def test_handle_custom_get_call_arguments(self): """ L{QueryAPI.handle} uses L{QueryAPI.get_call_arguments} to get the arguments for a call. """ creds = AWSCredentials("access", "secret") endpoint = AWSServiceEndpoint("http://uri") api = AlternativeWireFormatQueryAPI(self.registry) params = {"foo": "bar", "access_key": creds.access_key} signature = Signature(creds, endpoint, params.copy(), signature_method="Hmacsha256", signature_version=2) params["signature"] = signature.compute() request = FakeRequest(params, endpoint) def check(ignored): self.assertTrue(request.finished) self.assertEqual("data", request.response) self.assertEqual("4", request.headers["Content-Length"]) self.assertEqual("text/plain", request.headers["Content-Type"]) self.assertEqual(200, request.code) api.principal = TestPrincipal(creds) return api.handle(request).addCallback(check)
def test_handle_custom_get_call_arguments(self): """ L{QueryAPI.handle} uses L{QueryAPI.get_call_arguments} to get the arguments for a call. """ creds = AWSCredentials("access", "secret") endpoint = AWSServiceEndpoint("http://uri") api = AlternativeWireFormatQueryAPI(self.registry) params = {"foo": "bar", "access_key": creds.access_key} signature = Signature( creds, endpoint, params.copy(), signature_method="Hmacsha256", signature_version=2) params["signature"] = signature.compute() request = FakeRequest(params, endpoint) def check(ignored): self.assertTrue(request.finished) self.assertEqual("data", request.response) self.assertEqual("4", request.headers["Content-Length"]) self.assertEqual("text/plain", request.headers["Content-Type"]) self.assertEqual(200, request.code) api.principal = TestPrincipal(creds) return api.handle(request).addCallback(check)
def _validate_signature(self, request, principal, args, params): """Validate the signature.""" creds = AWSCredentials(principal.access_key, principal.secret_key) endpoint = AWSServiceEndpoint() endpoint.set_method(request.method) endpoint.set_canonical_host(request.getHeader("Host")) path = request.path if self.path is not None: path = "%s/%s" % (self.path.rstrip("/"), path.lstrip("/")) endpoint.set_path(path) signature = Signature( creds, endpoint, params, signature_method=args["signature_method"], signature_version=args["signature_version"], ) if signature.compute() != args["signature"]: raise APIError( 403, "SignatureDoesNotMatch", "The request signature we calculated does not " "match the signature you provided. Check your " "key and signing method.", )
def _validate_signature(self, request, principal, args, params): """Validate the signature.""" creds = AWSCredentials(principal.access_key, principal.secret_key) endpoint = AWSServiceEndpoint() endpoint.set_method(request.method) endpoint.set_canonical_host(request.getHeader("Host")) path = request.path if self.path is not None: path = "%s/%s" % (self.path.rstrip("/"), path.lstrip("/")) endpoint.set_path(path) params.pop("Signature") signature = Signature(creds, endpoint, params) if signature.compute() != args.Signature: raise APIError(403, "SignatureDoesNotMatch", "The request signature we calculated does not " "match the signature you provided. Check your " "key and signing method.")
def test_signature_verification_custom_get_call_arguments(self): """ The 'raw_args' returned from L{QueryAPI.get_call_arguments} is used for signature verification. """ creds = AWSCredentials("access", "secret") endpoint = AWSServiceEndpoint("http://uri") api = AlternativeWireFormatQueryAPI(self.registry) params = {"foo": "bar", "access_key": creds.access_key} signature = Signature( creds, endpoint, params.copy(), signature_method="Hmacsha256", signature_version=2) params["signature"] = signature.compute() params["foo"] = "HACKEDNOTBAR" request = FakeRequest(params, endpoint) def check(ignored): self.assertTrue(request.finished) self.assertIn("SignatureDoesNotMatch", request.response) api.principal = TestPrincipal(creds) return api.handle(request).addCallback(check)
def test_signature_verification_custom_get_call_arguments(self): """ The 'raw_args' returned from L{QueryAPI.get_call_arguments} is used for signature verification. """ creds = AWSCredentials("access", "secret") endpoint = AWSServiceEndpoint("http://uri") api = AlternativeWireFormatQueryAPI(self.registry) params = {"foo": "bar", "access_key": creds.access_key} signature = Signature(creds, endpoint, params.copy(), signature_method="Hmacsha256", signature_version=2) params["signature"] = signature.compute() params["foo"] = "HACKEDNOTBAR" request = FakeRequest(params, endpoint) def check(ignored): self.assertTrue(request.finished) self.assertIn("SignatureDoesNotMatch", request.response) api.principal = TestPrincipal(creds) return api.handle(request).addCallback(check)