| Index: tools/telemetry/third_party/gsutil/third_party/boto/tests/unit/auth/test_sigv4.py
|
| diff --git a/tools/telemetry/third_party/gsutil/third_party/boto/tests/unit/auth/test_sigv4.py b/tools/telemetry/third_party/gsutil/third_party/boto/tests/unit/auth/test_sigv4.py
|
| deleted file mode 100644
|
| index 8f7876b6a99abb205b7bf3169fd6fe71e4457199..0000000000000000000000000000000000000000
|
| --- a/tools/telemetry/third_party/gsutil/third_party/boto/tests/unit/auth/test_sigv4.py
|
| +++ /dev/null
|
| @@ -1,594 +0,0 @@
|
| -# Copyright (c) 2012 Amazon.com, Inc. or its affiliates. All Rights Reserved
|
| -#
|
| -# Permission is hereby granted, free of charge, to any person obtaining a
|
| -# copy of this software and associated documentation files (the
|
| -# "Software"), to deal in the Software without restriction, including
|
| -# without limitation the rights to use, copy, modify, merge, publish, dis-
|
| -# tribute, sublicense, and/or sell copies of the Software, and to permit
|
| -# persons to whom the Software is furnished to do so, subject to the fol-
|
| -# lowing conditions:
|
| -#
|
| -# The above copyright notice and this permission notice shall be included
|
| -# in all copies or substantial portions of the Software.
|
| -#
|
| -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
|
| -# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABIL-
|
| -# ITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
|
| -# SHALL THE AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
|
| -# WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
| -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
|
| -# IN THE SOFTWARE.
|
| -#
|
| -import copy
|
| -import pickle
|
| -import os
|
| -from tests.compat import unittest, mock
|
| -from tests.unit import MockServiceWithConfigTestCase
|
| -
|
| -from boto.auth import HmacAuthV4Handler
|
| -from boto.auth import S3HmacAuthV4Handler
|
| -from boto.auth import detect_potential_s3sigv4
|
| -from boto.auth import detect_potential_sigv4
|
| -from boto.connection import HTTPRequest
|
| -from boto.provider import Provider
|
| -from boto.regioninfo import RegionInfo
|
| -
|
| -
|
| -class TestSigV4Handler(unittest.TestCase):
|
| - def setUp(self):
|
| - self.provider = mock.Mock()
|
| - self.provider.access_key = 'access_key'
|
| - self.provider.secret_key = 'secret_key'
|
| - self.request = HTTPRequest(
|
| - 'POST', 'https', 'glacier.us-east-1.amazonaws.com', 443,
|
| - '/-/vaults/foo/archives', None, {},
|
| - {'x-amz-glacier-version': '2012-06-01'}, '')
|
| -
|
| - def test_not_adding_empty_qs(self):
|
| - self.provider.security_token = None
|
| - auth = HmacAuthV4Handler('glacier.us-east-1.amazonaws.com', mock.Mock(), self.provider)
|
| - req = copy.copy(self.request)
|
| - auth.add_auth(req)
|
| - self.assertEqual(req.path, '/-/vaults/foo/archives')
|
| -
|
| - def test_inner_whitespace_is_collapsed(self):
|
| - auth = HmacAuthV4Handler('glacier.us-east-1.amazonaws.com',
|
| - mock.Mock(), self.provider)
|
| - self.request.headers['x-amz-archive-description'] = 'two spaces'
|
| - self.request.headers['x-amz-quoted-string'] = ' "a b c" '
|
| - headers = auth.headers_to_sign(self.request)
|
| - self.assertEqual(headers, {'Host': 'glacier.us-east-1.amazonaws.com',
|
| - 'x-amz-archive-description': 'two spaces',
|
| - 'x-amz-glacier-version': '2012-06-01',
|
| - 'x-amz-quoted-string': ' "a b c" '})
|
| - # Note the single space between the "two spaces".
