예제 #1
0
    def setUp(self):
        super(TestS3PostPresigner, self).setUp()
        self.request_signer = RequestSigner(ServiceId('service_name'),
                                            'region_name', 'signing_name',
                                            's3v4', self.credentials,
                                            self.emitter)
        self.signer = S3PostPresigner(self.request_signer)
        self.request_dict = {
            'headers': {},
            'url': 'https://s3.amazonaws.com/mybucket',
            'body': b'',
            'url_path': '/',
            'method': 'POST',
            'context': {}
        }
        self.auth = mock.Mock()
        self.auth.REQUIRES_REGION = True
        self.add_auth = mock.Mock()
        self.auth.return_value.add_auth = self.add_auth
        self.fixed_credentials = self.credentials.get_frozen_credentials()

        self.datetime_patch = mock.patch('ibm_botocore.signers.datetime')
        self.datetime_mock = self.datetime_patch.start()
        self.fixed_date = datetime.datetime(2014, 3, 10, 17, 2, 55, 0)
        self.fixed_delta = datetime.timedelta(seconds=3600)
        self.datetime_mock.datetime.utcnow.return_value = self.fixed_date
        self.datetime_mock.timedelta.return_value = self.fixed_delta
예제 #2
0
    def test_region_required_for_sigv4(self):
        self.signer = RequestSigner(ServiceId('service_name'), None,
                                    'signing_name', 'v4', self.credentials,
                                    self.emitter)

        with self.assertRaises(NoRegionError):
            self.signer.sign('operation_name', self.request)
예제 #3
0
    def test_destination_region_always_changed(self):
        # If the user provides a destination region, we will still
        # override the DesinationRegion with the region_name from
        # the endpoint object.
        actual_region = 'us-west-1'
        operation_model = mock.Mock()
        operation_model.name = 'CopySnapshot'

        credentials = Credentials('key', 'secret')
        event_emitter = HierarchicalEmitter()
        request_signer = RequestSigner(ServiceId('ec2'), actual_region, 'ec2',
                                       'v4', credentials, event_emitter)
        request_dict = {}
        params = {
            'SourceRegion': 'us-west-2',
            'DestinationRegion': 'us-east-1'
        }
        request_dict['body'] = params
        request_dict['url'] = 'https://ec2.us-west-1.amazonaws.com'
        request_dict['method'] = 'POST'
        request_dict['headers'] = {}
        request_dict['context'] = {}

        # The user provides us-east-1, but we will override this to
        # endpoint.region_name, of 'us-west-1' in this case.
        handlers.inject_presigned_url_ec2(request_dict, request_signer,
                                          operation_model)

        self.assertIn('https://ec2.us-west-2.amazonaws.com?',
                      params['PresignedUrl'])

        # Always use the DestinationRegion from the endpoint, regardless of
        # whatever value the user provides.
        self.assertEqual(params['DestinationRegion'], actual_region)
 def setUp(self):
     self.credentials = Credentials('key', 'secret')
     self.emitter = mock.Mock()
     self.emitter.emit_until_response.return_value = (None, None)
     self.signer = RequestSigner(ServiceId('service_name'), 'region_name',
                                 'signing_name', 'v4', self.credentials,
                                 self.emitter)
     self.fixed_credentials = self.credentials.get_frozen_credentials()
 def setUp(self):
     super(TestRetryInterface, self).setUp()
     self.retried_on_exception = None
     self._operation = Mock(spec=OperationModel)
     self._operation.name = 'DescribeInstances'
     self._operation.metadata = {'protocol': 'query'}
     self._operation.service_model.service_id = ServiceId('EC2')
     self._operation.has_streaming_output = False
     self._operation.has_event_stream_output = False
예제 #6
0
    def test_add_md5_raises_error_when_md5_unavailable(self):
        credentials = Credentials('key', 'secret')
        request_signer = RequestSigner(ServiceId('s3'), 'us-east-1', 's3',
                                       's3', credentials, mock.Mock())
        request_dict = {
            'body': b'bar',
            'url': 'https://s3.us-east-1.amazonaws.com',
            'method': 'PUT',
            'headers': {}
        }

