def test_authenticate_valid_presigned_url_with_query(self):
escher = Escher(self.credential_scope, self.get_options('2011-05-11T12:00:00.000Z'))
uri = '/something?foo=bar&baz=barbaz&X-EMS-Algorithm=EMS-HMAC-SHA256&X-EMS-Credentials=th3K3y%2F20110511%2Fus-east-1%2Fhost%2Faws4_request&X-EMS-Date=20110511T120000Z&X-EMS-Expires=123456&X-EMS-SignedHeaders=host&X-EMS-Signature=fbc9dbb91670e84d04ad2ae7505f4f52ab3ff9e192b8233feeae57e9022c2b67'
result = escher.authenticate(self.get_request(uri), self.key_db)
self.assertEqual('th3K3y', result)
def test_authenticate_error_presigned_url_invalid_escher_key(self):
escher = Escher(self.credential_scope, self.get_options('2011-05-11T12:00:00.000Z'))
try:
uri = '/something?foo=bar&baz=barbaz&X-EMS-Algorithm=EMS-HMAC-SHA256&X-EMS-Credentials=INVALID%2F20110511%2Fus-east-1%2Fhost%2Faws4_request&X-EMS-Date=20110511T120000Z&X-EMS-Expires=123456&X-EMS-SignedHeaders=host&X-EMS-Signature=fbc9dbb91670e84d04ad2ae7505f4f52ab3ff9e192b8233feeae57e9022c2b67'
escher.authenticate(self.get_request(uri), self.key_db)
self.fail('No exception thrown')
except EscherException as e:
self.assertEqual('Invalid Escher key', str(e))
def setUp(self):
self.escher = Escher(
'us-east-1/host/aws4_request', {
'algo_prefix': 'AWS4',
'vendor_key': 'AWS4',
'hash_algo': 'SHA256',
'auth_header_name': 'Authorization',
'date_header_name': 'Date',
'current_time': datetime.datetime(2011, 9, 9, 23, 36)
})
class EscherAuthAmazonTest(unittest.TestCase):
def setUp(self):
self.escher = Escher(
'us-east-1/host/aws4_request', {
'algo_prefix': 'AWS4',
'vendor_key': 'AWS4',
'hash_algo': 'SHA256',
'auth_header_name': 'Authorization',
'date_header_name': 'Date',
'current_time': datetime.datetime(2011, 9, 9, 23, 36)
})
@parameterized.expand([
('get-header-value-trim'),
('get-relative'),
('get-relative-relative'),
('get-slash'),
('get-slash-dot-slash'),
('get-slash-pointless-dot'),
('get-slashes'),
('get-space'),
('get-unreserved'),
('get-utf8'),
('get-vanilla'),
('get-vanilla-empty-query-key'),
('get-vanilla-query'),
('get-vanilla-query-order-key'),
('get-vanilla-query-order-key-case'),
('get-vanilla-query-order-value'),
('get-vanilla-query-unreserved'),
('get-vanilla-ut8-query'),
('post-header-key-case'),
('post-header-key-sort'),
('post-header-value-case'),
('post-vanilla'),
('post-vanilla-empty-query-value'),
('post-vanilla-query'),
('post-vanilla-query-nonunreserved'),
('post-vanilla-query-space'),
('post-x-www-form-urlencoded'),
('post-x-www-form-urlencoded-parameters'),
])
def test_signing(self, testcase):
suite = 'aws4'
request = read_request(suite, testcase)
request_signed = read_request(suite, testcase, 'sreq')
headers_to_sign = [header[0].lower() for header in request['headers']]
request = self.escher.sign(
request, {
'api_key': 'AKIDEXAMPLE',
'api_secret': 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY'
}, headers_to_sign)
self.assertEqual(request.get('method'), request_signed.get('method'))
self.assertEqual(request.get('host'), request_signed.get('host'))
self.assertEqual(request.get('uri'), request_signed.get('uri'))
self.assertListEqual(request.get('headers'),
request_signed.get('headers'))
self.assertEqual(request.get('body'), request_signed.get('body'))
def setUp(self):
self.escher = Escher('us-east-1/host/aws4_request', {
'algo_prefix': 'AWS4',
'vendor_key': 'AWS4',
'hash_algo': 'SHA256',
'auth_header_name': 'Authorization',
'date_header_name': 'Date',
'current_time': datetime.datetime(2011, 9, 9, 23, 36)
})
class EscherAuthAmazonTest(unittest.TestCase):
def setUp(self):
self.escher = Escher('us-east-1/host/aws4_request', {
'algo_prefix': 'AWS4',
'vendor_key': 'AWS4',
'hash_algo': 'SHA256',
'auth_header_name': 'Authorization',
'date_header_name': 'Date',
'current_time': datetime.datetime(2011, 9, 9, 23, 36)
})
@parameterized.expand([
('get-header-value-trim'),
('get-relative'),
('get-relative-relative'),
('get-slash'),
('get-slash-dot-slash'),
('get-slash-pointless-dot'),
('get-slashes'),
('get-space'),
('get-unreserved'),
('get-utf8'),
('get-vanilla'),
('get-vanilla-empty-query-key'),
('get-vanilla-query'),
('get-vanilla-query-order-key'),
('get-vanilla-query-order-key-case'),
('get-vanilla-query-order-value'),
('get-vanilla-query-unreserved'),
('get-vanilla-ut8-query'),
('post-header-key-case'),
('post-header-key-sort'),
('post-header-value-case'),
('post-vanilla'),
('post-vanilla-empty-query-value'),
('post-vanilla-query'),
('post-vanilla-query-nonunreserved'),
('post-vanilla-query-space'),
('post-x-www-form-urlencoded'),
('post-x-www-form-urlencoded-parameters'),
])
def test_signing(self, testcase):
suite = 'aws4'
request = read_request(suite, testcase)
request_signed = read_request(suite, testcase, 'sreq')
headers_to_sign = [header[0].lower() for header in request['headers']]
request = self.escher.sign(request, {
'api_key': 'AKIDEXAMPLE',
'api_secret': 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY'
}, headers_to_sign)
self.assertEqual(request.get('method'), request_signed.get('method'))
self.assertEqual(request.get('host'), request_signed.get('host'))
self.assertEqual(request.get('uri'), request_signed.get('uri'))
self.assertListEqual(request.get('headers'), request_signed.get('headers'))
self.assertEqual(request.get('body'), request_signed.get('body'))