|
| - self.assertEqual(auth.canonical_headers(headers),
|
| - 'host:glacier.us-east-1.amazonaws.com\n'
|
| - 'x-amz-archive-description:two spaces\n'
|
| - 'x-amz-glacier-version:2012-06-01\n'
|
| - 'x-amz-quoted-string:"a b c"')
|
| -
|
| - def test_canonical_query_string(self):
|
| - auth = HmacAuthV4Handler('glacier.us-east-1.amazonaws.com',
|
| - mock.Mock(), self.provider)
|
| - request = HTTPRequest(
|
| - 'GET', 'https', 'glacier.us-east-1.amazonaws.com', 443,
|
| - '/-/vaults/foo/archives', None, {},
|
| - {'x-amz-glacier-version': '2012-06-01'}, '')
|
| - request.params['Foo.1'] = 'aaa'
|
| - request.params['Foo.10'] = 'zzz'
|
| - query_string = auth.canonical_query_string(request)
|
| - self.assertEqual(query_string, 'Foo.1=aaa&Foo.10=zzz')
|
| -
|
| - def test_query_string(self):
|
| - auth = HmacAuthV4Handler('sns.us-east-1.amazonaws.com',
|
| - mock.Mock(), self.provider)
|
| - params = {
|
| - 'Message': u'We \u2665 utf-8'.encode('utf-8'),
|
| - }
|
| - request = HTTPRequest(
|
| - 'POST', 'https', 'sns.us-east-1.amazonaws.com', 443,
|
| - '/', None, params, {}, '')
|
| - query_string = auth.query_string(request)
|
| - self.assertEqual(query_string, 'Message=We%20%E2%99%A5%20utf-8')
|
| -
|
| - def test_canonical_uri(self):
|
| - auth = HmacAuthV4Handler('glacier.us-east-1.amazonaws.com',
|
| - mock.Mock(), self.provider)
|
| - request = HTTPRequest(
|
| - 'GET', 'https', 'glacier.us-east-1.amazonaws.com', 443,
|
| - 'x/./././x .html', None, {},
|
| - {'x-amz-glacier-version': '2012-06-01'}, '')
|
| - canonical_uri = auth.canonical_uri(request)
|
| - # This should be both normalized & urlencoded.
|
| - self.assertEqual(canonical_uri, 'x/x%20.html')
|
| -
|
| - auth = HmacAuthV4Handler('glacier.us-east-1.amazonaws.com',
|
| - mock.Mock(), self.provider)
|
| - request = HTTPRequest(
|
| - 'GET', 'https', 'glacier.us-east-1.amazonaws.com', 443,
|
| - 'x/./././x/html/', None, {},
|
| - {'x-amz-glacier-version': '2012-06-01'}, '')
|
| - canonical_uri = auth.canonical_uri(request)
|
| - # Trailing slashes should be preserved.
|
| - self.assertEqual(canonical_uri, 'x/x/html/')
|
| -
|
| - request = HTTPRequest(
|
| - 'GET', 'https', 'glacier.us-east-1.amazonaws.com', 443,
|
| - '/', None, {},
|
| - {'x-amz-glacier-version': '2012-06-01'}, '')
|
| - canonical_uri = auth.canonical_uri(request)
|
| - # There should not be two-slashes.
