Exemplo n.º 1
0
    def _get_presigned_url(self, cluster_name, role_arn):
        session = self._session_handler.get_session(self._region_name,
                                                    role_arn)

        if self._region_name is None:
            self._region_name = session.get_config_variable('region')

        loader = botocore.loaders.create_loader()
        data = loader.load_data("endpoints")
        endpoint_resolver = botocore.regions.EndpointResolver(data)
        endpoint = endpoint_resolver.construct_endpoint(
            AUTH_SERVICE, self._region_name)
        signer = RequestSigner(ServiceId(AUTH_SERVICE), self._region_name,
                               AUTH_SERVICE, AUTH_SIGNING_VERSION,
                               session.get_credentials(),
                               session.get_component('event_emitter'))
        action_params = 'Action=' + AUTH_COMMAND + '&Version=' + AUTH_API_VERSION
        params = {
            'method': 'GET',
            'url': 'https://' + endpoint["hostname"] + '/?' + action_params,
            'body': {},
            'headers': {
                CLUSTER_NAME_HEADER: cluster_name
            },
            'context': {}
        }

        url = signer.generate_presigned_url(
            params,
            region_name=endpoint["credentialScope"]["region"],
            operation_name='',
            expires_in=URL_TIMEOUT)
        return url
Exemplo n.º 2
0
    def test_region_required_for_sigv4(self):
        self.signer = RequestSigner(ServiceId('service_name'), None,
                                    'signing_name', 'v4', self.credentials,
                                    self.emitter)

        with self.assertRaises(NoRegionError):
            self.signer.sign('operation_name', self.request)
Exemplo n.º 3
0
async def test_testsigner_region_required_for_sig4(base_signer_setup: dict):
    signer = aiobotocore.signers.AioRequestSigner(
        ServiceId('service_name'), None, 'signing_name', 'v4',
        base_signer_setup['credentials'], base_signer_setup['emitter'])

    with pytest.raises(NoRegionError):
        await signer.sign('operation_name', base_signer_setup['request'])
Exemplo n.º 4
0
    def setUp(self):
        super(TestS3PostPresigner, self).setUp()
        self.request_signer = RequestSigner(
            ServiceId('service_name'), 'region_name', 'signing_name',
            's3v4', self.credentials, self.emitter)
        self.signer = S3PostPresigner(self.request_signer)
        self.request_dict = {
            'headers': {},
            'url': 'https://s3.amazonaws.com/mybucket',
            'body': b'',
            'url_path': '/',
            'method': 'POST',
            'context': {}
        }
        self.auth = mock.Mock()
        self.auth.REQUIRES_REGION = True
        self.add_auth = mock.Mock()
        self.auth.return_value.add_auth = self.add_auth
        self.fixed_credentials = self.credentials.get_frozen_credentials()

