edgegrid-python 1.3.1__py3-none-any.whl → 2.0.0__py3-none-any.whl

akamai/edgegrid/__init__.py

@@ -32,25 +32,10 @@ usage:
 
 from .edgegrid import EdgeGridAuth
 from .edgerc import EdgeRc
+
 __all__ = ['EdgeGridAuth', 'EdgeRc']
 
 __title__ = 'edgegrid-python'
-__version__ = '1.3.1'
-__author__ = 'Jonathan Landis <jlandis@akamai.com>'
-__maintainer__ = 'Akamai Developer Experience team <dl-devexp-eng@akamai.com>'
+__version__ = '2.0.0'
 __license__ = 'Apache 2.0'
-__copyright__ = 'Copyright 2021 Akamai Technologies'
-
-# Copyright 2021 Akamai Technologies, Inc. All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+__copyright__ = 'Copyright 2024 Akamai Technologies'

akamai/edgegrid/edgegrid.py

@@ -1,23 +1,5 @@
-# EdgeGrid requests Auth handler
-#
-# Original author: Jonathan Landis <jlandis@akamai.com>
-# Package maintainer: Akamai Developer Experience team <dl-devexp-eng@akamai.com>
-#
-# For more information visit https://developer.akamai.com
-
-# Copyright 2021 Akamai Technologies, Inc. All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# pylint: disable=too-many-arguments,missing-function-docstring
+"""EdgeGrid requests Auth handler"""
 
 import logging
 import uuid
@@ -25,19 +7,13 @@ import hashlib
 import hmac
 import base64
 import re
-import sys
 import os
-from requests.auth import AuthBase
 from time import gmtime, strftime
+from urllib.parse import urlparse
+
+from requests.auth import AuthBase
 
-if sys.version_info[0] >= 3:
-    # python3
-    from urllib.parse import urlparse
-else:
-    # python2.7
-    from urlparse import urlparse
-    import urllib3.contrib.pyopenssl
-    urllib3.contrib.pyopenssl.inject_into_urllib3()
+from .edgerc import EdgeRc
 
 logger = logging.getLogger(__name__)
 
@@ -45,6 +21,7 @@ __all__ = ['EdgeGridAuth']
 
 
 def eg_timestamp():
+    """Generates EdgeGrid compatible timestamp"""
     return strftime('%Y%m%dT%H:%M:%S+0000', gmtime())
 
 
@@ -61,26 +38,84 @@ def base64_hmac_sha256(data, key):
     ).decode('utf8')
 
 
-def get_multipart_body(encoder, size=-1):
-    multipart_body = encoder.read(size)
-    encoder._buffer.seek(0)
-    return multipart_body
+def base64_sha256(data):
+    digest = hashlib.sha256(data).digest()
+    return base64.b64encode(digest).decode('utf8')
 
 
-def base64_sha256(data):
-    if isinstance(data, str):
-        data = data.encode('utf8')
+def read_stream_and_rewind(f, max_read):
+    """Reads up to read_max bytes from a python file object (like _io.BufferedReader)
+    or a MultipartEncoder object, then rewinds the stream.
+
+    The read() method of these objects is decorated by httpie with a side-effect code which
+    prints the body content to stdout when the 'B' option is specified for --print. However,
+    it does not trigger in the pre-request phase when this plugin is executed. Still, after reading
+    we must set the stream position to the beginning to not impact subsequent reads outside
+    the plugin. (We don't assume we can be passed a partially read stream to the plugin.)
+
+    Raises TypeError if read() or seek() is not supported by f or f._buffer. May potentially raise
+    OSError for any failed I/O operation, in particular io.UnsupportedOperation if the stream is
+    not seekable (e.g. is a pipe which we don't expect here as httpie reads pipe contents and
+    sets body as bytes).
+    """
     try:
-        return base64.b64encode(hashlib.sha256(data).digest()).decode('utf8')
-    except TypeError:
-        return base64.b64encode(hashlib.sha256(get_multipart_body(data)).digest()).decode('utf8')
+        res = f.read(max_read)
+    except AttributeError as exc:
+        raise TypeError(f'akamai.edgegrid: unexpected body type: {type(f).__name__}') from exc
 
