← Back to branch summary

~tribaal/txaws/xss-hardening

« back to all changes in this revision

Viewing changes to txaws/storage/client.py

  • Committer: Robert Collins
  • Date: 2009-04-26 08:32:36 UTC
  • mto: This revision was merged to the branch mainline in revision 4.
  • Revision ID: robertc@robertcollins.net-20090426083236-hmgjgjd7kni0vxjm
Various refactorings and [minor] cleanups, start of a GUI client, a new credentials and utils module.

Show diffs side-by-side

added added

removed removed

Lines of Context:
txaws/storage/client.py
8
8
"""
9
9
 
10
10
 
11
 
from hashlib import md5, sha1
12
 
import hmac
 
11
from hashlib import md5
13
12
from base64 import b64encode
14
13
 
15
14
try:
22
21
from twisted.web.client import getPage
23
22
from twisted.web.http import datetimeToString
24
23
 
 
24
from txaws.credentials import AWSCredentials
 
25
 
25
26
 
26
27
def calculateMD5(data):
27
28
    digest = md5(data).digest()
28
29
    return b64encode(digest)
29
30
 
30
31
 
31
 
def hmac_sha1(secret, data):
32
 
    digest = hmac.new(secret, data, sha1).digest()
33
 
    return b64encode(digest)
34
 
 
35
 
 
36
32
class S3Request(object):
37
33
    def __init__(self, verb, bucket=None, objectName=None, data='',
38
34
            contentType=None, metadata={}, rootURI='https://s3.amazonaws.com',
39
 
            accessKey=None, secretKey=None):
 
35
            creds=None):
40
36
        self.verb = verb
41
37
        self.bucket = bucket
42
38
        self.objectName = objectName
44
40
        self.contentType = contentType
45
41
        self.metadata = metadata
46
42
        self.rootURI = rootURI
47
 
        self.accessKey = accessKey
48
 
        self.secretKey = secretKey
 
43
        self.creds = creds
49
44
        self.date = datetimeToString()
50
45
 
51
 
        if (accessKey is not None and secretKey is None) or (accessKey is None and secretKey is not None):
52
 
            raise ValueError('Must provide both accessKey and secretKey, or neither')
53
 
 
54
46
    def getURIPath(self):
55
47
        path = '/'
56
48
        if self.bucket is not None:
73
65
        if self.contentType is not None:
74
66
            headers['Content-Type'] = self.contentType
75
67
 
76
 
        if self.accessKey is not None:
 
68
        if self.creds is not None:
77
69
            signature = self.getSignature(headers)
78
 
            headers['Authorization'] = 'AWS %s:%s' % (self.accessKey, signature)
 
70
            headers['Authorization'] = 'AWS %s:%s' % (self.creds.access_key, signature)
79
71
 
80
72
        return headers
81
73
 
95
87
        text += headers.get('Date', '') + '\n'
96
88
        text += self.getCanonicalizedAmzHeaders(headers)
97
89
        text += self.getCanonicalizedResource()
98
 
        return hmac_sha1(self.secretKey, text)
 
90
        return self.creds.sign(text)
99
91
 
100
92
    def submit(self):
101
93
        return self.getPage(url=self.getURI(), method=self.verb, postdata=self.data, headers=self.getHeaders())
110
102
    rootURI = 'https://s3.amazonaws.com/'
111
103
    requestFactory = S3Request
112
104
 
113
 
    def __init__(self, accessKey, secretKey):
114
 
        self.accessKey = accessKey
115
 
        self.secretKey = secretKey
 
105
    def __init__(self, creds):
 
106
        self.creds = creds
116
107
 
117
108
    def makeRequest(self, *a, **kw):
118
109
        """
121
112
        This uses the requestFactory attribute, adding the credentials to the
122
113
        arguments passed in.
123
114
        """
124
 
        return self.requestFactory(accessKey=self.accessKey, secretKey=self.secretKey, *a, **kw)
 
115
        return self.requestFactory(creds=self.creds, *a, **kw)
125
116
 
126
117
    def _parseBucketList(self, response):
127
118
        """