Skip to content

Commit 167b613

Browse files
nateprewittnateprewitt
committed
Merge branch 'develop' into signer_fix
2 parents 4531831 + 05b8ce6 commit 167b613

File tree

4 files changed

+39
-17
lines changed

4 files changed

+39
-17
lines changed

packages/aws-sdk-signers/src/aws_sdk_signers/interfaces/identity.py

Lines changed: 22 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
from __future__ import annotations
55

66
from datetime import datetime
7-
from typing import Protocol
7+
from typing import Protocol, runtime_checkable
88

99

1010
class Identity(Protocol):
@@ -18,3 +18,24 @@ class Identity(Protocol):
1818
def is_expired(self) -> bool:
1919
"""Whether the identity is expired."""
2020
...
21+
22+
23+
@runtime_checkable
24+
class AWSCredentialsIdentity(Protocol):
25+
"""AWS Credentials Identity."""
26+
27+
# The access key ID.
28+
access_key_id: str
29+
30+
# The secret access key.
31+
secret_access_key: str
32+
33+
# The session token.
34+
session_token: str | None
35+
36+
expiration: datetime | None = None
37+
38+
@property
39+
def is_expired(self) -> bool:
40+
"""Whether the identity is expired."""
41+
...

packages/aws-sdk-signers/src/aws_sdk_signers/signers.py

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@
1515
from .interfaces.io import AsyncSeekable, Seekable
1616
from ._http import URI, AWSRequest, Field
1717
from ._identity import AWSCredentialIdentity
18+
from .interfaces.identity import AWSCredentialsIdentity as _AWSCredentialsIdentity
1819
from ._io import AsyncBytesReader
1920
from .exceptions import AWSSDKWarning, MissingExpectedParameterException
2021

@@ -49,14 +50,14 @@ def sign(
4950
self,
5051
*,
5152
signing_properties: SigV4SigningProperties,
52-
request: AWSRequest,
53+
http_request: AWSRequest,
5354
identity: AWSCredentialIdentity,
5455
) -> AWSRequest:
5556
"""Generate and apply a SigV4 Signature to a copy of the supplied request.
5657
5758
:param signing_properties: SigV4SigningProperties to define signing primitives
5859
such as the target service, region, and date.
59-
:param request: An AWSRequest to sign prior to sending to the service.
60+
:param http_request: An AWSRequest to sign prior to sending to the service.
6061
:param identity: A set of credentials representing an AWS Identity or role
6162
capacity.
6263
"""
@@ -68,7 +69,7 @@ def sign(
6869
)
6970
assert "date" in new_signing_properties
7071

71-
new_request = self._generate_new_request(request=request)
72+
new_request = self._generate_new_request(request=http_request)
7273
self._apply_required_fields(
7374
request=new_request,
7475
signing_properties=new_signing_properties,
@@ -159,7 +160,7 @@ def _hash(self, key: bytes, value: str) -> bytes:
159160

160161
def _validate_identity(self, *, identity: AWSCredentialIdentity) -> None:
161162
"""Perform runtime and expiration checks before attempting signing."""
162-
if not isinstance(identity, AWSCredentialIdentity): # pyright: ignore
163+
if not isinstance(identity, _AWSCredentialsIdentity): # pyright: ignore
163164
raise ValueError(
164165
"Received unexpected value for identity parameter. Expected "
165166
f"AWSCredentialIdentity but received {type(identity)}."
@@ -413,14 +414,14 @@ async def sign(
413414
self,
414415
*,
415416
signing_properties: SigV4SigningProperties,
416-
request: AWSRequest,
417+
http_request: AWSRequest,
417418
identity: AWSCredentialIdentity,
418419
) -> AWSRequest:
419420
"""Generate and apply a SigV4 Signature to a copy of the supplied request.
420421
421422
:param signing_properties: SigV4SigningProperties to define signing primitives
422423
such as the target service, region, and date.
423-
:param request: An AWSRequest to sign prior to sending to the service.
424+
:param http_request: An AWSRequest to sign prior to sending to the service.
424425
:param identity: A set of credentials representing an AWS Identity or role
425426
capacity.
426427
"""
@@ -431,7 +432,7 @@ async def sign(
431432
new_signing_properties = await self._normalize_signing_properties(
432433
signing_properties=signing_properties
433434
)
434-
new_request = await self._generate_new_request(request=request)
435+
new_request = await self._generate_new_request(request=http_request)
435436
await self._apply_required_fields(
436437
request=new_request,
437438
signing_properties=new_signing_properties,
@@ -522,7 +523,7 @@ async def _hash(self, key: bytes, value: str) -> bytes:
522523