+    try:
+        f.seek(0)
+    except AttributeError:
+        # a MultipartEncoder
+        try:
+            # During read(), MultipartEncoder lazily loads its upload parts into self._buffer
+            # depending on the requested number of bytes. Then a regular read() on self._buffer
+            # is performed. Therefore, rewinding self._buffer effectively rewinds the whole
+            # MultipartEncoder content.
+            # pylint: disable=protected-access
+            f._buffer.seek(0)
+        except AttributeError as exc:
+            raise TypeError(f'akamai.edgegrid: unexpected body type: {type(f).__name__}') from exc
+    return res
+
+
+def read_body_content(body, max_body):
+    """The body argument may be one of the following:
+    1. bytes object
+    2. str object
+    3. _io.BufferedReader object for body input from file
+    4. requests_toolbelt.MultipartEncoder object for multipart form requests
+    5. httpie.uploads.ChunkedUploadStream object for chunked transfer encoding
+    (when --chunked, currently not supported)
+    May raise TypeError for unexpected input type or OSError for I/O operations.
+    """
+    if isinstance(body, bytes):
+        return body[:max_body]
+    if isinstance(body, str):
+        return body.encode('utf8')[:max_body]
+    return read_stream_and_rewind(body, max_body)
+
+
+def determine_body_len(body):
+    """May raise exception if body appears to be a file (is not a str, bytes or MultipartEncoder)
+    but either:
+    - has no fileno method (TypeError)
+    - raises OSError while trying to calculate the length using the file descriptor"""
+    if isinstance(body, bytes):
+        return len(body)
+    if isinstance(body, str):
+        return len(body.encode('utf8'))
 
-def get_prepared_body_len(prepared_body):
     try:
-        return len(prepared_body)
-    except TypeError:
-        return prepared_body.len
+        # a MultipartEncoder?
+        return body.len
+    except AttributeError:
+        # a file object?
+        try:
+            return os.stat(body.fileno()).st_size
+        except AttributeError as exc:
+            raise TypeError(
+                f'akamai.edgegrid: unexpected body type: {type(body).__name__}') from exc
 
 
 class EdgeGridAuth(AuthBase):
@@ -99,7 +134,7 @@ class EdgeGridAuth(AuthBase):
     """
 
     def __init__(self, client_token, client_secret, access_token,
-                 headers_to_sign=(), max_body=131072):
+                 *, headers_to_sign=(), max_body=131072):
         """Initialize authentication using the given parameters from the Akamai OPEN APIs
            Interface:
 
@@ -112,12 +147,13 @@ class EdgeGridAuth(AuthBase):
             specific APIs. (default 131072)
 
         """
+        # pylint: disable=invalid-name
         self.ah = EdgeGridAuthHeaders(
             client_token,
             client_secret,
             access_token,
-            headers_to_sign,
-            max_body
+            headers_to_sign=headers_to_sign,
+            max_body=max_body
         )
 
     @staticmethod
@@ -131,21 +167,20 @@ class EdgeGridAuth(AuthBase):
             default is 'default')
 
         """
-        from .edgerc import EdgeRc
         if isinstance(rcinput, EdgeRc):
-            rc = rcinput
+            edgerc = rcinput
         else:
-            rc = EdgeRc(rcinput)
+            edgerc = EdgeRc(rcinput)
 
         return EdgeGridAuth(
-            client_token=rc.get(section, 'client_token'),
-            client_secret=rc.get(section, 'client_secret'),
-            access_token=rc.get(section, 'access_token'),
-            headers_to_sign=rc.getlist(section, 'headers_to_sign'),
-            max_body=rc.getint(section, 'max_body')
+            client_token=edgerc.get(section, 'client_token'),
+            client_secret=edgerc.get(section, 'client_secret'),
+            access_token=edgerc.get(section, 'access_token'),
+            headers_to_sign=edgerc.getlist(section, 'headers_to_sign'),
+            max_body=edgerc.getint(section, 'max_body')
         )
 
-    def handle_redirect(self, res, **kwargs):
+    def handle_redirect(self, res, **_):
         if res.is_redirect:
             redirect_location = res.headers['location']
 
@@ -154,34 +189,24 @@ class EdgeGridAuth(AuthBase):
             request_to_sign.url = redirect_location
 
             res.request.headers['Authorization'] = self.ah.make_auth_header(
-                request_to_sign.url,
-                request_to_sign.headers,
-                request_to_sign.method,
-                request_to_sign.body,
-                eg_timestamp(),
-                new_nonce()
-            )
+                request_to_sign, eg_timestamp(), new_nonce())
 
     def __call__(self, r):
         timestamp = eg_timestamp()
         nonce = new_nonce()
 
