o JhGc@s ddlZddlmZddlmZmZmZmZmZm Z ddl m Z m Z m Z mZmZddlmZddlmZddlmZGdd d eZGd d d eZGd d d eZGdddeZGdddeZGdddeZGdddeZGdddeZeeeeeeedZdS)N)BytesIO)SIGNED_HEADERS_BLACKLIST"STREAMING_UNSIGNED_PAYLOAD_TRAILERUNSIGNED_PAYLOAD BaseSigner_get_body_as_dict_host_from_url) HTTPHeadersawscrtparse_qsurlsplit urlunsplit)NoCredentialsError)register_feature_id)percent_encode_sequencec@zeZdZdZgdZejjjZ dZ dZ ddZ ddZ ddZd d Zd d Zd dZddZddZddZddZdS) CrtSigV4AuthT Authorizationz X-Amz-DateX-Amz-Content-SHA256zX-Amz-Security-TokencC||_||_||_d|_dSN credentials _service_name _region_name_expiration_in_secondsselfr service_name region_namer!q/var/www/vedio/testing/chatpythonscript.ninositsolution.com/env/lib/python3.10/site-packages/botocore/crt/auth.py__init__+ zCrtSigV4Auth.__init__cC0|jdi}|d}t|to|ddkSNchecksumrequest_algorithmintrailercontextget isinstancedictrrequestchecksum_context algorithmr!r!r"_is_streaming_checksum_payload1 z+CrtSigV4Auth._is_streaming_checksum_payloadc Cs|jdurttjjtjjd}||}||t j j j |jj |jj|jjd}||r5t}n||rB|r?|}nd}nt}||rOt j jj}nt j jj}t j jt j jj|j||j|j||j|j|j |||j!d }|"|}t j #||} | $|%||dS)Ntzinfo access_key_idsecret_access_key session_token r3signature_typecredentials_providerregionservicedateshould_sign_headeruse_double_uri_encodeshould_normalize_uri_pathsigned_body_valuesigned_body_header_typeexpiration_in_seconds)&rrdatetimeutcnowreplacetimezoneutc_get_existing_sha256_modify_request_before_signingr authAwsCredentialsProvider new_static access_key secret_keytokenr4r_should_sha256_sign_payloadr!_should_add_content_sha256_headerAwsSignedBodyHeaderTypeX_AMZ_CONTENT_SHA_256NONEAwsSigningConfigAwsSigningAlgorithmV4_SIGNATURE_TYPErr_should_sign_header_USE_DOUBLE_URI_ENCODE_SHOULD_NORMALIZE_URI_PATHr_crt_request_from_aws_requestaws_sign_requestresult_apply_signing_changes rr1 datetime_nowexisting_sha256r>explicit_payload body_headersigning_config crt_requestfuturer!r!r"add_auth6sR         zCrtSigV4Auth.add_authc Ct|j}|jr |jnd}|jr4g}|jD]\}}t|}||d|q|dd|}n |jr?|d|j}t j |j }d}|j r\t|j drW|j }nt|j }t j j|j|||d} | SN/=?&seek)methodpathheaders body_streamr urlrvparamsitemsstrappendjoinqueryr http HttpHeadersrwbodyhasattrr HttpRequestru r aws_request url_partscrt_patharrayparamvalue crt_headerscrt_body_streamrkr!r!r"rao.   z*CrtSigV4Auth._crt_request_from_aws_requestcCtt|j|_dSrr from_pairslistrwrrsigned_crt_requestr!r!r"rd z#CrtSigV4Auth._apply_signing_changescK |tvSrlowerrrnamekwargsr!r!r"r^ z CrtSigV4Auth._should_sign_headercC@|jD] }||jvr|j|=qd|jvrt|j|jd<dSdSNhost_PRESIGNED_HEADERS_BLOCKLISTrwrrzrr1hr!r!r"rN   z+CrtSigV4Auth._modify_request_before_signingcC |jdSNrrwr-rr1r!r!r"rMrz!CrtSigV4Auth._get_existing_sha256cC|jdsdS|jddSNhttpsTpayload_signing_enabledrz startswithr,r-rr!r!r"rU z(CrtSigV4Auth._should_sha256_sign_payloadcC|duSrr!rrhr!r!r"rVz.CrtSigV4Auth._should_add_content_sha256_headerN)__name__ __module__ __qualname__REQUIRES_REGIONrr rOAwsSignatureTypeHTTP_REQUEST_HEADERSr]r_r`r#r4rmrardr^rNrMrUrVr!r!r!r"rs  9  rc4eZdZdZdZddZfddZddZZS)CrtS3SigV4AuthFcCdSrr!rr!r!r"rMz#CrtS3SigV4Auth._get_existing_sha256cs|jd}t|dd}|duri}|dd}|dur|Sd}|jdi}|d}t|tr<|ddkr<|d }|jd rG||jvrId S|jd d rRd St |S)N client_configs3r Content-MD5r'r(r)headerrrThas_streaming_inputF) r,r-getattrr.r/rzrrwsuperrU)rr1r s3_config sign_payloadchecksum_headerr2r3 __class__r!r"rUs&       z*CrtS3SigV4Auth._should_sha256_sign_payloadcCdSNTr!rr!r!r"rVrz0CrtS3SigV4Auth._should_add_content_sha256_header rrrr_r`rMrUrV __classcell__r!r!rr"rs  )rc@r)CrtSigV4AsymAuthTrcCrrrrr!r!r"r#r$zCrtSigV4AsymAuth.