From 784f79aa440a605859adaca9052b8bc82774d440 Mon Sep 17 00:00:00 2001
From: Bastian <bretagne.bastian@gmail.com>
Date: Sat, 17 Apr 2021 01:50:57 +0200
Subject: [PATCH] Fixes issue #148 by adding python3 support to sign_request.py

---
 .../vault-consul-ami/auth/sign-request.py     | 34 ++++++++++++++-----
 1 file changed, 25 insertions(+), 9 deletions(-)

diff --git a/examples/vault-consul-ami/auth/sign-request.py b/examples/vault-consul-ami/auth/sign-request.py
index cba97708..4f26a947 100644
--- a/examples/vault-consul-ami/auth/sign-request.py
+++ b/examples/vault-consul-ami/auth/sign-request.py
@@ -15,18 +15,24 @@
 # the response from GetCallerIdentity, which tells who is trying to authenticate
 # ------------------------------------------------------------------------------
 
-import botocore.session
-from botocore.awsrequest import create_request_object
-import json
 import base64
+import json
 import sys
 
+import botocore.session
+from botocore.awsrequest import create_request_object
+
+
 def headers_to_go_style(headers):
     retval = {}
-    for k, v in headers.iteritems():
-        retval[k] = [v]
+    for k, v in headers.items():
+        try:
+            retval[k] = [v.decode()]
+        except:
+            retval[k] = [v]
     return retval
 
+
 def generate_vault_request(awsIamServerId):
     session = botocore.session.get_session()
     client = session.create_client('sts')
@@ -40,12 +46,22 @@ def generate_vault_request(awsIamServerId):
 
     return {
         'iam_http_request_method': request.method,
-        'iam_request_url':         base64.b64encode(request.url),
-        'iam_request_body':        base64.b64encode(request.body),
-        'iam_request_headers':     base64.b64encode(json.dumps(headers_to_go_style(dict(request.headers)))), # It's a CaseInsensitiveDict, which is not JSON-serializable
+        'iam_request_url':         base64.b64encode(request.url.encode()),
+        'iam_request_body':        base64.b64encode(request.body.encode()),
+        'iam_request_headers':     base64.b64encode(json.dumps(headers_to_go_style(dict(request.headers))).encode()),  # It's a CaseInsensitiveDict, which is not JSON-serializable
     }
 
 
+def decode_byte_values_from_dict(dict):
+    for k, v in dict.items():
+        try:
+            dict[k] = v.decode()
+        except AttributeError:
+            dict[k] = v
+    return dict
+
+
 if __name__ == "__main__":
     awsIamServerId = sys.argv[1]
-    print json.dumps(generate_vault_request(awsIamServerId))
+    vault_request = generate_vault_request(awsIamServerId)
+    print(json.dumps(decode_byte_values_from_dict(vault_request)))