def test_sts_token_signer(self):
credential = StsTokenCredential('sts_access_key_id',
'sts_access_key_secret', 'sts_token')
signer = StsTokenSigner(credential)
# for rpc
request = RpcRequest("product", "version", "action_name")
self.assertIsNone(request.get_query_params().get("SecurityToken"))
headers, url = signer.sign('cn-hangzhou', request)
self.assertDictEqual(
request.get_headers(), {
'x-acs-action': 'action_name',
'x-acs-version': 'version',
'x-sdk-invoke-type': 'normal'
})
self.assertEqual(request.get_query_params().get("SecurityToken"),
'sts_token')
# self.assertEqual(url, "/?SignatureVersion=1.0&Format=None"
# "&Timestamp=2018-12-02T11%3A03%3A01Z&RegionId=cn-hangzhou"
# "&AccessKeyId=access_key_id&SignatureMethod=HMAC-SHA1&Version=version"
# "&Signature=AmdeJh1ZOW6PgwM3%2BROhEnbKII4%3D&Action=action_name"
# "&SignatureNonce=d5e6e832-7f95-4f26-9e28-017f735721f8&SignatureType=')
request = RoaRequest("product",
"version",
"action_name",
uri_pattern="/")
request.set_method('get')
self.assertIsNone(request.get_headers().get("x-acs-security-token"))
headers, url = signer.sign('cn-hangzhou', request)
self.assertEqual(request.get_headers().get("x-acs-security-token"),
'sts_token')
def test_ecs_ram_role_signer(self, mock_urlopen):
credential = EcsRamRoleCredential("role")
signer = EcsRamRoleSigner(credential)
request = RpcRequest("product", "version", "action_name")
res = Mock()
res.read.return_value = ensure_bytes('{"Code": "Success","AccessKeyId":"access_key_id",\
"AccessKeySecret":"access_key_secret","Expiration":3600,\
"SecurityToken": "security_token"}')
mock_urlopen.return_value = res
headers, url = signer.sign('cn-hangzhou', request)
mock_urlopen.assert_called_once_with(
'http://100.100.100.200/latest/meta-data/ram/security-credentials/role')
self.assertEqual(request.get_query_params().get(
"SecurityToken"), 'security_token')
# self.assertEqual(url, '/?SignatureVersion=1.0&Format=None"
# "&Timestamp=2018-12-02T11%3A03%3A01Z&RegionId=cn-hangzhou"
# "&AccessKeyId=access_key_id&SignatureMethod=HMAC-SHA1"
# "&Version=version&Signature=AmdeJh1ZOW6PgwM3%2BROhEnbKII4%3D"
# "&Action=action_name&SignatureNonce=d5e6e832-7f95-4f26-9e28-017f735721f8&SignatureType=')
request = RoaRequest("product", "version",
"action_name", uri_pattern="/")
request.set_method('get')
self.assertIsNone(request.get_headers().get("x-acs-security-token"))
headers, url = signer.sign('cn-hangzhou', request)
self.assertEqual(request.get_headers().get(
"x-acs-security-token"), 'security_token')
def get_query_params(self):
req_params = RpcRequest.get_query_params(self)
if req_params is None:
req_params = {}
row = {}
if self.__project is not None:
row['project'] = self.__project
if self.__metricName is not None:
row['metricName'] = self.__metricName
if self.__timestamp is not None:
row['timestamp'] = self.__timestamp
if self.__host is not None:
self.__dimensions['host'] = self.__host
if self.__value is not None:
self.__metricValues['value'] = self.__value
if self.__dimensions:
row['dimensions'] = self.__dimensions
if self.__metricValues:
row['metricValues'] = self.__metricValues
if row:
self.__data = [row]
req_params['Body'] = json.dumps(self.__data)
return req_params
def test_rsa_key_pair_signer_other_exception(self):
public_key_path = os.path.join(os.path.dirname(
__file__), "..", "..", "fixtures", "id_rsa.pub")
public_key_id = open(public_key_path).read()
private_key_path = os.path.join(os.path.dirname(
__file__), "..", "..", "fixtures", "id_rsa")
private_key_id = open(private_key_path).read()
