botocore/crt/auth.py [14:64]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - REQUIRES_REGION = True _PRESIGNED_HEADERS_BLOCKLIST = [ 'Authorization', 'X-Amz-Date', 'X-Amz-Content-SHA256', 'X-Amz-Security-Token', ] _SIGNATURE_TYPE = awscrt.auth.AwsSignatureType.HTTP_REQUEST_HEADERS _USE_DOUBLE_URI_ENCODE = True _SHOULD_NORMALIZE_URI_PATH = True def __init__(self, credentials, service_name, region_name): self.credentials = credentials self._service_name = service_name self._region_name = region_name self._expiration_in_seconds = None def add_auth(self, request): if self.credentials is None: raise NoCredentialsError() # Use utcnow() because that's what gets mocked by tests, but set # timezone because CRT assumes naive datetime is local time. datetime_now = datetime.datetime.utcnow().replace( tzinfo=datetime.timezone.utc) # Use existing 'X-Amz-Content-SHA256' header if able existing_sha256 = self._get_existing_sha256(request) self._modify_request_before_signing(request) credentials_provider = awscrt.auth.AwsCredentialsProvider.new_static( access_key_id=self.credentials.access_key, secret_access_key=self.credentials.secret_key, session_token=self.credentials.token) if self._should_sha256_sign_payload(request): if existing_sha256: explicit_payload = existing_sha256 else: explicit_payload = None # to be calculated during signing else: explicit_payload = UNSIGNED_PAYLOAD if self._should_add_content_sha256_header(explicit_payload): body_header = \ awscrt.auth.AwsSignedBodyHeaderType.X_AMZ_CONTENT_SHA_256 else: body_header = awscrt.auth.AwsSignedBodyHeaderType.NONE signing_config = awscrt.auth.AwsSigningConfig( - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - botocore/crt/auth.py [197:247]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - REQUIRES_REGION = True _PRESIGNED_HEADERS_BLOCKLIST = [ 'Authorization', 'X-Amz-Date', 'X-Amz-Content-SHA256', 'X-Amz-Security-Token', ] _SIGNATURE_TYPE = awscrt.auth.AwsSignatureType.HTTP_REQUEST_HEADERS _USE_DOUBLE_URI_ENCODE = True _SHOULD_NORMALIZE_URI_PATH = True def __init__(self, credentials, service_name, region_name): self.credentials = credentials self._service_name = service_name self._region_name = region_name self._expiration_in_seconds = None def add_auth(self, request): if self.credentials is None: raise NoCredentialsError() # Use utcnow() because that's what gets mocked by tests, but set # timezone because CRT assumes naive datetime is local time. datetime_now = datetime.datetime.utcnow().replace( tzinfo=datetime.timezone.utc) # Use existing 'X-Amz-Content-SHA256' header if able existing_sha256 = self._get_existing_sha256(request) self._modify_request_before_signing(request) credentials_provider = awscrt.auth.AwsCredentialsProvider.new_static( access_key_id=self.credentials.access_key, secret_access_key=self.credentials.secret_key, session_token=self.credentials.token) if self._should_sha256_sign_payload(request): if existing_sha256: explicit_payload = existing_sha256 else: explicit_payload = None # to be calculated during signing else: explicit_payload = UNSIGNED_PAYLOAD if self._should_add_content_sha256_header(explicit_payload): body_header = \ awscrt.auth.AwsSignedBodyHeaderType.X_AMZ_CONTENT_SHA_256 else: body_header = awscrt.auth.AwsSignedBodyHeaderType.NONE signing_config = awscrt.auth.AwsSigningConfig( - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -