|
| 1 | +''' |
| 2 | +
|
| 3 | +The MIT License (MIT) |
| 4 | +
|
| 5 | +Copyright (c) 2016-2018 Vanessa Sochat |
| 6 | +
|
| 7 | +Permission is hereby granted, free of charge, to any person obtaining a copy |
| 8 | +of this software and associated documentation files (the "Software"), to deal |
| 9 | +in the Software without restriction, including without limitation the rights |
| 10 | +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
| 11 | +copies of the Software, and to permit persons to whom the Software is |
| 12 | +furnished to do so, subject to the following conditions: |
| 13 | +
|
| 14 | +The above copyright notice and this permission notice shall be included in all |
| 15 | +copies or substantial portions of the Software. |
| 16 | +
|
| 17 | +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
| 18 | +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
| 19 | +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
| 20 | +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
| 21 | +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
| 22 | +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
| 23 | +SOFTWARE. |
| 24 | +
|
| 25 | +''' |
| 26 | + |
| 27 | +from singularity.logger import bot |
| 28 | +from singularity.utils import ( |
| 29 | + read_json, |
| 30 | + write_json |
| 31 | +) |
| 32 | + |
| 33 | +from datetime import datetime, timezone |
| 34 | +import base64 |
| 35 | +import hashlib |
| 36 | +import hmac |
| 37 | +import json |
| 38 | +import os |
| 39 | +import pwd |
| 40 | +import requests |
| 41 | +import sys |
| 42 | + |
| 43 | + |
| 44 | +def encode(item): |
| 45 | + '''make sure an item is bytes for the digest |
| 46 | + ''' |
| 47 | + if not isinstance(item,bytes): |
| 48 | + item = item.encode('utf-8') |
| 49 | + return item |
| 50 | + |
| 51 | + |
| 52 | +def generate_signature(payload, secret): |
| 53 | + '''use an endpoint specific payload and client secret to generate |
| 54 | + a signature for the request''' |
| 55 | + payload = encode(payload) |
| 56 | + secret = encode(secret) |
| 57 | + return hmac.new(secret, digestmod=hashlib.sha256, |
| 58 | + msg=payload).hexdigest() |
| 59 | + |
| 60 | + |
| 61 | +def generate_timestamp(): |
| 62 | + ts = datetime.now(timezone.utc) |
| 63 | + return ts.strftime('%Y%m%dT%HZ') |
| 64 | + |
| 65 | + |
| 66 | +def generate_header_signature(secret, payload, request_type): |
| 67 | + '''Authorize a client based on encrypting the payload with the client |
| 68 | + secret, timestamp, and other metadata |
| 69 | + ''' |
| 70 | + |
| 71 | + # Use the payload to generate a digest push|collection|name|tag|user |
| 72 | + timestamp = generate_timestamp() |
| 73 | + credential = "%s/%s" %(request_type,timestamp) |
| 74 | + |
| 75 | + signature = generate_signature(payload,secret) |
| 76 | + return "SREGISTRY-HMAC-SHA256 Credential=%s,Signature=%s" %(credential, signature) |
0 commit comments