def _resolve_signature_version(self, service_name, resolved): # Client config overrides everything. client = self.client_config if client and client.signature_version is not None: return client.signature_version # Scoped config overrides picking from the endpoint metadata. scoped = self.scoped_config if scoped is not None: service_config = scoped.get(service_name) if service_config is not None and isinstance(service_config, dict): version = service_config.get('signature_version') if version: logger.debug( "Switching signature version for service %s " "to version %s based on config file override.", service_name, version) return version # Pick a signature version from the endpoint metadata if present. if 'signatureVersions' in resolved: potential_versions = resolved['signatureVersions'] if service_name == 's3': # We currently prefer s3 over s3v4. if 's3' in potential_versions: return 's3' elif 's3v4' in potential_versions: return 's3v4' if 'v4' in potential_versions: return 'v4' # Now just iterate over the signature versions in order until we # find the first one that is known to Botocore. for known in AUTH_TYPE_MAPS: if known in potential_versions: return known raise UnknownSignatureVersionError( signature_version=resolved.get('signatureVersions'))
def _get_auth(signature_version, credentials, service_name, region_name): cls = AUTH_TYPE_MAPS.get(signature_version) if cls is None: raise UnknownSignatureVersionError(signature_version=signature_version) else: kwargs = {'credentials': credentials} if cls.REQUIRES_REGION: if region_name is None: raise botocore.exceptions.NoRegionError( env_var='AWS_DEFAULT_REGION') kwargs['region_name'] = region_name kwargs['service_name'] = service_name return cls(**kwargs)
def _get_auth(signature_version, credentials, service_name, region_name, service_object): cls = AUTH_TYPE_MAPS.get(signature_version) if cls is None: raise UnknownSignatureVersionError(signature_version=signature_version) else: kwargs = {'credentials': credentials} if cls.REQUIRES_REGION: if region_name is None: envvar_name = service_object.session.session_var_map['region'][1] raise botocore.exceptions.NoRegionError(env_var=envvar_name) kwargs['region_name'] = region_name kwargs['service_name'] = service_name return cls(**kwargs)
def get_auth_instance(self, signing_name, region_name, signature_version=None, **kwargs): """ Get an auth instance which can be used to sign a request using the given signature version. :type signing_name: string :param signing_name: Service signing name. This is usually the same as the service name, but can differ. E.g. ``emr`` vs. ``elasticmapreduce``. :type region_name: string :param region_name: Name of the service region, e.g. ``us-east-1`` :type signature_version: string :param signature_version: Signature name like ``v4``. :rtype: :py:class:`~botocore.auth.BaseSigner` :return: Auth instance to sign a request. """ if signature_version is None: signature_version = self._signature_version cls = botocore.auth.AUTH_TYPE_MAPS.get(signature_version) if cls is None: raise UnknownSignatureVersionError( signature_version=signature_version) # If there's no credentials provided (i.e credentials is None), # then we'll pass a value of "None" over to the auth classes, # which already handle the cases where no credentials have # been provided. frozen_credentials = None if self._credentials is not None: frozen_credentials = self._credentials.get_frozen_credentials() kwargs['credentials'] = frozen_credentials if cls.REQUIRES_REGION: if self._region_name is None: raise botocore.exceptions.NoRegionError() kwargs['region_name'] = region_name kwargs['service_name'] = signing_name auth = cls(**kwargs) return auth
def get_auth(self, signing_name, region_name, signature_version=None, **kwargs): """ Get an auth instance which can be used to sign a request using the given signature version. :type signing_name: string :param signing_name: Service signing name. This is usually the same as the service name, but can differ. E.g. ``emr`` vs. ``elasticmapreduce``. :type region_name: string :param region_name: Name of the service region, e.g. ``us-east-1`` :type signature_version: string :param signature_version: Signature name like ``v4``. :rtype: :py:class:`~botocore.auth.BaseSigner` :return: Auth instance to sign a request. """ if signature_version is None: signature_version = self._signature_version expires = kwargs.get('expires') cache_key = self._get_signer_cache_key(signature_version, region_name, signing_name, expires) if cache_key and cache_key in self._cache: return self._cache[cache_key] cls = botocore.auth.AUTH_TYPE_MAPS.get(signature_version) if cls is None: raise UnknownSignatureVersionError( signature_version=signature_version) kwargs['credentials'] = self._credentials if cls.REQUIRES_REGION: if self._region_name is None: raise botocore.exceptions.NoRegionError() kwargs['region_name'] = region_name kwargs['service_name'] = signing_name auth = cls(**kwargs) # Only cache the client if a cache key was created. if cache_key: self._cache[cache_key] = auth return auth
def _resolve_signature_version(self, service_name, resolved): configured_version = _get_configured_signature_version( service_name, self.client_config, self.scoped_config) if configured_version is not None: return configured_version # Pick a signature version from the endpoint metadata if present. if 'signatureVersions' in resolved: potential_versions = resolved['signatureVersions'] if service_name == 's3': return 's3v4' if 'v4' in potential_versions: return 'v4' # Now just iterate over the signature versions in order until we # find the first one that is known to Botocore. for known in potential_versions: if known in AUTH_TYPE_MAPS: return known raise UnknownSignatureVersionError( signature_version=resolved.get('signatureVersions'))
def get_auth(self, signing_name, region_name, signature_version=None): """ Get an auth instance which can be used to sign a request using the given signature version. :type signing_name: string :param signing_name: Service signing name. This is usually the same as the service name, but can differ. E.g. ``emr`` vs. ``elasticmapreduce``. :type region_name: string :param region_name: Name of the service region, e.g. ``us-east-1`` :type signature_version: string :param signature_version: Signature name like ``v4``. :rtype: :py:class:`~botocore.auth.BaseSigner` :return: Auth instance to sign a request. """ if signature_version is None: signature_version = self._signature_version key = '{0}.{1}.{2}'.format(signature_version, region_name, signing_name) if key in self._cache: return self._cache[key] cls = botocore.auth.AUTH_TYPE_MAPS.get(signature_version) if cls is None: raise UnknownSignatureVersionError( signature_version=signature_version) else: kwargs = {'credentials': self._credentials} if cls.REQUIRES_REGION: if self._region_name is None: raise botocore.exceptions.NoRegionError( env_var='AWS_DEFAULT_REGION') kwargs['region_name'] = region_name kwargs['service_name'] = signing_name auth = cls(**kwargs) self._cache[key] = auth return auth