def scope_and_sign(self, normalized_request, signing_options):
if normalized_request == None or not type(normalized_request) is Request:
raise Exception("normalized_request must be of type Pandexio.Request and cannot be None")
if (
normalized_request.path == None
or not type(normalized_request.path) is str
or normalized_request.path.strip() == ""
or not normalized_request.path[0] == "/"
):
raise Exception("normalized_request.path must be of type str and must start with a slash")
if normalized_request.query_parameters == None or not type(normalized_request.query_parameters) is dict:
raise Exception("normalized_request.query_parameters must be of type dict and cannot be None")
if normalized_request.headers == None or not type(normalized_request.headers) is dict:
raise Exception("normalized_request.headers must be of type dict and cannot be None")
if signing_options == None or not type(signing_options) is SigningOptions:
raise Exception("signing_options must be of type Pandexio.SigningOptions cannot be None")
if (
signing_options.domain_id == None
or not type(signing_options.domain_id) is str
or signing_options.domain_id.strip() == ""
):
raise Exception("signing_options.domain_id must be of type str and cannot be None or empty")
if (
signing_options.domain_key == None
or not type(signing_options.domain_key) is str
or signing_options.domain_key.strip() == ""
):
raise Exception("signing_options.domain_key must be of type str and cannot be None or empty")
if (
signing_options.algorithm == None
or not type(signing_options.algorithm) is str
or not SigningAlgorithms.is_valid(signing_options.algorithm)
):
raise Exception("signing_options.algorithm cannot be None and must be a valid signing algorithm")
if (
signing_options.mechanism == None
or not type(signing_options.mechanism) is str
or not SigningMechanisms.is_valid(signing_options.mechanism)
):
raise Exception("signing_options.mechanism cannot be None and must be a valid signing mechanism")
if signing_options.date == None or not type(signing_options.date) is datetime:
raise Exception("signing_options.date cannot be None and must be a datetime")
if (
signing_options.expires == None
or not type(signing_options.expires) is int
or not signing_options.expires > 0
):
raise Exception("signing_options.expires cannot be None and must be an int greater than zero")
if (
signing_options.originator == None
or not type(signing_options.originator) is str
or signing_options.originator.strip() == ""
):
raise Exception("signing_options.originator must be of type str and cannot be None or empty")
if (
signing_options.email_address == None
or not type(signing_options.email_address) is str
or signing_options.email_address.strip() == ""
):
raise Exception("signing_options.email_address must be of type str and cannot be None or empty")
if (
signing_options.display_name == None
or not type(signing_options.display_name) is str
or signing_options.display_name.strip() == ""
):
raise Exception("signing_options.display_name must be of type str and cannot be None or empty")
scope = self.extract_scope(normalized_request)
authorized_request = self.build_authorized_request(normalized_request, signing_options)
return scope, authorized_request
def build_canonical_payload(self, payload, signing_options):
if payload is None:
return ""
digest = SigningAlgorithms.to_digest(payload, signing_options.algorithm)
canonical_payload = digest.hexdigest()
return canonical_payload
def generate_signature(self, string_to_sign, signing_options):
hmac = SigningAlgorithms.to_hmac(signing_options.domain_key, string_to_sign, signing_options.algorithm)
signature = hmac.hexdigest()
return signature
