| Server IP : 123.56.80.60 / Your IP : 216.73.216.78 Web Server : Apache/2.4.54 (Win32) OpenSSL/1.1.1s PHP/7.4.33 mod_fcgid/2.3.10-dev System : Windows NT iZhx3sob14hnz7Z 10.0 build 14393 (Windows Server 2016) i586 User : SYSTEM ( 0) PHP Version : 7.4.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : C:/Program Files/python/Lib/site-packages/aliyunsdkcore/auth/signers/ |
Upload File : |
# coding:utf-8
import json
import time
import logging
import socket
from aliyunsdkcore.auth.signers.signer import Signer
from aliyunsdkcore.acs_exception import error_code
from aliyunsdkcore.acs_exception import error_msg
from aliyunsdkcore.acs_exception import exceptions
from aliyunsdkcore.request import RpcRequest
from aliyunsdkcore.auth.algorithm import sha_hmac256
logger = logging.getLogger(__name__)
class RsaKeyPairSigner(Signer):
_MIN_SESSION_PERIOD = 900
_MAX_SESSION_PERIOD = 3600
def __init__(self, credential, region_id, debug=False):
if credential.session_period < self._MIN_SESSION_PERIOD or \
credential.session_period > self._MAX_SESSION_PERIOD:
raise exceptions.ClientException(
error_code.SDK_INVALID_SESSION_EXPIRATION,
error_msg.get_msg('SDK_INVALID_SESSION_EXPIRATION').format(
self._MIN_SESSION_PERIOD,
self._MAX_SESSION_PERIOD))
credential.region_id = region_id
self._public_key_id = credential.public_key_id
self._private_key = credential.private_key
self._session_period = credential.session_period
self._last_update_time = 0
# self._schedule_interval = credential.session_period if debug \
# else max(credential.session_period * 0.8, 5)
from aliyunsdkcore.client import AcsClient
self._sts_client = AcsClient(
self._public_key_id, self._private_key, credential.region_id)
self._session_credential = None
def sign(self, region_id, request):
self._check_session_credential()
session_ak, session_sk = self._session_credential
header = request.get_signed_header(region_id, session_ak, session_sk)
url = request.get_url(region_id, session_ak, session_sk)
return header, url
def _check_session_credential(self):
if self._session_credential is None:
self._get_session_ak_and_sk()
return
now = int(time.time())
if now - self._last_update_time > (self._session_period * 0.8):
self._get_session_ak_and_sk()
def _get_session_ak_and_sk(self):
request = GetSessionAkRequest()
request.set_method("GET")
request.set_duration_seconds(self._session_period)
try:
response_str = self._sts_client.do_action_with_exception(request)
response = json.loads(response_str.decode('utf-8'))
session_ak = str(response.get(
"SessionAccessKey").get("SessionAccessKeyId"))
session_sk = str(response.get(
"SessionAccessKey").get("SessionAccessKeySecret"))
self._session_credential = session_ak, session_sk
self._last_update_time = int(time.time())
except exceptions.ServerException as srv_ex:
if srv_ex.error_code == 'InvalidAccessKeyId.NotFound' or \
srv_ex.error_code == 'SignatureDoesNotMatch':
raise exceptions.ClientException(error_code.SDK_INVALID_CREDENTIAL,
error_msg.get_msg('SDK_INVALID_CREDENTIAL'))
else:
raise
class GetSessionAkRequest(RpcRequest):
def __init__(self):
RpcRequest.__init__(self, product='Sts', version='2015-04-01',
action_name='GenerateSessionAccessKey',
signer=sha_hmac256)
self.set_protocol_type('https')
def get_duration_seconds(self):
return self.get_query_params().get("DurationSeconds")
def set_duration_seconds(self, duration_seconds):
self.add_query_param('DurationSeconds', duration_seconds)
def get_public_key_id(self):
return self.get_query_params().get('PublicKeyId')
def set_public_key_id(self, public_key_id):
self.add_query_param('PublicKeyId', public_key_id)