|
| - self.assertEqual(canonical_uri, '/')
|
| -
|
| - # Make sure Windows-style slashes are converted properly
|
| - request = HTTPRequest(
|
| - 'GET', 'https', 'glacier.us-east-1.amazonaws.com', 443,
|
| - '\\x\\x.html', None, {},
|
| - {'x-amz-glacier-version': '2012-06-01'}, '')
|
| - canonical_uri = auth.canonical_uri(request)
|
| - self.assertEqual(canonical_uri, '/x/x.html')
|
| -
|
| - def test_credential_scope(self):
|
| - # test the AWS standard regions IAM endpoint
|
| - auth = HmacAuthV4Handler('iam.amazonaws.com',
|
| - mock.Mock(), self.provider)
|
| - request = HTTPRequest(
|
| - 'POST', 'https', 'iam.amazonaws.com', 443,
|
| - '/', '/',
|
| - {'Action': 'ListAccountAliases', 'Version': '2010-05-08'},
|
| - {
|
| - 'Content-Length': '44',
|
| - 'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8',
|
| - 'X-Amz-Date': '20130808T013210Z'
|
| - },
|
| - 'Action=ListAccountAliases&Version=2010-05-08')
|
| - credential_scope = auth.credential_scope(request)
|
| - region_name = credential_scope.split('/')[1]
|
| - self.assertEqual(region_name, 'us-east-1')
|
| -
|
| - # test the AWS GovCloud region IAM endpoint
|
| - auth = HmacAuthV4Handler('iam.us-gov.amazonaws.com',
|
| - mock.Mock(), self.provider)
|
| - request = HTTPRequest(
|
| - 'POST', 'https', 'iam.us-gov.amazonaws.com', 443,
|
| - '/', '/',
|
| - {'Action': 'ListAccountAliases', 'Version': '2010-05-08'},
|
| - {
|
| - 'Content-Length': '44',
|
| - 'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8',
|
| - 'X-Amz-Date': '20130808T013210Z'
|
| - },
|
| - 'Action=ListAccountAliases&Version=2010-05-08')
|
| - credential_scope = auth.credential_scope(request)
|
| - region_name = credential_scope.split('/')[1]
|
| - self.assertEqual(region_name, 'us-gov-west-1')
|
| -
|
| - # iam.us-west-1.amazonaws.com does not exist however this
|
| - # covers the remaining region_name control structure for a
|
| - # different region name
|
| - auth = HmacAuthV4Handler('iam.us-west-1.amazonaws.com',
|
| - mock.Mock(), self.provider)
|
| - request = HTTPRequest(
|
| - 'POST', 'https', 'iam.us-west-1.amazonaws.com', 443,
|
| - '/', '/',
|
| - {'Action': 'ListAccountAliases', 'Version': '2010-05-08'},
|
| - {
|
| - 'Content-Length': '44',
|
| - 'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8',
|
| - 'X-Amz-Date': '20130808T013210Z'
|
| - },
|
| - 'Action=ListAccountAliases&Version=2010-05-08')
|
| - credential_scope = auth.credential_scope(request)
|
| - region_name = credential_scope.split('/')[1]
|
| - self.assertEqual(region_name, 'us-west-1')
|
| -
|
| - # Test connections to custom locations, e.g. localhost:8080
|
| - auth = HmacAuthV4Handler('localhost', mock.Mock(), self.provider,
|
| - service_name='iam')
|
| -
|
| - request = HTTPRequest(
|
| - 'POST', 'http', 'localhost', 8080,
|
| - '/', '/',
|
| - {'Action': 'ListAccountAliases', 'Version': '2010-05-08'},
|
| - {
|
| - 'Content-Length': '44',
|
| - 'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8',
|
| - 'X-Amz-Date': '20130808T013210Z'
|
| - },
|
| - 'Action=ListAccountAliases&Version=2010-05-08')
|
| - credential_scope = auth.credential_scope(request)
|
| - timestamp, region, service, v = credential_scope.split('/')
|
| - self.assertEqual(region, 'localhost')
|
| - self.assertEqual(service, 'iam')
|
| -
|
| - def test_headers_to_sign(self):
|
| - auth = HmacAuthV4Handler('glacier.us-east-1.amazonaws.com',
|
| - mock.Mock(), self.provider)
|
| - request = HTTPRequest(
|
| - 'GET', 'http', 'glacier.us-east-1.amazonaws.com', 80,
|
| - 'x/./././x .html', None, {},
|
| - {'x-amz-glacier-version': '2012-06-01'}, '')
|
| - headers = auth.headers_to_sign(request)
|
| - # Port 80 & not secure excludes the port.
|
| - self.assertEqual(headers['Host'], 'glacier.us-east-1.amazonaws.com')
|
| -
|
| - request = HTTPRequest(
|
| - 'GET', 'https', 'glacier.us-east-1.amazonaws.com', 443,
|
| - 'x/./././x .html', None, {},
|
| - {'x-amz-glacier-version': '2012-06-01'}, '')
|
| - headers = auth.headers_to_sign(request)
|
| - # SSL port excludes the port.
