Refresh timestamp for each signing event for SigV4 #162
Conversation
|
LGTM. |
|
If we pass in the datetime.utcnow function into the init, then we wouldn't have divergent code paths in the tests vs actual use. Or we could just mock.patch the utcnow() call. |
If a service has not metadata dict that contains regions/endpoint/protocol info, we should still be able to construct endpoints by passing endpoint_url. I've also updated the code to not require region_name unless it's a sigv4 service (which is the only reason we need to require a region name if we're given an explicit endpoint_url). With this commit, we can consume the unprocessed model as it exists in services/*.json.
* regions-not-required: Add test that verifies a region is required with no endpoint_url Specifying endpoint_url should not require metadata dict
…oblems if you hold onto an endpoint for more than five minutes or so. The timestamp expires and the signature is rejected. We need to create a new timestamp each time add_auth is called. But we also need a way to pass in a timestamp to use for the unit tests. This fixes boto#149.
…ushing into the auth class itself.
|
I changed it to mock I also just noticed that if I set a region in my config file, I get three test failures in botocore but that happens in develop branch, too. Looking at how to fix that but its not really relevant to this PR. |
|
In the future we might make everything except |
Looks good.
We are creating a timestamp in the SigV4Auth class but this causes problems if you hold onto an endpoint for more than five minutes or so. The timestamp expires and the signature is rejected. We need to create a new timestamp each time add_auth is called. But we also need a way to pass in a timestamp to use for the unit tests. This fixes #149.