# ok
credential = RsaKeyPairCredential(
public_key_id, private_key_id, session_period=3600)
signer = RsaKeyPairSigner(credential, "region_id")
# for rpc
request = RpcRequest("product", "version", "action_name")
self.assertIsNone(request.get_query_params().get("SecurityToken"))
signer._sts_client = Mock()
do_action = Mock()
do_action.side_effect = ServerException(
"BOOM", "msg")
signer._sts_client.do_action_with_exception = do_action
with self.assertRaises(ServerException) as se:
signer.sign('cn-hangzhou', request)
self.assertEqual("BOOM", se.exception.error_code)
self.assertEqual(
"msg", se.exception.message)
def test_ecs_ram_role_signer(self):
credential = RamRoleArnCredential(
"sts_access_key_id", "sts_access_key_secret", "role_arn", "session_role_name")
signer = RamRoleArnSigner(credential, self.do_action_200)
self.assertEqual("session_role_name",
signer._credential.session_role_name)
credential = RamRoleArnCredential(
"sts_access_key_id", "sts_access_key_secret", "role_arn", "")
signer2 = RamRoleArnSigner(credential, None)
self.assertTrue(
signer2._credential.session_role_name.startswith("aliyun-python-sdk-"))
request = RpcRequest("product", "version", "action_name")
headers, url = signer.sign('cn-hangzhou', request)
self.assertEqual(request.get_query_params().get(
"SecurityToken"), 'security_token')
# # self.assertEqual(url, '/?SignatureVersion=1.0&Format=None"
# "&Timestamp=2018-12-02T11%3A03%3A01Z&RegionId=cn-hangzhou"
# "&AccessKeyId=access_key_id&SignatureMethod=HMAC-SHA1&Version=version"
# "&Signature=AmdeJh1ZOW6PgwM3%2BROhEnbKII4%3D&Action=action_name"
# "&SignatureNonce=d5e6e832-7f95-4f26-9e28-017f735721f8&SignatureType=')
request = RoaRequest("product", "version",
"action_name", uri_pattern="/")
request.set_method('get')
self.assertIsNone(request.get_headers().get("x-acs-security-token"))
headers, url = signer.sign('cn-hangzhou', request)
self.assertEqual(request.get_headers().get(
"x-acs-security-token"), 'security_token')
request = RpcRequest("product", "version", "action_name")
signer3 = RamRoleArnSigner(credential, self.do_action_400)
with self.assertRaises(ServerException) as ex:
signer3.sign('cn-hangzhou', request)
self.assertEqual(
"refresh session token failed, server return: XXXX", ex.exception.message)
def test_rsa_key_pair_signer(self):
public_key_path = os.path.join(os.path.dirname(
__file__), "..", "..", "fixtures", "id_rsa.pub")
public_key_id = open(public_key_path).read()
private_key_path = os.path.join(os.path.dirname(
__file__), "..", "..", "fixtures", "id_rsa")
private_key_id = open(private_key_path).read()
# invalid session period
with self.assertRaises(ClientException) as ce:
credential = RsaKeyPairCredential(
public_key_id, private_key_id, session_period=12)
RsaKeyPairSigner(credential, "region_id")
self.assertEqual(
"Session expiration must between 900 and 3600 seconds", ce.exception.message)
# ok
credential = RsaKeyPairCredential(
public_key_id, private_key_id, session_period=3600)
signer = RsaKeyPairSigner(credential, "region_id")
# for rpc
request = RpcRequest("product", "version", "action_name")
self.assertIsNone(request.get_query_params().get("SecurityToken"))
signer._sts_client = Mock()
do_action = Mock()
do_action.return_value = ensure_bytes(
'{"SessionAccessKey":{"SessionAccessKeyId":"session_access_key_id",' +
'"SessionAccessKeySecret":"session_access_key_secret"}}')
signer._sts_client.do_action_with_exception = do_action
headers, url = signer.sign('cn-hangzhou', request)