|
| - self.assertEqual(headers['Host'], 'glacier.us-east-1.amazonaws.com')
|
| -
|
| - request = HTTPRequest(
|
| - 'GET', 'https', 'glacier.us-east-1.amazonaws.com', 8080,
|
| - 'x/./././x .html', None, {},
|
| - {'x-amz-glacier-version': '2012-06-01'}, '')
|
| - headers = auth.headers_to_sign(request)
|
| - # URL should include port.
|
| - self.assertEqual(headers['Host'], 'glacier.us-east-1.amazonaws.com:8080')
|
| -
|
| - def test_region_and_service_can_be_overriden(self):
|
| - auth = HmacAuthV4Handler('queue.amazonaws.com',
|
| - mock.Mock(), self.provider)
|
| - self.request.headers['X-Amz-Date'] = '20121121000000'
|
| -
|
| - auth.region_name = 'us-west-2'
|
| - auth.service_name = 'sqs'
|
| - scope = auth.credential_scope(self.request)
|
| - self.assertEqual(scope, '20121121/us-west-2/sqs/aws4_request')
|
| -
|
| - def test_pickle_works(self):
|
| - provider = Provider('aws', access_key='access_key',
|
| - secret_key='secret_key')
|
| - auth = HmacAuthV4Handler('queue.amazonaws.com', None, provider)
|
| -
|
| - # Pickle it!
|
| - pickled = pickle.dumps(auth)
|
| -
|
| - # Now restore it
|
| - auth2 = pickle.loads(pickled)
|
| - self.assertEqual(auth.host, auth2.host)
|
| -
|
| - def test_bytes_header(self):
|
| - auth = HmacAuthV4Handler('glacier.us-east-1.amazonaws.com',
|
| - mock.Mock(), self.provider)
|
| - request = HTTPRequest(
|
| - 'GET', 'http', 'glacier.us-east-1.amazonaws.com', 80,
|
| - 'x/./././x .html', None, {},
|
| - {'x-amz-glacier-version': '2012-06-01', 'x-amz-hash': b'f00'}, '')
|
| - canonical = auth.canonical_request(request)
|
| -
|
| - self.assertIn('f00', canonical)
|
| -
|
| -
|
| -class TestS3HmacAuthV4Handler(unittest.TestCase):
|
| - def setUp(self):
|
| - self.provider = mock.Mock()
|
| - self.provider.access_key = 'access_key'
|
| - self.provider.secret_key = 'secret_key'
|
| - self.provider.security_token = 'sekret_tokens'
|
| - self.request = HTTPRequest(
|
| - 'GET', 'https', 's3-us-west-2.amazonaws.com', 443,
|
| - '/awesome-bucket/?max-keys=0', None, {},
|
| - {}, ''
|
| - )
|
| - self.awesome_bucket_request = HTTPRequest(
|
| - method='GET',
|
| - protocol='https',
|
| - host='awesome-bucket.s3-us-west-2.amazonaws.com',
|
| - port=443,
|
| - path='/',
|
| - auth_path=None,
|
| - params={
|
| - 'max-keys': 0,
|
| - },
|
| - headers={
|
| - 'User-Agent': 'Boto',
|
| - 'X-AMZ-Content-sha256': 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855',
|
| - 'X-AMZ-Date': '20130605T193245Z',
|
| - },
|
| - body=''
|
| - )
|
| - self.auth = S3HmacAuthV4Handler(
|
| - host='awesome-bucket.s3-us-west-2.amazonaws.com',
|
| - config=mock.Mock(),
|
| - provider=self.provider,
|
| - region_name='s3-us-west-2'
|
| - )
|
| -
|
| - def test_clean_region_name(self):
|
| - # Untouched.
|
| - cleaned = self.auth.clean_region_name('us-west-2')
|
| - self.assertEqual(cleaned, 'us-west-2')
|
| -
|
| - # Stripped of the ``s3-`` prefix.
|
| - cleaned = self.auth.clean_region_name('s3-us-west-2')
|
| - self.assertEqual(cleaned, 'us-west-2')
|
| -
|
| - # Untouched (classic).