523524
async def _validate_identity(self, *, identity: AWSCredentialIdentity) -> None:
524525
"""Perform runtime and expiration checks before attempting signing."""
525-
if not isinstance(identity, AWSCredentialIdentity): # pyright: ignore
526+
if not isinstance(identity, _AWSCredentialsIdentity): # pyright: ignore
526527
raise ValueError(
527528
"Received unexpected value for identity parameter. Expected "
528529
f"AWSCredentialIdentity but received {type(identity)}."

packages/aws-sdk-signers/tests/unit/auth/test_sigv4.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -115,7 +115,7 @@ def _test_signature_version_4_sync(test_case_name: str, signer: SigV4Signer) ->
115115
with pytest.warns(AWSSDKWarning):
116116
signed_request = signer.sign(
117117
signing_properties=signing_props,
118-
request=request,
118+
http_request=request,
119119
identity=test_case.credentials,
120120
)
121121
assert (
@@ -154,7 +154,7 @@ async def _test_signature_version_4_async(
154154
with pytest.warns(AWSSDKWarning):
155155
signed_request = await signer.sign(
156156
signing_properties=signing_props,
157-
request=request,
157+
http_request=request,
158158
identity=test_case.credentials,
159159
)
160160
assert (

packages/aws-sdk-signers/tests/unit/test_signers.py

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -68,7 +68,7 @@ def test_sign(
6868
) -> None:
6969
signed_request = self.SIGV4_SYNC_SIGNER.sign(
7070
signing_properties=signing_properties,
71-
request=aws_request,
71+
http_request=aws_request,
7272
identity=aws_identity,
7373
)
7474
assert isinstance(signed_request, AWSRequest)
@@ -104,7 +104,7 @@ def test_sign_with_invalid_identity(
104104
with pytest.raises(ValueError):
105105
self.SIGV4_SYNC_SIGNER.sign(
106106
signing_properties=signing_properties,
107-
request=aws_request,
107+
http_request=aws_request,
108108
identity=identity,
109109
)
110110

@@ -120,7 +120,7 @@ def test_sign_with_expired_identity(
120120
with pytest.raises(ValueError):
121121
self.SIGV4_SYNC_SIGNER.sign(
122122
signing_properties=signing_properties,
123-
request=aws_request,
123+
http_request=aws_request,
124124
identity=identity,
125125
)
126126

@@ -136,7 +136,7 @@ async def test_sign(
136136
) -> None:
137137
signed_request = await self.SIGV4_ASYNC_SIGNER.sign(
138138
signing_properties=signing_properties,
139-
request=aws_request,
139+
http_request=aws_request,
140140
identity=aws_identity,
141141
)
142142
assert isinstance(signed_request, AWSRequest)
@@ -172,7 +172,7 @@ async def test_sign_with_invalid_identity(
172172
with pytest.raises(ValueError):
173173
await self.SIGV4_ASYNC_SIGNER.sign(
174174
signing_properties=signing_properties,
175-
request=aws_request,
175+
http_request=aws_request,
176176
identity=identity,
177177
)
178178

@@ -188,6 +188,6 @@ async def test_sign_with_expired_identity(
188188
with pytest.raises(ValueError):
189189
await self.SIGV4_ASYNC_SIGNER.sign(
190190
signing_properties=signing_properties,
191-
request=aws_request,
191+
http_request=aws_request,
192192
identity=identity,
193193
)

0 commit comments

Comments
 (0)