API tools faq
paste
Guest User

Untitled

a guest
Oct 21st, 2018
82
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.38 KB | None | 0 0
raw download clone embed print report
  1. import datetime
  2. import hashlib
  3. import hmac
  4. import urllib
  5.  
  6.  
  7. def aws_sig_v4_headers(access_key_id, secret_access_key, pre_auth_headers,
  8. service, region, host, method, path, query, payload):
  9. algorithm = 'AWS4-HMAC-SHA256'
  10.  
  11. now = datetime.datetime.utcnow()
  12. amzdate = now.strftime('%Y%m%dT%H%M%SZ')
  13. datestamp = now.strftime('%Y%m%d')
  14. payload_hash = hashlib.sha256(payload).hexdigest()
  15. credential_scope = f'{datestamp}/{region}/{service}/aws4_request'
  16.  
  17. pre_auth_headers_lower = {
  18. header_key.lower(): ' '.join(header_value.split())
  19. for header_key, header_value in pre_auth_headers.items()
  20. }
  21. required_headers = {
  22. 'host': host,
  23. 'x-amz-content-sha256': payload_hash,
  24. 'x-amz-date': amzdate,
  25. }
  26. headers = {**pre_auth_headers_lower, **required_headers}
  27. header_keys = sorted(headers.keys())
  28. signed_headers = ';'.join(header_keys)
  29.  
  30. def signature():
  31. def canonical_request():
  32. canonical_uri = urllib.parse.quote(path, safe='/~')
  33. quoted_query = sorted(
  34. (urllib.parse.quote(key, safe='~'), urllib.parse.quote(value, safe='~'))
  35. for key, value in query.items()
  36. )
  37. canonical_querystring = '&'.join(f'{key}={value}' for key, value in quoted_query)
  38. canonical_headers = ''.join(f'{key}:{headers[key]}\n' for key in header_keys)
  39.  
  40. return f'{method}\n{canonical_uri}\n{canonical_querystring}\n' + \
  41. f'{canonical_headers}\n{signed_headers}\n{payload_hash}'
  42.  
  43. def sign(key, msg):
  44. return hmac.new(key, msg.encode('utf-8'), hashlib.sha256).digest()
  45.  
  46. string_to_sign = f'{algorithm}\n{amzdate}\n{credential_scope}\n' + \
  47. hashlib.sha256(canonical_request().encode('utf-8')).hexdigest()
  48.  
  49. date_key = sign(('AWS4' + secret_access_key).encode('utf-8'), datestamp)
  50. region_key = sign(date_key, region)
  51. service_key = sign(region_key, service)
  52. request_key = sign(service_key, 'aws4_request')
  53. return sign(request_key, string_to_sign).hex()
  54.  
  55. return {
  56. **pre_auth_headers,
  57. 'x-amz-date': amzdate,
  58. 'x-amz-content-sha256': payload_hash,
  59. 'Authorization': f'{algorithm} Credential={access_key_id}/{credential_scope}, '
  60. f'SignedHeaders={signed_headers}, Signature=' + signature(),
  61. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!