-        r.headers['Authorization'] = self.ah.make_auth_header(
-            r.url,
-            r.headers,
-            r.method,
-            r.body,
-            timestamp,
-            nonce
-        )
+        r.headers['Authorization'] = self.ah.make_auth_header(r, timestamp, nonce)
         r.register_hook('response', self.handle_redirect)
         return r
 
 
-class EdgeGridAuthHeaders():
-
+class EdgeGridAuthHeaders:
+    """
+        A class for preparing requests authentication headers needed for
+        Akamai {OPEN} EdgeGrid support.
+    """
     def __init__(self, client_token, client_secret, access_token,
-                 headers_to_sign=(), max_body=131072):
+                 *, headers_to_sign=(), max_body=131072):
         self.client_token = client_token
         self.client_secret = client_secret
         self.access_token = access_token
@@ -197,38 +222,36 @@ class EdgeGridAuthHeaders():
         spaces_re = re.compile('\\s+')
 
         # note: r.headers is a case-insensitive dict and self.headers_to_sign
-        # should already be lowercased at this point
+        # should already be in lowercase at this point
+        # pylint: disable=consider-using-f-string
         return '\t'.join([
             "%s:%s" % (h, spaces_re.sub(' ', headers[h].strip()))
             for h in self.headers_to_sign if h in headers
         ])
 
     def make_content_hash(self, body, method):
+        logger.debug("body is '%s'", body)
         content_hash = ""
-        prepared_body = body
-        logger.debug("body is '%s'", prepared_body)
-
-        if method == 'POST' and get_prepared_body_len(prepared_body) > 0:
-            logger.debug("signing content: %s", prepared_body)
-            if get_prepared_body_len(prepared_body) > self.max_body:
-                logger.debug(
-                    "data length %d is larger than maximum %d",
-                    get_prepared_body_len(prepared_body), self.max_body
-                )
+        if method == 'POST':
+            buf = read_body_content(body, self.max_body)
+            if buf:
+                logger.debug("signing content: %s", buf)
+                content_hash = base64_sha256(buf)
                 try:
-                    prepared_body = prepared_body[0:self.max_body]
-                except TypeError:
-                    prepared_body = get_multipart_body(prepared_body, self.max_body)
-                logger.debug(
-                    "data truncated to %d for computing the hash",
-                    get_prepared_body_len(prepared_body))
-
-            content_hash = base64_sha256(prepared_body)
-
+                    body_len = determine_body_len(body)
+                    if body_len > self.max_body:
+                        logger.debug(
+                            "data length %d is larger than maximum %d "
+                            "and will be truncated for computing the hash",
+                            body_len, self.max_body)
+                except (TypeError, OSError) as e:
+                    # body length is needed only for debugging: just log a possible exception
+                    logger.warning("cannot determine length of request body=%s: %s", body, e)
         logger.debug("content hash is '%s'", content_hash)
         return content_hash
 
-    def get_header_versions(self, header=None):
+    @staticmethod
+    def get_header_versions(header=None):
         if header is None:
             header = {}
 
@@ -242,7 +265,7 @@ class EdgeGridAuthHeaders():
         akamai_cli_command_version = os.getenv('AKAMAI_CLI_COMMAND_VERSION')
         if akamai_cli_command and akamai_cli_command_version:
             version_header += " AkamaiCLI-" + akamai_cli_command + \
-                "/" + akamai_cli_command_version
+                              "/" + akamai_cli_command_version
 
         if version_header != '':
             if 'User-Agent' not in header:
@@ -252,37 +275,37 @@ class EdgeGridAuthHeaders():
 
         return header
 
-    def make_data_to_sign(self, url, headers, auth_header, method, body):
-        parsed_url = urlparse(url)
+    def make_data_to_sign(self, request, auth_header):
+        parsed_url = urlparse(request.url)
 
-        if headers.get('Host', False):
-            netloc = headers['Host']
+        if request.headers.get('Host', False):
+            netloc = request.headers['Host']
         else:
             netloc = parsed_url.netloc
 
