Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix issue where X-Amz-Content-SHA256 was being set twice #388

Merged
merged 3 commits into from
Nov 24, 2014
Merged

Fix issue where X-Amz-Content-SHA256 was being set twice #388

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
dbcbc39
Fix issue where X-Amz-Content-SHA256 was being set twice
jamesls Nov 24, 2014
6e2692e
Fix py3 test issue
jamesls Nov 24, 2014
f8e7ae7
Fix flake8 issues
jamesls Nov 24, 2014
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions botocore/auth.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -345,6 +345,8 @@ class S3SigV4Auth(SigV4Auth):

def _modify_request_before_signing(self, request):
super(S3SigV4Auth, self)._modify_request_before_signing(request)
if 'X-Amz-Content-SHA256' in request.headers:
del request.headers['X-Amz-Content-SHA256']
request.headers['X-Amz-Content-SHA256'] = self.payload(request)

def _normalize_url_path(self, path):
Expand Down
45 changes: 45 additions & 0 deletions tests/integration/test_s3.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,8 @@
except ImportError:
from itertools import zip_longest

from botocore.vendored.requests import adapters
from botocore.vendored.requests.exceptions import ConnectionError
import botocore.session
import botocore.auth
import botocore.credentials
Expand Down Expand Up @@ -534,6 +536,49 @@ def test_bucket_in_other_region_using_http(self):
self.keys.append('foo.txt')


class TestSigV4IsRetried(BaseS3Test):
def setUp(self):
super(TestSigV4IsRetried, self).setUp()
self.endpoint = self.service.get_endpoint('eu-central-1')
self.bucket_name = 'botocoretest%s-%s' % (
int(time.time()), random.randint(1, 1000))
self.bucket_location = 'eu-central-1'

operation = self.service.get_operation('CreateBucket')
response = operation.call(self.endpoint, bucket=self.bucket_name,
create_bucket_configuration={'LocationConstraint': self.bucket_location})
self.assertEqual(response[0].status_code, 200)
self.keys = []

def tearDown(self):
for key in self.keys:
op = self.service.get_operation('DeleteObject')
response = op.call(self.endpoint, bucket=self.bucket_name, key=key)
self.assertEqual(response[0].status_code, 204)
self.delete_bucket(self.bucket_name)

def test_request_retried_for_sigv4(self):
operation = self.service.get_operation('PutObject')
body = six.BytesIO(b"Hello world!")

original_send = adapters.HTTPAdapter.send
state = mock.Mock()
state.error_raised = False
def mock_http_adapter_send(self, *args, **kwargs):
if not state.error_raised:
state.error_raised = True
raise ConnectionError("Simulated ConnectionError raised.")
else:
return original_send(self, *args, **kwargs)
with mock.patch('botocore.vendored.requests.adapters.HTTPAdapter.send',
mock_http_adapter_send):
response = operation.call(self.endpoint,
Bucket=self.bucket_name,
Key='foo.txt', Body=body)
self.assertEqual(response[0].status_code, 200)
self.keys.append('foo.txt')


class TestGetBucketLocationForEUCentral1(BaseS3Test):
def setUp(self):
super(TestGetBucketLocationForEUCentral1, self).setUp()
Expand Down
40 changes: 32 additions & 8 deletions tests/unit/auth/test_signers.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
import time

import mock
import six

import botocore.auth
import botocore.credentials
Expand Down Expand Up @@ -69,7 +70,7 @@ def test_duplicate_headers(self):

def test_query_string(self):
split = urlsplit('/quotes/nelson?uploads')
pairs = [('Date', 'Thu, 17 Nov 2005 18:49:58 GMT'),]
pairs = [('Date', 'Thu, 17 Nov 2005 18:49:58 GMT')]
sig = self.hmacv1.get_signature('PUT', split,
HTTPHeaders.from_pairs(pairs))
self.assertEqual(sig, 'P7pBz3Z4p3GxysRSJ/gR8nk7D4o=')
Expand Down Expand Up @@ -208,6 +209,23 @@ class TestS3SigV4Auth(unittest.TestCase):

