Skip to content

Latest commit

 

History

History
76 lines (67 loc) · 2.74 KB

README.rst

File metadata and controls

76 lines (67 loc) · 2.74 KB

AWS signature verification routines.

This library provides signature verification for requests made to an AWS service. Typically, this is used to provide mock interfaces for AWS services or to rewrite AWS requests through a proxy host.

The current source tree can be found on GitHub.

Documentation is available at docs.ionosphere.io.

Currently only SigV4 and SigV4S3 (the S3 variant of SigV4) are supported.

Example Usage

>>> import awssig
>>> access_key = "AKIDEXAMPLE"
>>> secret_key = "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY"
>>> key_mapping = { access_key: secret_key }
>>> v = awssig.AWSSigV4Verifier(
...     request_method="GET",
...     uri_path="/",
...     query_string="a=foo&b=foo",
...     headers={
...         "date": ["Mon, 09 Sep 2011 23:36:00 GMT"],
...         "host": ["host.foo.com"],
...         "authorization": [(
...             "AWS4-HMAC-SHA256 "
...             "Credential=AKIDEXAMPLE/20110909/us-east-1/host/aws4_request, "
...             "SignedHeaders=date;host, "
...             "Signature=0dc122f3b28b831ab48ba65cb47300de53fbe91b577fe113edac383730254a3b")],
...    },
...    body=b"",
...    region="us-east-1",
...    service="host",
...    key_mapping=key_mapping,
...    timestamp_mismatch=None)
>>> try:
...     v.verify()
...     print("ok")
... except awssig.InvalidSignatureError as e:
...     print("error: %s" % e)
ok
>>> v = awssig.AWSSigV4S3Verifier(
...     request_method="POST",
...     uri_path="/a//b/../c",
...     headers={
...         "date": ["Mon, 09 Sep 2011 23:36:00 GMT"],
...         "host": ["host.foo.com"],
...         "authorization": [(
...             "AWS4-HMAC-SHA256 "
...             "Credential=AKIDEXAMPLE/20110909/us-east-1/host/aws4_request, "
...             "SignedHeaders=date;host, "
...             "Signature=6b8af5a1e94a59c511e47267ab0cbfa1783dc42861ab7f09e0dba62680da8b28")],
...         "x-amz-content-sha256": ["UNSIGNED-PAYLOAD"],
...    },
...    body=b"Hello world",
...    region="us-east-1",
...    service="host",
...    key_mapping=key_mapping,
...    timestamp_mismatch=None)
>>> try:
...     v.verify()
...     print("ok")
... except awssig.InvalidSignatureError as e:
...     print("error: %s" % e)
ok