in client/aws_auth.py [0:0]
def sign_all_the_things(self, request_body, request_url, method):
t = datetime.datetime.utcnow()
amzdate = t.strftime('%Y%m%dT%H%M%SZ')
datestamp = t.strftime('%Y%m%d') # Date w/o time, used in credential scope
region, service, host, uri = self.pull_apart_url(request_url)
credential_scope = datestamp + '/' + region + '/' + service + '/' + 'aws4_request'
signing_key = self.get_signature_key(self.secret_key, region, service, datestamp)
canonical_headers = 'host:' + host + '\n' + 'x-amz-date:' + amzdate + '\n'
payload_hash = hashlib.sha256(request_body).hexdigest()
canonical_request = (method + '\n' + uri + '\n\n' + canonical_headers +
'\n' + self.signed_headers + '\n' + payload_hash)
string_to_sign = (self.algorithm + '\n' + amzdate + '\n' + credential_scope + '\n' +
hashlib.sha256(canonical_request.encode('utf-8')).hexdigest())
signature = hmac.new(signing_key, string_to_sign.encode('utf-8'), hashlib.sha256).hexdigest()
authorization_header = (self.algorithm + ' ' + 'Credential=' + self.access_key + '/' + credential_scope +
', ' + 'SignedHeaders=' + self.signed_headers + ', ' + 'Signature=' + signature)
headers = {
'x-amz-date': amzdate,
'Authorization': authorization_header,
'x-amz-content-sha256': payload_hash
}
if self.token:
headers['X-Amz-Security-Token'] = self.token
return headers