Skip to content
This repository has been archived by the owner on Jan 25, 2023. It is now read-only.

Fixes issue #148 by adding python3 support to sign_request.py #243

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 21 additions & 10 deletions examples/vault-consul-ami/auth/sign-request.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,18 +15,28 @@
# the response from GetCallerIdentity, which tells who is trying to authenticate
# ------------------------------------------------------------------------------

import botocore.session
from botocore.awsrequest import create_request_object
import json
import base64
import json
import sys

def headers_to_go_style(headers):
import botocore.session


def decode_bytes_from_dict_values(dict_, to_go_style=False):
retval = {}
for k, v in headers.iteritems():
retval[k] = [v]
for k, v in dict_.items():
try:
value = v.decode()
except AttributeError:
value = v

if to_go_style:
value = [value]

retval[k] = value
return retval
Comment on lines +25 to 37
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think using a single function for these two purposes is confusing. I would probably convert these function calls to inline dict comprehensions (which are 2 and 3 compatible) that do the things we want for each case.



def generate_vault_request(awsIamServerId):
session = botocore.session.get_session()
client = session.create_client('sts')
Expand All @@ -40,12 +50,13 @@ def generate_vault_request(awsIamServerId):

return {
'iam_http_request_method': request.method,
'iam_request_url': base64.b64encode(request.url),
'iam_request_body': base64.b64encode(request.body),
'iam_request_headers': base64.b64encode(json.dumps(headers_to_go_style(dict(request.headers)))), # It's a CaseInsensitiveDict, which is not JSON-serializable
'iam_request_url': base64.b64encode(request.url.encode()),
'iam_request_body': base64.b64encode(request.body.encode()),
'iam_request_headers': base64.b64encode(json.dumps(decode_bytes_from_dict_values(dict(request.headers), to_go_style=True)).encode()), # It's a CaseInsensitiveDict, which is not JSON-serializable
}


if __name__ == "__main__":
awsIamServerId = sys.argv[1]
print json.dumps(generate_vault_request(awsIamServerId))
vault_request = generate_vault_request(awsIamServerId)
print(json.dumps(decode_bytes_from_dict_values(vault_request)))