U!\c@sddlZddlZddlmZddlmZddlZddlZddlmZddl m Z ddl Z ddl Z ddl Z ddlZddlmZddlmZmZddlmZdd lmZmZmZmZdd lmZdd lmZdd lmZdd lmZddlmZddlmZeje Z!dZ"ddZ#dZ$dZ%dddgZ&dZ'de(fdYZ)de)fdYZ*de)fdYZ+de)fdYZ,d e,fd!YZ-d"e,fd#YZ.d$e.fd%YZ/d&e,fd'YZ0d(e)fd)YZ1d*e1fd+YZ2d,e1fd-YZ3i e*d.6e,d/6e.d06e+d16e+d26e1d36e2d46e3d56e-d66e/d76e0d86Z4dS(9iN(tsha256(tsha1(t formatdate(t itemgetter(tNoCredentialsError(tnormalize_url_pathtpercent_encode_sequence(t HTTPHeaders(tquotetunquoteturlsplittparse_qs(t urlunsplit(t encodebytes(tsix(tjson(t MD5_AVAILABLE(tensure_unicodet@e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855is%Y-%m-%dT%H:%M:%SZs%Y%m%dT%H%M%SZtexpects user-agentsx-amzn-trace-idsUNSIGNED-PAYLOADt BaseSignercBseZeZdZRS(cCstddS(Ntadd_auth(tNotImplementedError(tselftrequest((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyR<s(t__name__t __module__tFalsetREQUIRES_REGIONR(((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyR9st SigV2AuthcBs)eZdZdZdZdZRS(s+ Sign a request with Signature V2. cCs ||_dS(N(t credentials(RR((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyt__init__Esc Csktjdt|j}|j}t|dkr@d}nd|j|j|f}tj |j j j ddt }g}xxt|D]j}|dkrqntj||} |jt|j ddd d t| j ddd qWd j|} || 7}tjd ||j|j dtj|jjjd} | | fS(Ns$Calculating signature using v2 auth.it/s %s %s %s sutf-8t digestmodt Signaturetsafett=s-_~t&sString to sign: %s(tloggertdebugR turltpathtlentmethodtnetlocthmactnewRt secret_keytencodeRtsortedRt text_typetappendRtjointupdatetbase64t b64encodetdigesttstriptdecode( RRtparamstsplitR*tstring_to_signtlhmactpairstkeytvaluetqstb64((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pytcalc_signatureHs.       "! $cCs|jdkrtn|jr-|j}n |j}|jj|dst@ii(R tanyRithostnameR-trsplit(RR)t default_ports((Rvs1/tmp/pip-install-usGedi/botocore/botocore/auth.pyRls  cCs3|jr|j|jS|jt|jSdS(N(R<t_canonical_query_string_paramst_canonical_query_string_urlR R)(RR((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pytcanonical_query_strings cCsog}xSt|D]E}t||}|jdt|ddt|ddfqWdj|}|S(Ns%s=%sR#s-_.~R&(R2tstrR4RR5(RR<tltparamRBtcqs((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyR|sc Csd}|jrg}xE|jjdD]1}|jd\}}}|j||fq(Wg}x1t|D]#\}}|jd||fqpWdj|}n|S(NR$R&R%s%s=%s(tqueryR=t partitionR4R2R5( RtpartsR~t key_val_pairstpairRAt_RBtsorted_key_vals((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyR}s csg}tt|}xY|D]Q}djfdt|j|D}|jd|t|fqWdj|S(s  Return the headers that need to be included in the StringToSign in their canonical form by converting all header keys to lower case, sorting them in alphabetical order and then joining them into a string, separated by newlines. t,c3s|]}j|VqdS(N(t _header_value(Rutv(R(s1/tmp/pip-install-usGedi/botocore/botocore/auth.pys ss%s:%ss (R2tsetR5tget_allR4R(RRpRZtsorted_header_namesRARB((Rs1/tmp/pip-install-usGedi/botocore/botocore/auth.pytcanonical_headerss !cCsdj|jS(Nt (R5R=(RRB((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyRscCsHgt|D]}d|jj^q }t|}dj|S(Ns%st;(RRjR:R2R5(RRptnR((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pytsigned_headerss/ cCs|j|stS|j}|rt|dr|j}tj|jt}t }x$t |dD]}|j |qkW|j }|j ||S|rt |j StSdS(NtseekR$(t_should_sha256_sign_payloadtUNSIGNED_PAYLOADtbodythasattrttellt functoolstpartialtreadtPAYLOAD_BUFFERRtiterR6RcRtEMPTY_SHA256_HASH(RRt request_bodytpositiontread_chunksizetchecksumtchunkt hex_checksum((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pytpayload s        cCs)|jjdstS|jjdtS(NRrtpayload_signing_enabled(R)t startswithR[tcontexttget(RR((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyR!scCs|jjg}|jt|jj}|j||j|j||j|}|j|j |d|j|j |d|j kr|j d}n|j |}|j|dj |S(Ns sX-Amz-Content-SHA256(R,tuppert_normalize_url_pathR R)R*R4R~RpRRRZRR5(RRtcrR*Rpt body_checksum((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pytcanonical_request+s  cCstt|dd}|S(NR#s/~(RR(RR*tnormalized_path((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyR:scCsd|jjg}|j|jddd!