maxDiff = None

def setUp(self):
self.credentials = botocore.credentials.Credentials(
access_key='foo', secret_key='bar', token='baz')
self.auth = botocore.auth.S3SigV4Auth(
self.credentials, 'ec2', 'eu-central-1')
self.request = AWSRequest(data=six.BytesIO(b"foo bar baz"))
self.request.method = 'PUT'
self.request.url = 'https://s3.eu-central-1.amazonaws.com/'

def test_resign_with_content_hash(self):
self.auth.add_auth(self.request)
original_auth = self.request.headers['Authorization']

self.auth.add_auth(self.request)
self.assertEqual(self.request.headers.get_all('Authorization'),
[original_auth])

def test_signature_is_not_normalized(self):
request = AWSRequest()
request.url = 'https://s3.amazonaws.com/bucket/foo/./bar/../bar'
Expand All @@ -227,7 +245,8 @@ class TestSigV4Resign(unittest.TestCase):
def setUp(self):
self.credentials = botocore.credentials.Credentials(
access_key='foo', secret_key='bar', token='baz')
self.auth = botocore.auth.SigV4Auth(self.credentials, 'ec2', 'us-west-2')
self.auth = botocore.auth.SigV4Auth(self.credentials,
'ec2', 'us-west-2')
self.request = AWSRequest()
self.request.method = 'PUT'
self.request.url = 'https://ec2.amazonaws.com/'
Expand Down Expand Up @@ -291,10 +310,12 @@ def test_presign_no_params(self):
self.assertEqual(
query_string,
{'X-Amz-Algorithm': 'AWS4-HMAC-SHA256',
'X-Amz-Credential': 'access_key/20140101/myregion/myservice/aws4_request',
'X-Amz-Credential': ('access_key/20140101/myregion/'
'myservice/aws4_request'),
'X-Amz-Date': '20140101T000000Z',
'X-Amz-Expires': '60',
'X-Amz-Signature': 'c70e0bcdb4cd3ee324f71c78195445b8788315af0800bbbdbbb6d05a616fb84c',
'X-Amz-Signature': ('c70e0bcdb4cd3ee324f71c78195445b878'
'8315af0800bbbdbbb6d05a616fb84c'),
'X-Amz-SignedHeaders': 'host'})

def test_operation_params_before_auth_params(self):
Expand Down Expand Up @@ -328,7 +349,8 @@ def test_s3_sigv4_presign(self):
auth = botocore.auth.S3SigV4QueryAuth(
self.credentials, self.service_name, self.region_name, expires=60)
request = AWSRequest()
request.url = 'https://s3.us-west-2.amazonaws.com/mybucket/keyname/.bar'
request.url = (
'https://s3.us-west-2.amazonaws.com/mybucket/keyname/.bar')
auth.add_auth(request)
query_string = self.get_parsed_query_string(request)
# We use a different payload:
Expand All @@ -337,10 +359,12 @@ def test_s3_sigv4_presign(self):
self.assertEqual(
query_string,
{'X-Amz-Algorithm': 'AWS4-HMAC-SHA256',
'X-Amz-Credential': 'access_key/20140101/myregion/myservice/aws4_request',
'X-Amz-Credential': ('access_key/20140101/myregion/'
'myservice/aws4_request'),
'X-Amz-Date': '20140101T000000Z',
'X-Amz-Expires': '60',
'X-Amz-Signature': 'ac1b8b9e47e8685c5c963d75e35e8741d55251cd955239cc1efad4dc7201db66',
'X-Amz-Signature': ('ac1b8b9e47e8685c5c963d75e35e8741d55251'
'cd955239cc1efad4dc7201db66'),
'X-Amz-SignedHeaders': 'host'})

def test_presign_with_security_token(self):
Expand All @@ -349,7 +373,7 @@ def test_presign_with_security_token(self):
self.credentials, self.service_name, self.region_name, expires=60)
request = AWSRequest()
request.url = 'https://ec2.us-east-1.amazonaws.com/'
self.auth.add_auth(request)
auth.add_auth(request)
query_string = self.get_parsed_query_string(request)
self.assertEqual(
query_string['X-Amz-Security-Token'], 'security-token')