How to use awscurl - 8 common examples
To help you get started, we’ve selected a few awscurl examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
okigan / awscurl / tests / test_make_request.py View on Github 
def test_make_request(self, *args, **kvargs):
headers = {}
params = {'method': 'GET',
'service': 'ec2',
'region': 'region',
'uri': 'https://user:pass@host:123/path/?a=b&c=d',
'headers': headers,
'data': '',
'profile': '',
'access_key': 'ABC',
'secret_key': 'DEF',
'security_token': 'GHI'}
make_request(**params)
expected = {'x-amz-date': '19700101T000000Z',
'x-amz-content-sha256': 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855',
'Authorization': 'AWS4-HMAC-SHA256 Credential=ABC/19700101/region/ec2/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=e767448ca06e8f3a17548d4193ea29afa759b84f957a71d0a051815f5ebfedfa',
'x-amz-security-token': 'GHI'}
self.assertEqual(expected, headers)
pass#!/usr/bin/env python
"""The main entry point. Invoke as `awscurl' or `python -m awscurl'.
"""
import sys
from .awscurl import main
if __name__ == '__main__':
sys.exit(main())def get_signature_key(key, date_stamp, region_name, service_name):
"""
See: https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html
In AWS Signature Version 4, instead of using your AWS access keys to sign a request, you
first create a signing key that is scoped to a specific region and service. For more
information about signing keys, see Introduction to Signing Requests.
"""
k_date = sign(('AWS4' + key).encode('utf-8'), date_stamp)
k_region = sign(k_date, region_name)
k_service = sign(k_region, service_name)
k_signing = sign(k_service, 'aws4_request')
return k_signingdef get_signature_key(key, date_stamp, region_name, service_name):
"""
See: https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html
In AWS Signature Version 4, instead of using your AWS access keys to sign a request, you
first create a signing key that is scoped to a specific region and service. For more
information about signing keys, see Introduction to Signing Requests.
"""
k_date = sign(('AWS4' + key).encode('utf-8'), date_stamp)
k_region = sign(k_date, region_name)
k_service = sign(k_region, service_name)
k_signing = sign(k_service, 'aws4_request')
return k_signingdef get_signature_key(key, date_stamp, region_name, service_name):
"""
See: https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html
In AWS Signature Version 4, instead of using your AWS access keys to sign a request, you
first create a signing key that is scoped to a specific region and service. For more
information about signing keys, see Introduction to Signing Requests.
"""
k_date = sign(('AWS4' + key).encode('utf-8'), date_stamp)
k_region = sign(k_date, region_name)
k_service = sign(k_region, service_name)
k_signing = sign(k_service, 'aws4_request')
return k_signingdef get_signature_key(key, date_stamp, region_name, service_name):
"""
See: https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html
In AWS Signature Version 4, instead of using your AWS access keys to sign a request, you
first create a signing key that is scoped to a specific region and service. For more
information about signing keys, see Introduction to Signing Requests.
"""
k_date = sign(('AWS4' + key).encode('utf-8'), date_stamp)
k_region = sign(k_date, region_name)
k_service = sign(k_region, service_name)
k_signing = sign(k_service, 'aws4_request')
return k_signingif security_token:
canonical_headers += ('x-amz-security-token:' + security_token + '\n')
# Step 5: Create the list of signed headers. This lists the headers
# in the canonical_headers list, delimited with ";" and in alpha order.
# Note: The request can include any headers; canonical_headers and
# signed_headers lists those that you want to be included in the
# hash of the request. "Host" and "x-amz-date" are always required.
signed_headers = 'host;x-amz-date'
if security_token:
signed_headers += ';x-amz-security-token'
# Step 6: Create payload hash (hash of the request body content). For GET
# requests, the payload is an empty string ("").
payload_hash = sha256_hash_for_binary_data(data) if data_binary else sha256_hash(data)
# Step 7: Combine elements to create create canonical request
canonical_request = (method + '\n' +
requests.utils.quote(canonical_uri) + '\n' +
canonical_querystring + '\n' +
canonical_headers + '\n' +
signed_headers + '\n' +
payload_hash)
__log('\nCANONICAL REQUEST = ' + canonical_request)
return canonical_request, payload_hash, signed_headersservice,
region):
"""
************* TASK 2: CREATE THE STRING TO SIGN*************
Match the algorithm to the hashing algorithm you use, either SHA-1 or
SHA-256 (recommended)
"""
algorithm = 'AWS4-HMAC-SHA256'
credential_scope = (datestamp + '/' +
region + '/' +
service + '/' +
'aws4_request')
string_to_sign = (algorithm + '\n' +
amzdate + '\n' +
credential_scope + '\n' +
sha256_hash(canonical_request))
__log('\nSTRING_TO_SIGN = ' + string_to_sign)
return string_to_sign, algorithm, credential_scope