|j|j|j|j|jddj|S(Nt timestampiit aws4_requestR (RROR4RR_R`R5(RRtscope((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyR>s  cCs[g}|j|jddd!|j|j|j|j|jddj|S(NRiiRR (R4RR_R`R5(RRR((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pytcredential_scopeFs  cCsbdg}|j|jd|j|j||jt|jdjdj|S(s Return the canonical StringToSign as well as a dict containing the original version of all headers that were included in the StringToSign. sAWS4-HMAC-SHA256Rsutf-8s (R4RRRR1RcR5(RRRtsts((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyR>Ns  "cCs|jj}|jd|jd|jddd!}|j||j}|j||j}|j|d}|j||dtS(NtAWS4sutf-8RiiRRe(RR0RgR1RR_R`R[(RR>RRAtk_datetk_regiont k_servicet k_signing((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyRUZs cCs|jdkrtntjj}|jt|jd<|j||j |}t j dt j d||j ||}t j d||j ||}t j d||j||dS(NRs$Calculating signature using v4 auth.sCanonicalRequest: %ssStringToSign: %ss Signature: %s(RRMRtdatetimetutcnowRQtSIGV4_TIMESTAMPRt_modify_request_before_signingRR'R(R>RUt_inject_signature_to_request(RRt datetime_nowRR>RU((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyRcs   cCsjd|j|g}|j|}|jd|j||jd|dj||jd<|S(NsAWS4-HMAC-SHA256 Credential=%ssSignedHeaders=%ss Signature=%ss, t Authorization(RRpR4RR5RZ(RRRURRp((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyRus cCsd|jkr|jd=n|j||jjrgd|jkrQ|jd=n|jj|jdRURRRR(((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyR^s0               t S3SigV4AuthcBs5eZdZdZdZdZdZRS(cCs)tt|j|||||_dS(N(tsuperRRt_default_region_name(RRRaRb((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyRs cCsG|jjdi}|jd|j|_tt|j|dS(Ntsigningtregion(RRRR_RRR(RRtsigning_context((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyRscCsLtt|j|d|jkr2|jd=n|j||jd   %cCs^|j}t|tjr6tj|jd}n$t|tjrZtj|}n|S(Nsutf-8(RNt isinstanceRt binary_typeRtloadsR;t string_types(RRRN((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyRs  cCs|jd|7_dS(Ns&X-Amz-Signature=%s(R)(RRRU((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyR+s(RRtDEFAULT_EXPIRESRRRR(((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyRs   = tS3SigV4QueryAuthcBs eZdZdZdZRS(sS3 SigV4 auth using query parameters. This signer will sign a request using query parameters and signature version 4, i.e a "presigned url" signer. Based off of: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html cCs|S(N((RR*((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyR=scCstS(N(R(RR((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyRAs(RRRVRR(((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyR2s  tS3SigV4PostAuthcBseZdZdZRS(s Presigns a s3 post Implementation doc here: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-UsingHTTPPOST.html cCstjj}|jt|jdR\((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyt sign_strings cCsdddg}g}d|kr+|d=n|j|dss%s:%ss (RjRMRR5RR2tkeysR4(RRZRtcustom_headersRARtsorted_header_keys((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pytcanonical_custom_headerss   $ cCs2t|dkr|S|dt|dfSdS(s( TODO: Do we need this? iiN(R+R (Rtnv((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyt unquote_vscCs|dk r|}n |j}|jr|jjd}g|D]}|jdd^q@}g|D](}|d|jkre|j|^qe}t|dkr|jdtdg|D]}dj |^q}|d7}|dj |7}qn|S(NR&R%iiRAt?( RMR*RR=t QSAOfInterestRR+tsortRR5(RR=t auth_pathtbuftqsata((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pytcanonical_resources    % (" cCsj|jd}||j|d7}|j|}|rM||d7}n||j|d|7}|S(Ns R(RRRR!(RR,R=RZRRtcsR((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pytcanonical_stringscCs^|jjr&|d=|jj|d((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyt get_signatures   cCs|jdkrtntjdt|j}tjd|j|j|j||j d|j }|j ||dS(Ns(Calculating signature using hmacv1 auth.sHTTP request method: %sR( RRMRR'R(R R)R,R$RZRt_inject_signature(RRR=RU((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyRs    cCs tdtS(NRY(RR[(R((s1/tmp/pip-install-usGedi/botocore/botocore/auth.pyR scCs=d|jkr|jd=nd|jj|f|jdsl        "  =<Y.2(