Skip to content
This repository has been archived by the owner on Jan 25, 2023. It is now read-only.

Commit

Permalink
Fixes issue #148 by adding python3 support to sign_request.py
Browse files Browse the repository at this point in the history
  • Loading branch information
bastianb committed Apr 16, 2021
1 parent 0b7f606 commit 784f79a
Showing 1 changed file with 25 additions and 9 deletions.
34 changes: 25 additions & 9 deletions examples/vault-consul-ami/auth/sign-request.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,18 +15,24 @@
# the response from GetCallerIdentity, which tells who is trying to authenticate
# ------------------------------------------------------------------------------

import botocore.session
from botocore.awsrequest import create_request_object
import json
import base64
import json
import sys

import botocore.session
from botocore.awsrequest import create_request_object


def headers_to_go_style(headers):
retval = {}
for k, v in headers.iteritems():
retval[k] = [v]
for k, v in headers.items():
try:
retval[k] = [v.decode()]
except:
retval[k] = [v]
return retval


def generate_vault_request(awsIamServerId):
session = botocore.session.get_session()
client = session.create_client('sts')
Expand All @@ -40,12 +46,22 @@ def generate_vault_request(awsIamServerId):

return {
'iam_http_request_method': request.method,
'iam_request_url': base64.b64encode(request.url),
'iam_request_body': base64.b64encode(request.body),
'iam_request_headers': base64.b64encode(json.dumps(headers_to_go_style(dict(request.headers)))), # It's a CaseInsensitiveDict, which is not JSON-serializable
'iam_request_url': base64.b64encode(request.url.encode()),
'iam_request_body': base64.b64encode(request.body.encode()),
'iam_request_headers': base64.b64encode(json.dumps(headers_to_go_style(dict(request.headers))).encode()), # It's a CaseInsensitiveDict, which is not JSON-serializable
}


def decode_byte_values_from_dict(dict):
for k, v in dict.items():
try:
dict[k] = v.decode()
except AttributeError:
dict[k] = v
return dict


if __name__ == "__main__":
awsIamServerId = sys.argv[1]
print json.dumps(generate_vault_request(awsIamServerId))
vault_request = generate_vault_request(awsIamServerId)
print(json.dumps(decode_byte_values_from_dict(vault_request)))

0 comments on commit 784f79a

Please sign in to comment.