def verify_pre_signed_url(key, req, resp, params):
headers = req.headers
project = headers.get('X-PROJECT-ID')
expires = headers.get('URL-EXPIRES')
methods = headers.get('URL-METHODS', '').split(',')
paths = headers.get('URL-PATHS', '').split(',')
signature = headers.get('URL-SIGNATURE')
if not signature:
return
if req.method not in methods:
raise falcon.HTTPNotFound()
if req.path not in paths:
raise falcon.HTTPNotFound()
try:
verified = urls.verify_signed_headers_data(key, paths,
project=project,
methods=methods,
expires=expires,
signature=signature)
except ValueError:
raise falcon.HTTPNotFound()
if not verified:
raise falcon.HTTPNotFound()
def verify_pre_signed_url(key, req, resp, params):
headers = req.headers
project = headers.get('X-PROJECT-ID')
expires = headers.get('URL-EXPIRES')
methods = headers.get('URL-METHODS', '').split(',')
paths = headers.get('URL-PATHS', '').split(',')
signature = headers.get('URL-SIGNATURE')
if not signature:
return
if req.method not in methods:
raise falcon.HTTPNotFound()
# Support to query single resource with pre-signed url
if not any([p for p in paths if re.search(p, req.path)]):
raise falcon.HTTPNotFound()
try:
verified = urls.verify_signed_headers_data(key, paths,
project=project,
methods=methods,
expires=expires,
signature=signature)
except ValueError:
raise falcon.HTTPNotFound()
if not verified:
raise falcon.HTTPNotFound()
def verify_pre_signed_url(key, req, resp, params):
headers = req.headers
project = headers.get('X-PROJECT-ID')
expires = headers.get('URL-EXPIRES')
methods = headers.get('URL-METHODS', '').split(',')
paths = headers.get('URL-PATHS', '').split(',')
signature = headers.get('URL-SIGNATURE')
if not signature:
return
if req.method not in methods:
raise falcon.HTTPNotFound()
# Support to query single resource with pre-signed url
if not any([p for p in paths if re.search(p, req.path)]):
raise falcon.HTTPNotFound()
try:
verified = urls.verify_signed_headers_data(key,
paths,
project=project,
methods=methods,
expires=expires,
signature=signature)
except ValueError:
raise falcon.HTTPNotFound()
if not verified:
raise falcon.HTTPNotFound()
def verify_signature(self, key, payload):
action = payload.get('action')
method = self._actions_mapping.get(action)
headers = payload.get('headers', {})
project = headers.get('X-Project-ID')
expires = headers.get('URL-Expires')
methods = headers.get('URL-Methods')
paths = headers.get('URL-Paths')
signature = headers.get('URL-Signature')
if not method or method not in methods:
return False
try:
verified = urls.verify_signed_headers_data(key,
paths,
project=project,
methods=methods,
expires=expires,
signature=signature)
except ValueError:
return False
return verified
def verify_signature(self, key, payload):
action = payload.get('action')
method = self._actions_mapping.get(action)
headers = payload.get('headers', {})
project = headers.get('X-Project-ID')
expires = headers.get('URL-Expires')
methods = headers.get('URL-Methods')
paths = headers.get('URL-Paths')
signature = headers.get('URL-Signature')
if not method or method not in methods:
return False
try:
verified = urls.verify_signed_headers_data(key, paths,
project=project,
methods=methods,
expires=expires,
signature=signature)
except ValueError:
return False
return verified
