def sign(self, request: PreparedRequest, credentials: Optional[Credentials]) -> PreparedRequest: if credentials is None: raise CredentialsException("Failed to resolve credentials") alg = AwsSigningAlgorithm(self.algorithm) sig_type = AwsSignatureType(self.signature_type) credential_provider = AwsCredentialsProvider.new_static( credentials.access_key_id, credentials.secret_access_key, credentials.session_token, ) config = AwsSigningConfig( algorithm=alg, signature_type=sig_type, credentials_provider=credential_provider, region=self.region, service=self.service_name, signed_body_value=AwsSignedBodyValue.EMPTY_SHA256, signed_body_header_type=AwsSignedBodyHeaderType.NONE, ) crt_request = _convert_request(request) signed_request = aws_sign_request(crt_request, config).result() request.headers = HeadersDict(dict(signed_request.headers)) return request
def test_websockets_default(self): config = Config.get() elg = EventLoopGroup() resolver = DefaultHostResolver(elg) bootstrap = ClientBootstrap(elg, resolver) cred_provider = AwsCredentialsProvider.new_default_chain(bootstrap) connection = awsiot_mqtt_connection_builder.websockets_with_default_aws_signing( region=config.region, credentials_provider=cred_provider, endpoint=config.endpoint, client_id=create_client_id(), client_bootstrap=bootstrap) self._test_connection(connection)
def test_websockets_proxy(self): config = Config.get() elg = EventLoopGroup() resolver = DefaultHostResolver(elg) bootstrap = ClientBootstrap(elg, resolver) cred_provider = AwsCredentialsProvider.new_default_chain(bootstrap) connection = mqtt_connection_builder.websockets_with_default_aws_signing( credentials_provider=cred_provider, websocket_proxy_options=HttpProxyOptions(PROXY_HOST, PROXY_PORT), endpoint=config.endpoint, region=config.region, client_id=create_client_id(), client_bootstrap=bootstrap) self._test_connection(connection)
def test_websockets_sts(self): """Websocket connection with X-Amz-Security-Token query param""" config = Config.get() elg = EventLoopGroup() resolver = DefaultHostResolver(elg) bootstrap = ClientBootstrap(elg, resolver) cred_provider = AwsCredentialsProvider.new_static( access_key_id=config.cognito_creds['AccessKeyId'], secret_access_key=config.cognito_creds['SecretKey'], session_token=config.cognito_creds['SessionToken']) connection = awsiot_mqtt_connection_builder.websockets_with_default_aws_signing( region=config.region, credentials_provider=cred_provider, endpoint=config.endpoint, client_id=create_client_id(), client_bootstrap=bootstrap) self._test_connection(connection)
def s3_client_new(secure, region, part_size=0): event_loop_group = EventLoopGroup() host_resolver = DefaultHostResolver(event_loop_group) bootstrap = ClientBootstrap(event_loop_group, host_resolver) credential_provider = AwsCredentialsProvider.new_default_chain(bootstrap) tls_option = None if secure: opt = TlsContextOptions() ctx = ClientTlsContext(opt) tls_option = TlsConnectionOptions(ctx) s3_client = S3Client(bootstrap=bootstrap, region=region, credential_provider=credential_provider, tls_connection_options=tls_option, part_size=part_size) return s3_client
def create_s3_crt_client(region, botocore_credential_provider=None, num_threads=None, target_throughput=5 * GB / 8, part_size=8 * MB, use_ssl=True, verify=None): """ :type region: str :param region: The region used for signing :type botocore_credential_provider: Optional[botocore.credentials.CredentialResolver] :param botocore_credential_provider: Provide credentials for CRT to sign the request if not set, the request will not be signed :type num_threads: Optional[int] :param num_threads: Number of worker threads generated. Default is the number of processors in the machine. :type target_throughput: Optional[int] :param target_throughput: Throughput target in Bytes. Default is 0.625 GB/s (which translates to 5 Gb/s). :type part_size: Optional[int] :param part_size: Size, in Bytes, of parts that files will be downloaded or uploaded in. :type use_ssl: boolean :param use_ssl: Whether or not to use SSL. By default, SSL is used. Note that not all services support non-ssl connections. :type verify: Optional[boolean/string] :param verify: Whether or not to verify SSL certificates. By default SSL certificates are verified. You can provide the following values: * False - do not validate SSL certificates. SSL will still be used (unless use_ssl is False), but SSL certificates will not be verified. * path/to/cert/bundle.pem - A filename of the CA cert bundle to use. Specify this argument if you want to use a custom CA cert bundle instead of the default one on your system. """ event_loop_group = EventLoopGroup(num_threads) host_resolver = DefaultHostResolver(event_loop_group) bootstrap = ClientBootstrap(event_loop_group, host_resolver) provider = None tls_connection_options = None tls_mode = S3RequestTlsMode.ENABLED if use_ssl \ else S3RequestTlsMode.DISABLED if verify is not None: tls_ctx_options = TlsContextOptions() if verify: tls_ctx_options.override_default_trust_store_from_path( ca_filepath=verify) else: tls_ctx_options.verify_peer = False client_tls_option = ClientTlsContext(tls_ctx_options) tls_connection_options = client_tls_option.new_connection_options() if botocore_credential_provider: credentails_provider_adapter = CRTCredentialProviderAdapter( botocore_credential_provider) provider = AwsCredentialsProvider.new_delegate( credentails_provider_adapter) target_gbps = target_throughput * 8 / GB return S3Client( bootstrap=bootstrap, region=region, credential_provider=provider, part_size=part_size, tls_mode=tls_mode, tls_connection_options=tls_connection_options, throughput_target_gbps=target_gbps)
def __init__(self, eventloop): self._crt_resolver = AwsCredentialsProvider.new_default_chain( eventloop)
bucket_name = "aws-crt-python-s3-testing-bucket" object_name = "/0_10GB.txt" file_name = "." + object_name object_real_name = "/0_10GB" suffix = ".txt" repeat_times = 1 bunch_size = 160 writing_disk = True request_type = "download" # Initialization event_loop_group = EventLoopGroup(18) host_resolver = DefaultHostResolver(event_loop_group) bootstrap = ClientBootstrap(event_loop_group, host_resolver) credential_provider = AwsCredentialsProvider.new_default_chain(bootstrap) s3_client = S3Client( bootstrap=bootstrap, region="us-west-2", credential_provider=credential_provider, throughput_target_gbps=100) t_statistic = Statistics() headers = HttpHeaders([("host", bucket_name + ".s3." + region + ".amazonaws.com")]) request = HttpRequest("GET", object_name, headers) # file_stats = os.stat(file_name) # data_len = file_stats.st_size # data_stream = CrtLazyReadStream(file_name, "r+b", t_statistic, data_len)