        self.datetime_patch = mock.patch('botocore.signers.datetime')
        self.datetime_mock = self.datetime_patch.start()
        self.fixed_date = datetime.datetime(2014, 3, 10, 17, 2, 55, 0)
        self.fixed_delta = datetime.timedelta(seconds=3600)
        self.datetime_mock.datetime.utcnow.return_value = self.fixed_date
        self.datetime_mock.timedelta.return_value = self.fixed_delta
Exemplo n.º 5
0
 def setUp(self):
     self.credentials = Credentials('key', 'secret')
     self.emitter = mock.Mock()
     self.emitter.emit_until_response.return_value = (None, None)
     self.signer = RequestSigner(ServiceId('service_name'), 'region_name',
                                 'signing_name', 'v4', self.credentials,
                                 self.emitter)
     self.fixed_credentials = self.credentials.get_frozen_credentials()
Exemplo n.º 6
0
 def setUp(self):
     super(TestRetryInterface, self).setUp()
     self.retried_on_exception = None
     self._operation = Mock(spec=OperationModel)
     self._operation.name = 'DescribeInstances'
     self._operation.metadata = {'protocol': 'query'}
     self._operation.service_model.service_id = ServiceId('EC2')
     self._operation.has_streaming_output = False
     self._operation.has_event_stream_output = False
Exemplo n.º 7
0
def sign_botocore():
    request = AWSRequest(
        "POST",
        URL_STRING,
        data=json.dumps(PAYLOAD, separators=(",", ":")).encode("utf-8"),
    )
    emitter = HierarchicalEmitter()
    RequestSigner(
        ServiceId(SERVICE_NAME), REGION, SERVICE_NAME, "v4", CREDENTIALS, emitter
    ).sign(ACTION, request)
Exemplo n.º 8
0
 def test_presigned_post_throws_unsupported_signature_error(self):
     request_dict = {
         'headers': {},
         'url': 'https://s3.amazonaws.com/mybucket/myobject',
         'body': b'',
         'url_path': '/',
         'method': 'POST',
         'context': {}
     }
     self.request_signer = RequestSigner(
         ServiceId('service_name'), 'region_name', 'signing_name',
         'foo', self.credentials, self.emitter)
     self.signer = S3PostPresigner(self.request_signer)
     with self.assertRaises(UnsupportedSignatureVersionError):
         self.signer.generate_presigned_post(request_dict)
Exemplo n.º 9
0
async def base_signer_setup() -> dict:
    emitter = mock.AsyncMock()
    emitter.emit_until_response.return_value = (None, None)
    credentials = aiobotocore.credentials.AioCredentials('key', 'secret')

    signer = aiobotocore.signers.AioRequestSigner(ServiceId('service_name'),
                                                  'region_name', 'signing_name',
                                                  'v4', credentials, emitter)
    return {
        'credentials': credentials,
        'emitter': emitter,
        'signer': signer,
        'fixed_credentials': await credentials.get_frozen_credentials(),
        'request': AWSRequest()
    }
Exemplo n.º 10
0
 def test_no_credentials_case_is_forwarded_to_signer(self):
     # If no credentials are given to the RequestSigner, we should
     # forward that fact on to the Auth class and let them handle
     # the error (which they already do).
     self.credentials = None
     self.signer = RequestSigner(ServiceId('service_name'), 'region_name',
                                 'signing_name', 'v4', self.credentials,
                                 self.emitter)
     auth_cls = mock.Mock()
     with mock.patch.dict(botocore.auth.AUTH_TYPE_MAPS, {'v4': auth_cls}):
         self.signer.get_auth_instance('service_name', 'region_name', 'v4')
         auth_cls.assert_called_with(
             service_name='service_name',
             region_name='region_name',
             credentials=None,
         )
Exemplo n.º 11
0
    def test_signer_with_refreshable_credentials_gets_credential_set(self):
        class FakeCredentials(Credentials):
            def get_frozen_credentials(self):
                return ReadOnlyCredentials('foo', 'bar', 'baz')
        self.credentials = FakeCredentials('a', 'b', 'c')

        self.signer = RequestSigner(
            ServiceId('service_name'), 'region_name', 'signing_name',
            'v4', self.credentials, self.emitter)

        auth_cls = mock.Mock()
        with mock.patch.dict(botocore.auth.AUTH_TYPE_MAPS,
                             {'v4': auth_cls}):
            auth = self.signer.get_auth('service_name', 'region_name')
            self.assertEqual(auth, auth_cls.return_value)
            # Note we're called with 'foo', 'bar', 'baz', and *not*
            # 'a', 'b', 'c'.
            auth_cls.assert_called_with(
                credentials=ReadOnlyCredentials('foo', 'bar', 'baz'),
                service_name='service_name',
                region_name='region_name')
Exemplo n.º 12
0
 def setUp(self):
     super(TestRetryInterface, self).setUp()
     self.retried_on_exception = None
     self._operation = Mock(spec=OperationModel)
     self._operation.service_model.service_id = ServiceId('ec2')