        self.set_md5_available(False)
        with self.assertRaises(MD5UnavailableError):
            handlers.calculate_md5(request_dict, request_signer=request_signer)
예제 #7
0
 def test_presigned_url_throws_unsupported_signature_error(self):
     request_dict = {
         'headers': {},
         'url': 'https://s3.amazonaws.com/mybucket/myobject',
         'body': b'',
         'url_path': '/',
         'method': 'GET',
         'context': {}
     }
     self.signer = RequestSigner(ServiceId('service_name'), 'region_name',
                                 'signing_name', 'foo', self.credentials,
                                 self.emitter)
     with self.assertRaises(UnsupportedSignatureVersionError):
         self.signer.generate_presigned_url(request_dict,
                                            operation_name='foo')
예제 #8
0
 def test_adds_md5_when_s3v2(self):
     credentials = Credentials('key', 'secret')
     request_signer = RequestSigner(ServiceId('s3'), 'us-east-1', 's3',
                                    's3', credentials, mock.Mock())
     request_dict = {
         'body': b'bar',
         'url': 'https://s3.us-east-1.amazonaws.com',
         'method': 'PUT',
         'headers': {}
     }
     context = self.get_context()
     handlers.conditionally_calculate_md5(request_dict,
                                          request_signer=request_signer,
                                          context=context)
     self.assertTrue('Content-MD5' in request_dict['headers'])
예제 #9
0
 def test_no_credentials_case_is_forwarded_to_signer(self):
     # If no credentials are given to the RequestSigner, we should
     # forward that fact on to the Auth class and let them handle
     # the error (which they already do).
     self.credentials = None
     self.signer = RequestSigner(ServiceId('service_name'), 'region_name',
                                 'signing_name', 'v4', self.credentials,
                                 self.emitter)
     auth_cls = mock.Mock()
     with mock.patch.dict(ibm_botocore.auth.AUTH_TYPE_MAPS,
                          {'v4': auth_cls}):
         self.signer.get_auth_instance('service_name', 'region_name', 'v4')
         auth_cls.assert_called_with(
             service_name='service_name',
             region_name='region_name',
             credentials=None,
         )
예제 #10
0
    def test_dest_region_removed(self):
        operation_model = mock.Mock()
        operation_model.name = 'CopyDBSnapshot'
        credentials = Credentials('key', 'secret')
        event_emitter = HierarchicalEmitter()
        request_signer = RequestSigner(ServiceId('rds'), 'us-east-1', 'rds',
                                       'v4', credentials, event_emitter)
        request_dict = {}
        params = {'SourceRegion': 'us-west-2'}
        request_dict['body'] = params
        request_dict['url'] = 'https://rds.us-east-1.amazonaws.com'
        request_dict['method'] = 'POST'
        request_dict['headers'] = {}
        request_dict['context'] = {}

        handlers.inject_presigned_url_rds(params=request_dict,
                                          request_signer=request_signer,
                                          model=operation_model)

        self.assertNotIn('DestinationRegion', params)
예제 #11
0
    def test_signer_with_refreshable_credentials_gets_credential_set(self):
        class FakeCredentials(Credentials):
            def get_frozen_credentials(self):
                return ReadOnlyCredentials('foo', 'bar', 'baz')

        self.credentials = FakeCredentials('a', 'b', 'c')

        self.signer = RequestSigner(ServiceId('service_name'), 'region_name',
                                    'signing_name', 'v4', self.credentials,
                                    self.emitter)

        auth_cls = mock.Mock()
        with mock.patch.dict(ibm_botocore.auth.AUTH_TYPE_MAPS,
                             {'v4': auth_cls}):
            auth = self.signer.get_auth('service_name', 'region_name')
            self.assertEqual(auth, auth_cls.return_value)
            # Note we're called with 'foo', 'bar', 'baz', and *not*
            # 'a', 'b', 'c'.
            auth_cls.assert_called_with(credentials=ReadOnlyCredentials(
                'foo', 'bar', 'baz'),
                                        service_name='service_name',
                                        region_name='region_name')