# self.assertEqual(url, '/?SignatureVersion=1.0&Format=None"
# "&Timestamp=2018-12-02T11%3A03%3A01Z&RegionId=cn-hangzhou"
# "&AccessKeyId=access_key_id&SignatureMethod=HMAC-SHA1"
# "&Version=version&Signature=AmdeJh1ZOW6PgwM3%2BROhEnbKII4%3D"
# "&Action=action_name&SignatureNonce=d5e6e832-7f95-4f26-9e28-017f735721f8&SignatureType=')
# second
headers, url = signer.sign('cn-hangzhou', request)
# mock should update
signer._last_update_time = signer._last_update_time - signer._session_period - 10
headers, url = signer.sign('cn-hangzhou', request)
def test_rpc_request(self):
r = RpcRequest("product", "version", "action_name")
# accept format
self.assertIsNone(r.get_accept_format())
r.set_accept_format('json')
self.assertEqual(r.get_accept_format(), "json")
# action name
self.assertEqual(r.get_action_name(), "action_name")
r.set_action_name('new action name')
self.assertEqual(r.get_action_name(), "new action name")
# body params
self.assertDictEqual(r.get_body_params(), {})
r.set_body_params({'key': 'value'})
self.assertDictEqual(r.get_body_params(), {'key': 'value'})
r.add_body_params("key2", "value2")
self.assertDictEqual(r.get_body_params(), {
'key': 'value',
'key2': 'value2'
})
# content
self.assertIsNone(r.get_content())
r.set_content("content")
self.assertEqual(r.get_content(), "content")
# headers
self.assertDictEqual(r.get_headers(), {'x-sdk-invoke-type': 'normal'})
r.set_headers({})
self.assertDictEqual(r.get_headers(), {})
r.add_header("key", "value")
self.assertDictEqual(r.get_headers(), {"key": "value"})
# location endpoint type
self.assertEqual(r.get_location_endpoint_type(), 'openAPI')
# no set_location_endpoint_type ??
# location_service_code
self.assertEqual(r.get_location_service_code(), None)
r.set_location_service_code('new service code')
self.assertEqual(r.get_location_service_code(), 'new service code')
# method
self.assertEqual(r.get_method(), 'GET')
r.set_method('POST')
self.assertEqual(r.get_method(), 'POST')
# product
self.assertEqual(r.get_product(), 'product')
r.set_product('new-product')
self.assertEqual(r.get_product(), 'new-product')
# protocol_type
self.assertEqual(r.get_protocol_type(), "http")
r.set_protocol_type('https')
self.assertEqual(r.get_protocol_type(), "https")
# query params
self.assertDictEqual(r.get_query_params(), {})
r.set_query_params({'key': 'value'})
self.assertDictEqual(r.get_query_params(), {'key': 'value'})
r.add_query_param("key2", "value2")
self.assertDictEqual(r.get_query_params(), {
'key': 'value',
"key2": "value2"
})
# signed_header
self.assertEqual(r.get_signed_header(), {})
r.add_header("x-acs-xxx", "value")
self.assertDictEqual(r.get_signed_header(), {"x-acs-xxx": "value"})
# style
self.assertEqual(r.get_style(), "RPC")
# uri params
self.assertEqual(r.get_uri_params(), None)
r.set_uri_params({'user': "******"})
self.assertDictEqual(r.get_uri_params(), {'user': '******'})
# uri pattern
self.assertEqual(r.get_uri_pattern(), None)
r.set_uri_pattern('/users/:userid')
self.assertEqual(r.get_uri_pattern(), '/users/:userid')
# version
self.assertEqual(r.get_version(), "version")
r.set_version('2014-10-18')
self.assertEqual(r.get_version(), "2014-10-18")
# user-agent
self.assertEqual(r.get_headers().get('User-Agent'), None)
r.set_user_agent("user-agent")
self.assertEqual(r.get_headers().get('User-Agent'), "user-agent")
# content-type
self.assertEqual(r.get_headers().get('Content-Type'), None)
r.set_content_type("application/json")
self.assertEqual(r.get_headers().get('Content-Type'),
"application/json")
# endpoint
self.assertEqual(r.endpoint, None)
r.set_endpoint('endpoint')
self.assertEqual(r.endpoint, "endpoint")
