def load(self):
"""
load the credential from the json configuration file.
"""
if self._conf is None:
return None
if not os.path.isfile(self._conf):
LOG.debug("Conf file at %s does not exist!" % self._conf)
raise NoCredentialsError()
try:
conf = json.loads(open(self._conf).read())
except Exception:
LOG.debug("Could not read conf: %s", exc_info=True)
return None
if ACCESS_KEY_ID not in conf:
LOG.debug('Auth config file is missing required key %s',
ACCESS_KEY_ID)
raise MalformedCredentialsError(provider=self.METHOD,
cred_var=ACCESS_KEY_ID)
LOG.debug('Found credentials for key: %s in configuration file.',
conf[ACCESS_KEY_ID])
access_key_id, private_key = self._extract_creds_from_mapping(
conf, ACCESS_KEY_ID, PRIVATE_KEY)
return Credentials(access_key_id, private_key, self.METHOD)
def load(self):
"""
Search for credentials in explicit environment variables.
"""
if self._mapping[ACCESS_KEY_ID] in self.environ:
access_key_id, private_key = self._extract_creds_from_mapping(
self.environ, self._mapping[ACCESS_KEY_ID],
self._mapping[PRIVATE_KEY])
LOG.info('Found credentials in environment variables.')
private_key_value = None
# For compatibility, assume the PRIVATE_KEY is a path to a file
# containing the key. Only if there is no file, should the value
# be checked to see if it's an actual key.
if not os.path.isfile(private_key):
if Ed25519v1Auth.detect_private_key(private_key):
private_key_value = private_key
else:
LOG.debug("Private key at %s does not exist!" %
private_key)
raise NoCredentialsError()
else:
private_key_value = open(private_key).read()
return Credentials(access_key_id,
private_key_value,
method=self.METHOD)
else:
return None
def add_auth(self, request):
if self._credentials is None:
raise NoCredentialsError(
err_msg='Credentials not available for request signing')
if 'Authorization' in request.headers:
raise Exception("Authorization found in headers!")
request.headers['Authorization'] = self._credentials.access_token
def add_auth(self, request):
if self.credentials is None:
raise NoCredentialsError(
err_msg='Credentials not available for request signing')
LOG.debug("Calculating signature using %s." % self.auth_method)
LOG.debug('HTTP request method: %s', request.method)
split = urlsplit(request.url)
signature = self._get_signature(request.method, split, request.headers)
self._inject_signature(request, signature)
def load_credentials(self):
"""
Goes through the credentials chain, returning the first ``Credentials``
that could be loaded.
"""
# First provider to return a non-None response wins.
for provider in self.providers:
LOG.debug("Looking for credentials via: %s", provider.METHOD)
creds = provider.load()
if creds is not None:
return creds
raise NoCredentialsError()
def load(self):
"""
Search for credentials in explicit environment variables.
"""
if self._mapping[ACCESS_KEY_ID] in self.environ:
access_key_id, private_key = self._extract_creds_from_mapping(
self.environ, self._mapping[ACCESS_KEY_ID],
self._mapping[PRIVATE_KEY])
LOG.info('Found credentials in environment variables.')
private_key_value = None
# For compatibility, assume the PRIVATE_KEY is a path to a file
# containing the key. Only if there is no file, should the value
# be checked to see if it's an actual key.
if not os.path.isfile(private_key):
if Ed25519v1Auth.detect_private_key(private_key):
private_key_value = private_key
else:
raise NoCredentialsError(
err_msg='Private key file {} does not exist'.format(private_key))
else:
private_key_value = open(private_key).read()
return Credentials(access_key_id=access_key_id,
private_key=private_key_value,
method=self.METHOD)
elif self._mapping[ACCESS_TOKEN] in self.environ:
access_token = self._extract_creds_from_mapping(
self.environ, self._mapping[ACCESS_TOKEN])
LOG.info('Found access token in environment variables.')
if not AccessTokenAuth.is_access_token(access_token):
LOG.debug('Invalid access token {}'.format(access_token))
raise NoCredentialsError(
err_msg='Invalid access token (see debug log for value)')
return Credentials(access_token=access_token,
method=self.METHOD)
else:
return None
def load(self):
"""
load the credential from the json configuration file.
"""
if self._conf is None:
return None
if not os.path.isfile(self._conf):
raise NoCredentialsError(
err_msg="Config file {} not found".format(self._conf))
try:
conf = json.loads(open(self._conf).read())
except Exception:
LOG.debug("Could not read conf: %s", exc_info=True)
return None
if ACCESS_KEY_ID in conf or PRIVATE_KEY in conf:
LOG.debug('Found credentials for key: %s in configuration file.',
conf[ACCESS_KEY_ID])
access_key_id, private_key = self._extract_creds_from_mapping(
conf,
ACCESS_KEY_ID,
PRIVATE_KEY)
return Credentials(access_key_id=access_key_id,
private_key=private_key,
method=self.METHOD)
elif ACCESS_TOKEN in conf:
LOG.debug('Found access-token in configuration file.')
access_token = self._extract_creds_from_mapping(conf, ACCESS_TOKEN)
return Credentials(access_token=access_token,
method=self.METHOD)
else:
cred_vars = '%s or %s' % (ACCESS_KEY_ID, ACCESS_TOKEN)
LOG.debug('Auth config file is missing required key %s',
cred_vars)
raise MalformedCredentialsError(provider=self.METHOD,
cred_var=cred_vars)
def load_credentials(self):
"""
Goes through the credentials chain, returning the first ``Credentials``
that could be loaded.
"""
# Grab this during the scan in case no credentials are available.
creds_expanded_path = None
# First provider to return a non-None response wins.
for provider in self.providers:
LOG.debug("Looking for credentials via: %s", provider.METHOD)
if isinstance(provider, SharedCredentialProvider):
creds_expanded_path = provider.get_creds_expanded_path()
creds = provider.load()
if creds is not None:
return creds
err_msg = "No credentials found anywhere in chain"
if creds_expanded_path:
err_msg += ". The shared credentials file should be stored at {}"\
.format(creds_expanded_path)
raise NoCredentialsError(err_msg=err_msg)