_fragment) if fields[1] != 'openstack' or fields[2] != 'heat' or not path: raise ValueError(_('"%s" is not a valid Heat ARN') % arn) return cls(urlutils.unquote(fields[4]), urlutils.unquote(path.group(1)), urlutils.unquote(path.group(2)), urlutils.unquote(path.group(3)))
def from_arn(cls, arn): ''' Return a new HeatIdentifier generated by parsing the supplied ARN. ''' fields = arn.split(':') if len(fields) < 6 or fields[0].lower() != 'arn': raise ValueError(_('"%s" is not a valid ARN') % arn) id_fragment = ':'.join(fields[5:]) path = cls.path_re.match(id_fragment) if fields[1] != 'openstack' or fields[2] != 'heat' or not path: raise ValueError(_('"%s" is not a valid Heat ARN') % arn) return cls(urlutils.unquote(fields[4]), urlutils.unquote(path.group(1)), urlutils.unquote(path.group(2)), urlutils.unquote(path.group(3)))
def _get_signed_url(self, signal_type=SIGNAL): """Create properly formatted and pre-signed URL. This uses the created user for the credentials. See boto/auth.py::QuerySignatureV2AuthHandler :param signal_type: either WAITCONDITION or SIGNAL. """ try: stored = db_api.resource_data_get(self, 'ec2_signed_url') except exception.NotFound: stored = None if stored is not None: return stored try: access_key = db_api.resource_data_get(self, 'access_key') secret_key = db_api.resource_data_get(self, 'secret_key') except exception.NotFound: logger.warning( _('Cannot generate signed url, ' 'no stored access/secret key')) return waitcond_url = cfg.CONF.heat_waitcondition_server_url signal_url = waitcond_url.replace('/waitcondition', signal_type) host_url = urlutils.urlparse(signal_url) path = self.identifier().arn_url_path() # Note the WSGI spec apparently means that the webob request we end up # prcessing in the CFN API (ec2token.py) has an unquoted path, so we # need to calculate the signature with the path component unquoted, but # ensure the actual URL contains the quoted version... unquoted_path = urlutils.unquote(host_url.path + path) request = { 'host': host_url.netloc.lower(), 'verb': SIGNAL_VERB[signal_type], 'path': unquoted_path, 'params': { 'SignatureMethod': 'HmacSHA256', 'SignatureVersion': '2', 'AWSAccessKeyId': access_key, 'Timestamp': self.created_time.strftime("%Y-%m-%dT%H:%M:%SZ") } } # Sign the request signer = ec2_utils.Ec2Signer(secret_key) request['params']['Signature'] = signer.generate(request) qs = urlutils.urlencode(request['params']) url = "%s%s?%s" % (signal_url.lower(), path, qs) db_api.resource_data_set(self, 'ec2_signed_url', url) return url
def _get_signed_url(self, signal_type=SIGNAL): """Create properly formatted and pre-signed URL. This uses the created user for the credentials. See boto/auth.py::QuerySignatureV2AuthHandler :param signal_type: either WAITCONDITION or SIGNAL. """ try: stored = db_api.resource_data_get(self, 'ec2_signed_url') except exception.NotFound: stored = None if stored is not None: return stored try: access_key = db_api.resource_data_get(self, 'access_key') secret_key = db_api.resource_data_get(self, 'secret_key') except exception.NotFound: logger.warning(_('Cannot generate signed url, ' 'no stored access/secret key')) return waitcond_url = cfg.CONF.heat_waitcondition_server_url signal_url = waitcond_url.replace('/waitcondition', signal_type) host_url = urlutils.urlparse(signal_url) path = self.identifier().arn_url_path() # Note the WSGI spec apparently means that the webob request we end up # prcessing in the CFN API (ec2token.py) has an unquoted path, so we # need to calculate the signature with the path component unquoted, but # ensure the actual URL contains the quoted version... unquoted_path = urlutils.unquote(host_url.path + path) request = {'host': host_url.netloc.lower(), 'verb': SIGNAL_VERB[signal_type], 'path': unquoted_path, 'params': {'SignatureMethod': 'HmacSHA256', 'SignatureVersion': '2', 'AWSAccessKeyId': access_key, 'Timestamp': self.created_time.strftime("%Y-%m-%dT%H:%M:%SZ") }} # Sign the request signer = ec2_utils.Ec2Signer(secret_key) request['params']['Signature'] = signer.generate(request) qs = urlutils.urlencode(request['params']) url = "%s%s?%s" % (signal_url.lower(), path, qs) db_api.resource_data_set(self, 'ec2_signed_url', url) return url
def from_arn(cls, arn): """ Return a new HeatIdentifier generated by parsing the supplied ARN. """ fields = arn.split(":") if len(fields) < 6 or fields[0].lower() != "arn": raise ValueError(_('"%s" is not a valid ARN') % arn) id_fragment = ":".join(fields[5:]) path = cls.path_re.match(id_fragment) if fields[1] != "openstack" or fields[2] != "heat" or not path: raise ValueError(_('"%s" is not a valid Heat ARN') % arn) return cls( urlutils.unquote(fields[4]), urlutils.unquote(path.group(1)), urlutils.unquote(path.group(2)), urlutils.unquote(path.group(3)), )
def from_arn_url(cls, url): """ Return a new HeatIdentifier generated by parsing the supplied URL The URL is expected to contain a valid arn as part of the path """ # Sanity check the URL urlp = urlutils.urlparse(url) if urlp.scheme not in ("http", "https") or not urlp.netloc or not urlp.path: raise ValueError(_('"%s" is not a valid URL') % url) # Remove any query-string and extract the ARN arn_url_prefix = "/arn%3Aopenstack%3Aheat%3A%3A" match = re.search(arn_url_prefix, urlp.path, re.IGNORECASE) if match is None: raise ValueError(_('"%s" is not a valid ARN URL') % url) # the +1 is to skip the leading / url_arn = urlp.path[match.start() + 1 :] arn = urlutils.unquote(url_arn) return cls.from_arn(arn)
def from_arn_url(cls, url): ''' Return a new HeatIdentifier generated by parsing the supplied URL The URL is expected to contain a valid arn as part of the path ''' # Sanity check the URL urlp = urlutils.urlparse(url) if (urlp.scheme not in ('http', 'https') or not urlp.netloc or not urlp.path): raise ValueError(_('"%s" is not a valid URL') % url) # Remove any query-string and extract the ARN arn_url_prefix = '/arn%3Aopenstack%3Aheat%3A%3A' match = re.search(arn_url_prefix, urlp.path, re.IGNORECASE) if match is None: raise ValueError(_('"%s" is not a valid ARN URL') % url) # the +1 is to skip the leading / url_arn = urlp.path[match.start() + 1:] arn = urlutils.unquote(url_arn) return cls.from_arn(arn)