-        self.get_header_versions(headers)
+        self.get_header_versions(request.headers)
 
         data_to_sign = '\t'.join([
-            method,
+            request.method,
             parsed_url.scheme,
             netloc,
             # Note: relative URL constraints are handled by requests when it sets up 'r'
             parsed_url.path + (';' + parsed_url.params if parsed_url.params else "") +
             ('?' + parsed_url.query if parsed_url.query else ""),
-            self.canonicalize_headers(headers),
-            self.make_content_hash(body or '', method),
+            self.canonicalize_headers(request.headers),
+            self.make_content_hash(request.body or '', request.method),
             auth_header
         ])
         logger.debug('data to sign: %s', '\\t'.join(data_to_sign.split('\t')))
         return data_to_sign
 
-    def sign_request(self, url, headers, method, body, timestamp, auth_header):
+    def sign_request(self, request, timestamp, auth_header):
         return base64_hmac_sha256(
-            self.make_data_to_sign(url, headers, auth_header, method, body),
+            self.make_data_to_sign(request, auth_header),
             self.make_signing_key(timestamp)
         )
 
-    def make_auth_header(self, url, headers, method, body, timestamp, nonce):
+    def make_auth_header(self, request, timestamp, nonce):
         kvps = [
             ('client_token', self.client_token),
             ('access_token', self.access_token),
@@ -290,11 +313,11 @@ class EdgeGridAuthHeaders():
             ('nonce', nonce),
         ]
         auth_header = "EG1-HMAC-SHA256 " + \
-            ';'.join(["%s=%s" % kvp for kvp in kvps]) + ';'
+            ';'.join([f"{k}={v}" for k, v in kvps]) + ';'
         logger.debug('unsigned authorization header: %s', auth_header)
 
         signed_auth_header = auth_header + \
-            'signature=' + self.sign_request(url, headers, method, body, timestamp, auth_header)
+            'signature=' + self.sign_request(request, timestamp, auth_header)
 
         logger.debug('signed authorization header: %s', signed_auth_header)
         return signed_auth_header

akamai/edgegrid/edgerc.py

@@ -1,35 +1,14 @@
-# support for .edgerc file format
-#
-# Copyright 2021 Akamai Technologies, Inc. All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+"""Support for .edgerc file format"""
 
 import logging
-import sys
+from configparser import ConfigParser
 from os.path import expanduser
 
-if sys.version_info[0] >= 3:
-    # python3
-    from configparser import ConfigParser
-else:
-    # python2.7
-    from ConfigParser import ConfigParser
-
-
 logger = logging.getLogger(__name__)
 
 
 class EdgeRc(ConfigParser):
+    """Class for managing .edgerc files"""
     def __init__(self, filename):
         ConfigParser.__init__(self,
                               {'client_token': '',
@@ -50,11 +29,9 @@ class EdgeRc(ConfigParser):
 
     def getlist(self, section, option):
         """
-            returns the named option as a list, splitting the original value
-            by ','
+            returns the named option as a list, splitting the original value by ','
         """
         value = self.get(section, option)
         if value:
             return value.split(',')
-        else:
-            return None
+        return None

akamai/edgegrid/test/conftest.py

@@ -0,0 +1,44 @@
+# pylint: disable=missing-function-docstring
+"""Unit tests helpers"""
+
+import json
+import os
+import pytest
+
+test_dir = os.path.abspath(os.path.dirname(__file__))
+
+
+def cases():
+    with open(f'{test_dir}/testcases.json', encoding="utf-8") as data:
+        data = json.load(data)
+    return data
+
+
+@pytest.fixture(scope="package")
+def testdata():
+    with open(f'{test_dir}/testdata.json', encoding="utf-8") as data:
+        data = json.load(data)
+    return data
+
+
+def names(tests):
+    result = []
+    for test in tests:
+        result.append(test["testName"])
+    return result
+
+
+@pytest.fixture
+def multipart_fields():
+    with open(f'{test_dir}/sample_file.txt', "rb") as f:
+        result = {
+            "foo": "bar",
+            "baz": ("sample_file.txt", f),
+        }
+        yield result
+
+
+@pytest.fixture
+def sample_file():
+    with open(f'{test_dir}/sample_file.txt', "rb") as f:
+        yield f

akamai/edgegrid/test/edgerc_that_doesnt_parse

@@ -1,4 +1,4 @@
 [default]
 client_token = xxxx-xxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx
 access_token = xxxx-xxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx
-max_body = 131072
+max_body = xx131072