A python library to sign AWS requests using AWS Signature V4.
Project description
aws-request-signer
A python library to sign AWS requests using AWS Signature V4.
This small python library serves only purpose: Helping you sign HTTP requests for use with AWS (and compatible) services. The library is unopinionated and should work with just about anything that makes HTTP requests (requests, aiohttp).
It supports generating authorization headers for HTTP requests, pre-signing URLs so you can easily use them elsewhere and signing S3 POST policies for use in HTML forms.
This library has no requirements, but comes with an authentication helper for the requests package.
Installation
aws-request-signer
is available from pypi:
pip install aws-request-signer
Usage example
Here's an example of how to use the library to sign a request to upload a file to a minio S3 bucket running on your local machine:
import hashlib
import requests
from aws_request_signer import AwsRequestSigner
AWS_REGION = ""
AWS_ACCESS_KEY_ID = "minio"
AWS_SECRET_ACCESS_KEY = "minio123"
URL = "http://127.0.0.1:9000/demo/hello_world.txt"
# Demo content for our target file.
content = b"Hello, World!\n"
content_hash = hashlib.sha256(content).hexdigest()
# Create a request signer instance.
request_signer = AwsRequestSigner(
AWS_REGION, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, "s3"
)
# The headers we'll provide and want to sign.
headers = {"Content-Type": "text/plain", "Content-Length": str(len(content))}
# Add the authentication headers.
headers.update(
request_signer.sign_with_headers("PUT", URL, headers, content_hash)
)
# Make the request.
r = requests.put(URL, headers=headers, data=content)
r.raise_for_status()
For more examples and usage, please refer to demo.py.
Development setup
For development purposes, you can clone the repository and use poetry to install and maintain the dependencies. There is no test suite. It comes with a set of pre-commit hooks that can format (isort, black) and check your code (mypy, flake8) automatically.
git clone git@github.com:iksteen/aws-request-signer.git
cd aws-request-signer
poetry install -E demo
poetry run pre-commit install
Release History
- 1.2.0
- Add support for passing a security token to
AwsRequestSigner
andAwsAuth
helper for request. Thanks @ajpl.
- Add support for passing a security token to
- 1.1.1
- Use
quote
instead of the defaultquote_plus
so query arguments that contain spaces work (thanks @eraser-77).
- Use
- 1.1.0
- Minimum supported python version is now 3.6.1.
- Assume empty content when signing a HEAD or DELETE request just as we do when signing a GET request. Thanks @alvassin!
- Fix bug where
sign_with_headers
did not include valueless query arguments in the signing process (f.e.?acl
).
- 1.0.0
- Initial Release.
Meta
Ingmar Steen – @iksteen
Distributed under the MIT license. See LICENSE
for more information.
Contributing
- Fork it (https://github.com/iksteen/aws-request-signer/fork)
- Create your feature branch (
git checkout -b feature/fooBar
) - Commit your changes (
git commit -am 'Add some fooBar'
) - Push to the branch (
git push origin feature/fooBar
) - Create a new Pull Request
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for aws_request_signer-1.2.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | eb5bca05d5055a608078be5f47bb6a333f1e5c383ed7603a75289e04203a10a6 |
|
MD5 | 82ca126bf89211e5915564b82df0ed69 |
|
BLAKE2b-256 | 3416fc50db007b6cc69c53e3f3bbdd97dfde03aa8c0bb2b2f6c6c924ccd85eaf |