|
| - cleaned = self.auth.clean_region_name('s3.amazonaws.com')
|
| - self.assertEqual(cleaned, 's3.amazonaws.com')
|
| -
|
| - # Untouched.
|
| - cleaned = self.auth.clean_region_name('something-s3-us-west-2')
|
| - self.assertEqual(cleaned, 'something-s3-us-west-2')
|
| -
|
| - def test_region_stripping(self):
|
| - auth = S3HmacAuthV4Handler(
|
| - host='s3-us-west-2.amazonaws.com',
|
| - config=mock.Mock(),
|
| - provider=self.provider
|
| - )
|
| - self.assertEqual(auth.region_name, None)
|
| -
|
| - # What we wish we got.
|
| - auth = S3HmacAuthV4Handler(
|
| - host='s3-us-west-2.amazonaws.com',
|
| - config=mock.Mock(),
|
| - provider=self.provider,
|
| - region_name='us-west-2'
|
| - )
|
| - self.assertEqual(auth.region_name, 'us-west-2')
|
| -
|
| - # What we actually get (i.e. ``s3-us-west-2``).
|
| - self.assertEqual(self.auth.region_name, 'us-west-2')
|
| -
|
| - def test_determine_region_name(self):
|
| - name = self.auth.determine_region_name('s3-us-west-2.amazonaws.com')
|
| - self.assertEqual(name, 'us-west-2')
|
| -
|
| - def test_canonical_uri(self):
|
| - request = HTTPRequest(
|
| - 'GET', 'https', 's3-us-west-2.amazonaws.com', 443,
|
| - 'x/./././x .html', None, {},
|
| - {}, ''
|
| - )
|
| - canonical_uri = self.auth.canonical_uri(request)
|
| - # S3 doesn't canonicalize the way other SigV4 services do.
|
| - # This just urlencoded, no normalization of the path.
|
| - self.assertEqual(canonical_uri, 'x/./././x%20.html')
|
| -
|
| - def test_determine_service_name(self):
|
| - # What we wish we got.
|
| - name = self.auth.determine_service_name(
|
| - 's3.us-west-2.amazonaws.com'
|
| - )
|
| - self.assertEqual(name, 's3')
|
| -
|
| - # What we actually get.
|
| - name = self.auth.determine_service_name(
|
| - 's3-us-west-2.amazonaws.com'
|
| - )
|
| - self.assertEqual(name, 's3')
|
| -
|
| - # What we wish we got with virtual hosting.
|
| - name = self.auth.determine_service_name(
|
| - 'bucket.s3.us-west-2.amazonaws.com'
|
| - )
|
| - self.assertEqual(name, 's3')
|
| -
|
| - # What we actually get with virtual hosting.
|
| - name = self.auth.determine_service_name(
|
| - 'bucket.s3-us-west-2.amazonaws.com'
|
| - )
|
| - self.assertEqual(name, 's3')
|
| -
|
| - def test_add_auth(self):
|
| - # The side-effects sideshow.
|
| - self.assertFalse('x-amz-content-sha256' in self.request.headers)
|
| - self.auth.add_auth(self.request)
|
| - self.assertTrue('x-amz-content-sha256' in self.request.headers)
|
| - the_sha = self.request.headers['x-amz-content-sha256']
|
| - self.assertEqual(
|
| - the_sha,
|
| - 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855'
|
| - )
|
| -
|
| - def test_host_header(self):
|
| - host = self.auth.host_header(
|
| - self.awesome_bucket_request.host,
|
| - self.awesome_bucket_request
|
| - )
|
| - self.assertEqual(host, 'awesome-bucket.s3-us-west-2.amazonaws.com')
|
| -
|
| - def test_canonical_query_string(self):
|
| - qs = self.auth.canonical_query_string(self.awesome_bucket_request)
|
| - self.assertEqual(qs, 'max-keys=0')
|
| -
|
| - def test_correct_handling_of_plus_sign(self):
|
| - request = HTTPRequest(
|
| - 'GET', 'https', 's3-us-west-2.amazonaws.com', 443,
|
| - 'hello+world.txt', None, {},
|
| - {}, ''
|
| - )
|
| - canonical_uri = self.auth.canonical_uri(request)
|
| - # Ensure that things are properly quoted.