__init__c Cstd|jdur ttjjtjjd}||}| |t j j j |jj|jj|jjd}||r9t}n||rF|rC|}nd}nt}||rSt j jj}nt j jj}t j jt j jj|j||j|j||j|j |j!|||j"d }|#|}t j $||} | %|&||dS)NSIGV4A_SIGNINGr6r8r<)'rrrrHrIrJrKrLrMrNr rOrPrQrRrSrTr4rrUrrVrWrXrYrZr[ V4_ASYMMETRICr]rrr^r_r`rrarbrcrdrer!r!r"rmsT         zCrtSigV4AsymAuth.add_authc Crnroryrr!r!r"ra5rz.CrtSigV4AsymAuth._crt_request_from_aws_requestcCrrrrr!r!r"rdSrz'CrtSigV4AsymAuth._apply_signing_changescKrrrrr!r!r"r^Yrz$CrtSigV4AsymAuth._should_sign_headercCrrrrr!r!r"rN\rz/CrtSigV4AsymAuth._modify_request_before_signingcCrrrrr!r!r"rMfrz%CrtSigV4AsymAuth._get_existing_sha256cCr%r&r+r0r!r!r"r4ir5z/CrtSigV4AsymAuth._is_streaming_checksum_payloadcCrrrrr!r!r"rUnrz,CrtSigV4AsymAuth._should_sha256_sign_payloadcCrrr!rr!r!r"rVxrz2CrtSigV4AsymAuth._should_add_content_sha256_headerN)rrrrrr rOrrr]r_r`r#rmrardr^rNrMr4rUrVr!r!r!r"rs  :  rcr)CrtS3SigV4AsymAuthFcCrrr!rr!r!r"rMrz'CrtS3SigV4AsymAuth._get_existing_sha256cst|jd}t|dd}|duri}|dd}|dur|S|jdr)d|jvr+dS|jddr4dSt|S) NrrrrrTrF)r,r-rrzrrwrrU)rr1rrrrr!r"rUs      z.CrtS3SigV4AsymAuth._should_sha256_sign_payloadcCrrr!rr!r!r"rVrz4CrtS3SigV4AsymAuth._should_add_content_sha256_headerrr!r!rr"r}s  $rcFeZdZdZejjjZeffdd Z fddZ fddZ Z S)CrtSigV4AsymQueryAuthct|||||_dSrrr#rrrrr expiresrr!r"r# zCrtSigV4AsymQueryAuth.__init__c st||jd}|dkr|jd=t|j}t|jdd}dd|D}|j r6| t |d|_ t |}|}|d|d |d ||d f}t ||_dS) N content-type0application/x-www-form-urlencoded; charset=utf-8Tkeep_blank_valuescSi|] \}}||dqSrr!.0kvr!r!r" szHCrtSigV4AsymQueryAuth._modify_request_before_signing..r)rrNrwr-r rzr rr|dataupdaterrr ) rr1 content_typerquery_string_parts query_dictnew_query_stringp new_url_partsrr!r"rNs    z4CrtSigV4AsymQueryAuth._modify_request_before_signingcLt||t|jj}t|j}t|d|d|d||df|_dSNrrrrrrdr rvrrzr rrr signed_queryrrr!r"rd  ( z,CrtSigV4AsymQueryAuth._apply_signing_changes rrrDEFAULT_EXPIRESr rOrHTTP_REQUEST_QUERY_PARAMSr]r#rNrdrr!r!rr"rs  *rc@(eZdZdZdZdZddZddZdS)CrtS3SigV4AsymQueryAuthzS3 SigV4A auth using query parameters. This signer will sign a request using query parameters and signature version 4A, i.e a "presigned url" signer. FcCrNFr!rr!r!r"rUz3CrtS3SigV4AsymQueryAuth._should_sha256_sign_payloadcCrrr!rr!r!r"rVrz9CrtS3SigV4AsymQueryAuth._should_add_content_sha256_headerNrrr__doc__r_r`rUrVr!r!r!r"rs  rcr)CrtSigV4QueryAuthrcrrrrrr!r"r#rzCrtSigV4QueryAuth.__init__cst||jd}|dkr|jd=t|j}ddt|jddD}|j r3| |j i|_ |j r@| t |d|_ t |}|}|d|d |d ||d f}t||_dS) NrrcSrrr!rr!r!r"r#szDCrtSigV4QueryAuth._modify_request_before_signing..Trrrrrr)rrNrwr-r rzr rr|r{rrrrr )rr1rrrrrrrr!r"rNs*     z0CrtSigV4QueryAuth._modify_request_before_signingcrrrrrr!r"rdDrz(CrtSigV4QueryAuth._apply_signing_changesrr!r!rr"r s  0rc@r)CrtS3SigV4QueryAuthaS3 SigV4 auth using query parameters. This signer will sign a request using query parameters and signature version 4, i.e a "presigned url" signer. Based off of: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html FcCrrr!rr!r!r"rUarz/CrtS3SigV4QueryAuth._should_sha256_sign_payloadcCrrr!rr!r!r"rVhrz5CrtS3SigV4QueryAuth._should_add_content_sha256_headerNrr!r!r!r"rUs  r)v4zv4-queryv4as3v4z s3v4-querys3v4az s3v4a-query)rHior botocore.authrrrrrrbotocore.compatr r r r r botocore.exceptionsrbotocore.useragentrbotocore.utilsrrrrrrrrrCRT_AUTH_TYPE_MAPSr!r!r!r"s2     72EK