Improve AWS auth example script

stormsherpa · Aug 12, 2024 · c615e05 · c615e05
1 parent 50abc51
commit c615e05
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 11 deletions.
diff --git a/aws_identity_example.py b/aws_identity_example.py
@@ -1,18 +1,28 @@
 import os
-import requests
+import sys
 import json
 
 from datetime import datetime
-from urllib import request
+from urllib import request, error
+import requests
 
+import boto3
 # aws-v4-signature==2.0
 from awsv4sign import generate_http11_header
 
 service = 'sts'
 region = 'us-west-2'
-access_key = os.environ.get('AWS_ACCESS_KEY_ID', '')
-secret_key = os.environ.get('AWS_SECRET_ACCESS_KEY', '')
-session_token = os.environ.get('AWS_SESSION_TOKEN', '')
+
+session = boto3.Session()
+creds = session.get_credentials()
+access_key = creds.access_key
+secret_key = creds.secret_key
+session_token = creds.token
+
+print(f"access_key: {access_key[:10]}<redacted...>")
+print(f"secret_key: {secret_key[:10]}<redacted...>")
+print(f"session_token: {session_token[:20]}<redacted...>")
+print(f"profile: {os.environ.get('AWS_PROFILE')}")
 
 url = 'https://sts.{region}.amazonaws.com/'.format(region=region)
 httpMethod = 'post'
@@ -24,7 +34,7 @@
 if session_token:
     canonicalHeaders['x-amz-security-token'] = session_token
 
-payload_str = "Action=GetCallerIdentity&Version=2011-06-15&"
+payload_str = "Action=GetCallerIdentity&Version=2011-06-15"
 
 headers = generate_http11_header(
     service, region, access_key, secret_key,
@@ -38,15 +48,21 @@
     "post_body": payload_str,
     "headers_json": json.dumps(headers),
 }
-
+print(payload_str)
 print(json.dumps(headers, indent=4))
 
-# req = request.Request("https://sts.us-west-2.amazonaws.com/", data=payload_str.encode('utf-8'), headers=headers, method='POST')
-# response = request.urlopen(req)
+req = request.Request("https://sts.us-west-2.amazonaws.com/", data=payload_str.encode('utf-8'), headers=headers, method='POST')
+try:
+    response = request.urlopen(req)
+    print(f"Local request test result: {response.read()}")
+except error.HTTPError as e:
+    print(f"HTTPError: {e}: {e.fp.read()}")
+    sys.exit(1)
+
+print("Attempting access_token grant request with same signed request:\n")
 
 token_response = requests.post("http://localhost:8000/oauth2/access_token",
                                data=token_request_args)
-
 token_info = token_response.json()
 
 print(token_info)
diff --git a/docs/getting_started.rst b/docs/getting_started.rst
@@ -35,7 +35,7 @@ Add :attr:`provider.oauth2.urls` to your root ``urls.py`` file.
 
 ::
 
-    url(r'^oauth2/', include('provider.oauth2.urls', namespace = 'oauth2')),
+    path('oauth2/', include(('provider.oauth2.urls', 'oauth2'))),
     
     
 .. note:: The namespace argument is required.
-Original file line number
+Diff line change
@@ Expand Up @@
     ::
-        url(r'^oauth2/', include('provider.oauth2.urls', namespace = 'oauth2')),
+        path('oauth2/', include(('provider.oauth2.urls', 'oauth2'))),
     .. note:: The namespace argument is required.
@@ Expand Down @@