|
| - self.assertEqual(canonical_uri, 'hello%2Bworld.txt')
|
| -
|
| - request = HTTPRequest(
|
| - 'GET', 'https', 's3-us-west-2.amazonaws.com', 443,
|
| - 'hello%2Bworld.txt', None, {},
|
| - {}, ''
|
| - )
|
| - canonical_uri = self.auth.canonical_uri(request)
|
| - # Verify double escaping hasn't occurred.
|
| - self.assertEqual(canonical_uri, 'hello%2Bworld.txt')
|
| -
|
| - def test_mangle_path_and_params(self):
|
| - request = HTTPRequest(
|
| - method='GET',
|
| - protocol='https',
|
| - host='awesome-bucket.s3-us-west-2.amazonaws.com',
|
| - port=443,
|
| - # LOOK AT THIS PATH. JUST LOOK AT IT.
|
| - path='/?delete&max-keys=0',
|
| - auth_path=None,
|
| - params={
|
| - 'key': 'why hello there',
|
| - # This gets overwritten, to make sure back-compat is maintained.
|
| - 'max-keys': 1,
|
| - },
|
| - headers={
|
| - 'User-Agent': 'Boto',
|
| - 'X-AMZ-Content-sha256': 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855',
|
| - 'X-AMZ-Date': '20130605T193245Z',
|
| - },
|
| - body=''
|
| - )
|
| -
|
| - mod_req = self.auth.mangle_path_and_params(request)
|
| - self.assertEqual(mod_req.path, '/?delete&max-keys=0')
|
| - self.assertEqual(mod_req.auth_path, '/')
|
| - self.assertEqual(mod_req.params, {
|
| - 'max-keys': '0',
|
| - 'key': 'why hello there',
|
| - 'delete': ''
|
| - })
|
| -
|
| - def test_canonical_request(self):
|
| - expected = """GET
|
| -/
|
| -max-keys=0
|
| -host:awesome-bucket.s3-us-west-2.amazonaws.com
|
| -user-agent:Boto
|
| -x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
| -x-amz-date:20130605T193245Z
|
| -
|
| -host;user-agent;x-amz-content-sha256;x-amz-date
|
| -e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"""
|
| -
|
| - authed_req = self.auth.canonical_request(self.awesome_bucket_request)
|
| - self.assertEqual(authed_req, expected)
|
| -
|
| - # Now the way ``boto.s3`` actually sends data.
|
| - request = copy.copy(self.awesome_bucket_request)
|
| - request.path = request.auth_path = '/?max-keys=0'
|
| - request.params = {}
|
| - expected = """GET
|
| -/
|
| -max-keys=0
|
| -host:awesome-bucket.s3-us-west-2.amazonaws.com
|
| -user-agent:Boto
|
| -x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
| -x-amz-date:20130605T193245Z
|
| -
|
| -host;user-agent;x-amz-content-sha256;x-amz-date
|
| -e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"""
|
| -
|
| - # Pre-mangle it. In practice, this happens as part of ``add_auth``,
|
| - # but that's a side-effect that's hard to test.
|
| - request = self.auth.mangle_path_and_params(request)
|
| - authed_req = self.auth.canonical_request(request)
|
| - self.assertEqual(authed_req, expected)
|
| -
|
| - def test_non_string_headers(self):
|
| - self.awesome_bucket_request.headers['Content-Length'] = 8
|
| - canonical_headers = self.auth.canonical_headers(
|
| - self.awesome_bucket_request.headers)
|
| - self.assertEqual(
|
| - canonical_headers,
|
| - 'content-length:8\n'
|
| - 'user-agent:Boto\n'
|
| - 'x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae'
|
| - '41e4649b934ca495991b7852b855\n'
|
| - 'x-amz-date:20130605T193245Z'
|
| - )
|
| -
|
| -
|
| -class FakeS3Connection(object):
|
| - def __init__(self, *args, **kwargs):
|
| - self.host = kwargs.pop('host', None)
|
| -
|
| - @detect_potential_s3sigv4
|
| - def _required_auth_capability(self):
|
| - return ['nope']
|
| -
|
| - def _mexe(self, *args, **kwargs):
|
| - pass
|
| -
|
| -
|
| -class FakeEC2Connection(object):
|
| - def __init__(self, *args, **kwargs):
|
| - self.region = kwargs.pop('region', None)
|
| -
|
| - @detect_potential_sigv4
|
| - def _required_auth_capability(self):
|
| - return ['nope']
|
| -
|
| - def _mexe(self, *args, **kwargs):
|
| - pass
|
| -
|
| -
|
| -class TestS3SigV4OptIn(MockServiceWithConfigTestCase):
|
| - connection_class = FakeS3Connection
|
| -
|
| - def test_sigv4_opt_out(self):
|
| - # Default is opt-out.
