diff options
author | lin-hua-cheng <os.lcheng@gmail.com> | 2016-01-13 13:03:51 -0800 |
---|---|---|
committer | lin-hua-cheng <os.lcheng@gmail.com> | 2016-01-13 13:03:51 -0800 |
commit | 77ed0d4d0c3413b15aa348613b8b40373bd5765b (patch) | |
tree | 01e67a56791a4575eb28ee25de46cd6111035bde /keystoneclient/contrib | |
parent | 7327067f98f5e118790817f7c81e444c7fe7c25b (diff) | |
download | python-keystoneclient-77ed0d4d0c3413b15aa348613b8b40373bd5765b.tar.gz |
Address hacking check H405
Previously, there were a string of commits to keystone that addresed ignored
hacking checks. This commit does the same for H405 in keystoneclient. This
also modifies our tox.ini so that we no longer ignore H405 violations.
Change-Id: I2af152e5425a0e9c82314039fdbb90d661c22680
Closes-Bug: 1482773
Diffstat (limited to 'keystoneclient/contrib')
-rw-r--r-- | keystoneclient/contrib/ec2/utils.py | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/keystoneclient/contrib/ec2/utils.py b/keystoneclient/contrib/ec2/utils.py index 95e4bb1..ed7ec28 100644 --- a/keystoneclient/contrib/ec2/utils.py +++ b/keystoneclient/contrib/ec2/utils.py @@ -28,8 +28,10 @@ from keystoneclient.i18n import _ class Ec2Signer(object): - """Utility class which allows a request to be signed with an AWS style - signature, which can then be used for authentication via the keystone ec2 + """Utility class for EC2 signing of request. + + This allows a request to be signed with an AWS style signature, + which can then be used for authentication via the keystone ec2 authentication extension. """ @@ -40,8 +42,10 @@ class Ec2Signer(object): self.hmac_256 = hmac.new(self.secret_key, digestmod=hashlib.sha256) def _v4_creds(self, credentials): - """Detect if the credentials are for a v4 signed request, since AWS - removed the SignatureVersion field from the v4 request spec... + """Detect if the credentials are for a v4 signed request. + + Check is needed since AWS removed the SignatureVersion field from + the v4 request spec... This expects a dict of the request headers to be passed in the credentials dict, since the recommended way to pass v4 creds is @@ -126,8 +130,9 @@ class Ec2Signer(object): @staticmethod def _canonical_qs(params): - """Construct a sorted, correctly encoded query string as required for - _calc_signature_2 and _calc_signature_4. + """Construct a sorted, correctly encoded query string. + + This is required for _calc_signature_2 and _calc_signature_4. """ keys = list(params) keys.sort() @@ -162,8 +167,9 @@ class Ec2Signer(object): hashlib.sha256).digest() def signature_key(datestamp, region_name, service_name): - """Signature key derivation, see - http://docs.aws.amazon.com/general/latest/gr/ + """Signature key derivation. + + See http://docs.aws.amazon.com/general/latest/gr/ signature-v4-examples.html#signature-v4-examples-python """ k_date = sign(self._get_utf8_value(b"AWS4" + self.secret_key), @@ -189,8 +195,9 @@ class Ec2Signer(object): return param_str def date_param(): - """Get the X-Amz-Date' value, which can be either a header - or parameter. + """Get the X-Amz-Date' value. + + The value can be either a header or parameter. Note AWS supports parsing the Date header also, but this is not currently supported here as it will require some format mangling |