def test_auth_header_preserved_from_s3_redirects(self):
request = AWSRequest()
request.url = 'https://bucket.s3.amazonaws.com/'
request.method = 'GET'
request.headers['Authorization'] = 'original auth header'
prepared_request = request.prepare()
fake_response = Mock()
fake_response.headers = {
'location': 'https://bucket.s3-us-west-2.amazonaws.com'}
fake_response.url = request.url
fake_response.status_code = 307
fake_response.is_permanent_redirect = False
# This line is needed to disable the cookie handling
# code in requests.
fake_response.raw._original_response = None
success_response = Mock()
success_response.raw._original_response = None
success_response.is_redirect = False
success_response.status_code = 200
session = BotocoreHTTPSession()
session.send = Mock(return_value=success_response)
list(session.resolve_redirects(
fake_response, prepared_request, stream=False))
redirected_request = session.send.call_args[0][0]
# The Authorization header for the newly sent request should
# still have our original Authorization header.
self.assertEqual(
redirected_request.headers['Authorization'],
'original auth header')
def test_auth_header_preserved_from_s3_redirects(self):
request = AWSRequest()
request.url = 'https://bucket.s3.amazonaws.com/'
request.method = 'GET'
request.headers['Authorization'] = 'original auth header'
prepared_request = request.prepare()
fake_response = Mock()
fake_response.headers = {
'location': 'https://bucket.s3-us-west-2.amazonaws.com'}
fake_response.url = request.url
fake_response.status_code = 307
fake_response.is_permanent_redirect = False
# This line is needed to disable the cookie handling
# code in requests.
fake_response.raw._original_response = None
success_response = Mock()
success_response.raw._original_response = None
success_response.is_redirect = False
success_response.status_code = 200
session = BotocoreHTTPSession()
session.send = Mock(return_value=success_response)
list(session.resolve_redirects(
fake_response, prepared_request, stream=False))
redirected_request = session.send.call_args[0][0]
# The Authorization header for the newly sent request should
# still have our original Authorization header.
self.assertEqual(
redirected_request.headers['Authorization'],
'original auth header')
def send_response(event, context, response_status, response_data):
'''Send a resource manipulation status response to CloudFormation'''
response_body = json.dumps({
"Status":
response_status,
"Reason":
"See the details in CloudWatch Log Stream: " + context.log_stream_name,
"PhysicalResourceId":
context.log_stream_name,
"StackId":
event['StackId'],
"RequestId":
event['RequestId'],
"LogicalResourceId":
event['LogicalResourceId'],
"Data":
response_data
})
# params = '{"name": "hello"}'
headers = {'Content-Type': '', 'Content-Length': len(response_data)}
print('[INFO] - sending request to %s' % event['ResponseURL'])
request = AWSRequest(method="PUT",
url=event['ResponseURL'],
data=response_body,
headers=headers)
session = BotocoreHTTPSession()
r = session.send(request.prepare())
print('[INFO] - got status_code=%s' % r.status_code)
def post_data_to_es(payload,
region,
creds,
host,
path,
method='POST',
proto='https://'):
'''Post data to ES endpoint with SigV4 signed http headers'''
"""
Low-level POST data to Amazon Elasticsearch Service generating a Sigv4 signed request
:param payload:
:param region:
:param creds:
:param host:
:param path:
:param method:
:param proto:
:return:
"""
req = AWSRequest(method=method,
url=proto + host + urllib.quote(path),
data=payload,
headers={'Host': host})
SigV4Auth(creds, 'es', region).add_auth(req)
http_session = BotocoreHTTPSession()
res = http_session.send(req.prepare())
if 200 <= res.status_code <= 299:
return res._content
else:
raise ESException(res.status_code, res._content)
def post_data_to_es(payload,
region,
creds,
host,
path,
method='POST',
proto='https://'):
print("URL:{}".format(proto + host + path))
req = AWSRequest(method=method,
url=proto + host + path,
data=payload,
headers={
'Host': host,
'Content-Type': 'application/json'
})
SigV4Auth(creds, 'es', region).add_auth(req)
http_session = BotocoreHTTPSession()
res = http_session.send(req.prepare())
print("STATUS_CODE:{}".format(res.status_code))
print("CONTENT:{}".format(res._content))
print("ALL:{}".format(res))
if res.status_code >= 200 and res.status_code <= 299:
return res._content
else:
raise ES_Exception(res.status_code, res._content)
def post_data_to_es(payload, region, creds, host, path, method='POST', proto='https://'):
'''Post data to ES endpoint with SigV4 signed http headers'''
req = AWSRequest(method=method, url=proto + host + urllib.quote(path), data=payload, headers={'Host': host, 'Content-Type' : 'application/json'})
SigV4Auth(creds, 'es', region).add_auth(req)
http_session = BotocoreHTTPSession()
res = http_session.send(req.prepare())
if res.status_code >= 200 and res.status_code <= 299:
return res._content
else:
raise ES_Exception(res.status_code, res._content)
def post_data_to_opensearch(payload, region, creds, host, path, method='POST', proto='https://'):
'''Post data to OpenSearch endpoint with SigV4 signed http headers'''
req = AWSRequest(method=method, url=proto + host +
quote(path), data=payload, headers={'Host': host, 'Content-Type': 'application/json'})
# SigV4Auth may be expecting 'es' but need to swap with 'os' or 'OpenSearch'
SigV4Auth(creds, 'es', region).add_auth(req)
http_session = BotocoreHTTPSession()
res = http_session.send(req.prepare())
if res.status_code >= 200 and res.status_code <= 299:
return res._content
else:
raise Searchable_Exception(res.status_code, res._content)
def test_max_pool_conns_injects_custom_adapter(self):
http_adapter_cls = Mock(return_value=sentinel.HTTP_ADAPTER)
session = BotocoreHTTPSession(max_pool_connections=20,
http_adapter_cls=http_adapter_cls)
http_adapter_cls.assert_called_with(pool_maxsize=20)
self.assertEqual(session.adapters['https://'], sentinel.HTTP_ADAPTER)
self.assertEqual(session.adapters['http://'], sentinel.HTTP_ADAPTER)
def request(option):
logger.debug('option:{}'.format(option))
request = AWSRequest(method="GET",
url=os.environ["ES_ENDPOINT_URL"],
data=json.dumps(option))
if ("AWS_ACCESS_KEY_ID" in os.environ):
credentials = Credentials(os.environ["AWS_ACCESS_KEY_ID"],
os.environ["AWS_SECRET_ACCESS_KEY"],
os.environ["AWS_SESSION_TOKEN"])
SigV4Auth(credentials, "es",
os.environ["AWS_REGION"]).add_auth(request)
response = BotocoreHTTPSession().send(request.prepare())
result = response.json()
logger.debug('result:{}'.format(result))
if (("hits" in result) and ("hits" in result["hits"])):
return list(map(lambda n: n["_source"], result["hits"]["hits"]))
else:
return []