|
| - fake = FakeS3Connection(host='s3.amazonaws.com')
|
| - self.assertEqual(fake._required_auth_capability(), ['nope'])
|
| -
|
| - def test_sigv4_non_optional(self):
|
| - # Requires SigV4.
|
| - for region in ['.cn-north', '.eu-central', '-eu-central']:
|
| - fake = FakeS3Connection(host='s3' + region + '-1.amazonaws.com')
|
| - self.assertEqual(
|
| - fake._required_auth_capability(), ['hmac-v4-s3'])
|
| -
|
| - def test_sigv4_opt_in_config(self):
|
| - # Opt-in via the config.
|
| - self.config = {
|
| - 's3': {
|
| - 'use-sigv4': True,
|
| - },
|
| - }
|
| - fake = FakeS3Connection()
|
| - self.assertEqual(fake._required_auth_capability(), ['hmac-v4-s3'])
|
| -
|
| - def test_sigv4_opt_in_env(self):
|
| - # Opt-in via the ENV.
|
| - self.environ['S3_USE_SIGV4'] = True
|
| - fake = FakeS3Connection(host='s3.amazonaws.com')
|
| - self.assertEqual(fake._required_auth_capability(), ['hmac-v4-s3'])
|
| -
|
| -
|
| -class TestSigV4OptIn(MockServiceWithConfigTestCase):
|
| - connection_class = FakeEC2Connection
|
| -
|
| - def setUp(self):
|
| - super(TestSigV4OptIn, self).setUp()
|
| - self.standard_region = RegionInfo(
|
| - name='us-west-2',
|
| - endpoint='ec2.us-west-2.amazonaws.com'
|
| - )
|
| - self.sigv4_region = RegionInfo(
|
| - name='cn-north-1',
|
| - endpoint='ec2.cn-north-1.amazonaws.com.cn'
|
| - )
|
| -
|
| - def test_sigv4_opt_out(self):
|
| - # Default is opt-out.
|
| - fake = FakeEC2Connection(region=self.standard_region)
|
| - self.assertEqual(fake._required_auth_capability(), ['nope'])
|
| -
|
| - def test_sigv4_non_optional(self):
|
| - # Requires SigV4.
|
| - fake = FakeEC2Connection(region=self.sigv4_region)
|
| - self.assertEqual(fake._required_auth_capability(), ['hmac-v4'])
|
| -
|
| - def test_sigv4_opt_in_config(self):
|
| - # Opt-in via the config.
|
| - self.config = {
|
| - 'ec2': {
|
| - 'use-sigv4': True,
|
| - },
|
| - }
|
| - fake = FakeEC2Connection(region=self.standard_region)
|
| - self.assertEqual(fake._required_auth_capability(), ['hmac-v4'])
|
| -
|
| - def test_sigv4_opt_in_env(self):
|
| - # Opt-in via the ENV.
|
| - self.environ['EC2_USE_SIGV4'] = True
|
| - fake = FakeEC2Connection(region=self.standard_region)
|
| - self.assertEqual(fake._required_auth_capability(), ['hmac-v4'])
|
|
|
Chromium Code Reviews
Issue 1260493004:
Revert "Add gsutil 4.13 to telemetry/third_party" (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master