Skip to content

Commit 2ca3a6d

Browse files
romainrhuebuild
authored andcommitted
[raz] Do not hardcode the user in the client
1 parent dddaec0 commit 2ca3a6d

File tree

4 files changed

+22
-10
lines changed

4 files changed

+22
-10
lines changed

desktop/core/src/desktop/lib/raz/clients.py

Lines changed: 15 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -29,14 +29,26 @@
2929

3030
class S3RazClient():
3131

32+
def __init__(self, username):
33+
self.username = username
34+
3235
def get_url(self, action='GET', path=None, perm='read'):
36+
'''
37+
Example of headers:
38+
{
39+
u'x-amz-content-sha256': u'UNSIGNED-PAYLOAD',
40+
u'Host': u'prakashmowdev1.s3-us-west-2.amazonaws.com',
41+
u'X-Amz-Security-Token': u'IQoJb3JpZ2luX2Vj...C',
42+
u'X-Amz-Date': u'20210604T102022Z',
43+
u'Authorization': u'AWS4-HMAC-SHA256 Credential=ASIAYO3P24NAOAYMMDNN/20210604/us-west-2/s3/aws4_request, SignedHeaders=host;user-agent;x-amz-content-sha256;x-amz-date;x-amz-security-token, Signature=d341a194c2998c64b6fc726b69d0c3c2b97d520265f80df7e1bc1ac59a21ef94',
44+
u'User-Agent': u'user:csso_romain'
45+
}
46+
'''
3347
c = get_raz_client(
3448
raz_url=RAZ.API_URL.get(),
35-
username='csso_romain',
49+
username=self.username,
3650
auth=RAZ.API_AUTHENTICATION.get(),
3751
service='s3',
38-
service_name='cm_s3',
39-
cluster_name='prakashdh62'
4052
)
4153

4254
return c.check_access(method=action, url=path)

desktop/libs/aws/src/aws/client.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@ def _make_client(identifier, user):
4545

4646
if RAZ.IS_ENABLED.get() and not aws_conf.IS_SELF_SIGNING_ENABLED.get():
4747
host = client_conf.HOST.get()
48-
s3_client = RazS3Connection(host=host) # Note: Remaining AWS configuration is fully skipped
48+
s3_client = RazS3Connection(username=user.username, host=host) # Note: Remaining AWS configuration is fully skipped
4949
s3_client_expiration = None
5050
else:
5151
s3_client_builder = Client.from_config(client_conf, get_credential_provider(identifier, user))

desktop/libs/aws/src/aws/s3/s3connection.py

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,7 @@ class SignedUrlS3Connection(S3Connection):
5959
Example of a presigned S3 Url declaring a `list all buckets` call:
6060
https://s3-us-west-1.amazonaws.com/?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA23E77ZX2HVY76YGL%2F20210505%2Fus-west-1%2Fs3%2Faws4_request&X-Amz-Date=20210505T171457Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=994d0ec2ca19a00aa2925fe62cab0e727591b1951a8a47504b2b9124facbd6cf
6161
"""
62-
def __init__(self, aws_access_key_id=None, aws_secret_access_key=None,
62+
def __init__(self, username, aws_access_key_id=None, aws_secret_access_key=None,
6363
is_secure=True, port=None, proxy=None, proxy_port=None,
6464
proxy_user=None, proxy_pass=None,
6565
host=NoHostProvided, debug=0, https_connection_factory=None,
@@ -68,6 +68,8 @@ def __init__(self, aws_access_key_id=None, aws_secret_access_key=None,
6868
suppress_consec_slashes=True, anon=False,
6969
validate_certs=None, profile_name=None):
7070

71+
self.username = username
72+
7173
# No auth handler with RAZ
7274
anon = RAZ.IS_ENABLED.get() and not IS_SELF_SIGNING_ENABLED.get()
7375

@@ -109,7 +111,6 @@ def make_request(self, method, bucket='', key='', headers=None, data='',
109111
auth_path = self.calling_format.build_auth_path(bucket, key)
110112
boto.log.debug('auth_path=%s' % auth_path)
111113
host = self.calling_format.build_host(self.server_name(), bucket)
112-
#host = self.calling_format.build_host(self.server_name(), '') # As using signed Url we keep the same hostname as there
113114
if query_args:
114115
path += '?' + query_args
115116
boto.log.debug('path=%s' % path)
@@ -130,7 +131,6 @@ def make_request(self, method, bucket='', key='', headers=None, data='',
130131
LOG.debug('Raz returned those headers: %s' % headers)
131132

132133
if headers is not None:
133-
# We override instead of re-creating an HTTPRequest
134134
http_request.headers.update(headers)
135135
else:
136136
LOG.error('We got back empty header from Raz for the request %s' % http_request)
@@ -142,7 +142,7 @@ def make_request(self, method, bucket='', key='', headers=None, data='',
142142

143143

144144
def get_signed_url(self, action='GET', url=None):
145-
raz_client = S3RazClient()
145+
raz_client = S3RazClient(username=self.username)
146146

147147
return raz_client.get_url(action, url)
148148

desktop/libs/aws/src/aws/s3/s3connection_test.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,7 @@ def test_list_buckets(self):
5959
}
6060
_mexe.return_value = ['<Bucket: demo-gethue>', '<Bucket: gethue-test>']
6161

62-
client = RazS3Connection(host='s3-us-west-1.amazonaws.com')
62+
client = RazS3Connection(username='test', host='s3-us-west-1.amazonaws.com')
6363

6464
buckets = client.make_request(method='GET', bucket='', key='',)
6565

@@ -100,7 +100,7 @@ def test_get_file(self):
100100
'&Signature=3lhK%2BwtQ9Q2u5VDIqb4MEpoY3X4%3D&Expires=1617207304'
101101
_mexe.return_value = '[<Bucket: demo-gethue>, <Bucket: gethue-test>]'
102102

103-
client = SelfSignedUrlS3Connection()
103+
client = SelfSignedUrlS3Connection(username='test')
104104
http_request = Mock(
105105
path='/gethue/data/customer.csv',
106106
protocol='https',

0 commit comments

Comments
 (0)