class KsAuth(object):
def __init__(self, kwargs, get=True, region=None):
assert kwargs and kwargs['Action']
self.url = cloud_account.KS_EPC_URL
self.region = region if region else cloud_account.KS_EPC_REGION
self.kwargs = kwargs
self.method = 'POST'
self.body = {}
self.algorithm = 'AWS4-HMAC-SHA256'
self.signed_headers = 'host;x-amz-date'
if get:
self.body = ""
self.method = 'GET'
self.__get_init()
else:
self.__post_init()
def __get_init(self):
qstring = "Action={}&Version=2015-11-01".format(self.kwargs["Action"])
del self.kwargs['Action']
for k, v in self.kwargs.items():
qstring += "&{}={}".format(k, v)
qstring = self._sort(qstring)
self.body = qstring
self.url += "/?" + self.body
self.format_time()
def _sort(self, qstring):
d = {}
for i in qstring.split('&'):
k, v = i.split('=')
d[k] = v
iterable = sorted(d.items(), key=lambda data: data[0])
return ''.join(map(lambda x: x[0]+'='+x[1]+'&', iterable)).rstrip('&')
def format_time(self):
t = datetime.utcnow()
amzdate = t.strftime('%Y%m%dT%H%M%SZ')
datestamp = t.strftime('%Y%m%d')
if not hasattr(self, 'delay_time') and not hasattr(self, 'vague_time'):
setattr(self, 'vague_time', datestamp)
setattr(self, 'delay_time', amzdate)
def canonical_headers(self):
head = 'host:' + cloud_account.KS_EPC_HOST + '\n' + 'x-amz-date:' + self.delay_time + '\n'
return head
def auth(self):
signature = self.get_signature()
_, credential_scope = self.hash_salt()
authorization_header = self.algorithm + ' ' + 'Credential=' + cloud_account.KS_EPC_ACCESS_KEY + '/' + credential_scope + ', ' + 'SignedHeaders=' + self.signed_headers + ', ' + 'Signature=' + signature
headers = {'x-amz-date': self.delay_time, 'Authorization': authorization_header}
return headers
def hash_salt(self):
credential_scope = self.vague_time + '/' + self.region + '/' + cloud_account.KS_EPC_SERVICE + '/' + 'aws4_request'
canonical_uri = "/"
headers = self.canonical_headers()
signing_key = self.getSignatureKey()
payload_hash = hashlib.sha256(('').encode('utf-8')).hexdigest()
canonical_request = self.method + '\n' + canonical_uri + '\n' + self.body + '\n' + headers + '\n' + self.signed_headers + '\n' + payload_hash
string_to_sign = self.algorithm + '\n' + self.delay_time + '\n' + credential_scope + '\n' + hashlib.sha256(
canonical_request.encode('utf-8')).hexdigest()
return string_to_sign, credential_scope
def get_signature(self):
signing_key = self.getSignatureKey()
string_to_sign = self.hash_salt()[0]
signature = hmac.new(signing_key, (string_to_sign).encode('utf-8'), hashlib.sha256).hexdigest()
return signature
def sign(self, key, msg):
return hmac.new(key, msg.encode('utf-8'), hashlib.sha256).digest()
def getSignatureKey(self):
kDate = self.sign(('AWS4' + cloud_account.KS_EPC_SECURITY_KEY).encode('utf-8'), self.vague_time)
kRegion = self.sign(kDate, self.region)
kService = self.sign(kRegion, cloud_account.KS_EPC_SERVICE)
kSigning = self.sign(kService, 'aws4_request')
return kSigning
def __post_init(self):
pass
def post(self):
html = requests.get(self.url, headers=self.auth())
print(html.text)
if __name__ == '__main__':
s = KsAuth({'Action': "Describe"})
header = s.auth()
html = requests.get(s.url, headers=header)
print(html.text)
Python3 金山雲api調用簽名
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.