|
import base64 |
|
import hmac |
|
import json |
|
import time |
|
from hashlib import sha1 |
|
from urllib.parse import quote |
|
import random |
|
import requests |
|
|
|
|
|
class Sign(object): |
|
FORMAT_ISO_8601 = "%Y-%m-%dT%H:%M:%SZ" |
|
APIVERSION = '2015-04-01' |
|
|
|
def __init__(self, ak: str, secret: str, params: dict, method: str): |
|
''' |
|
:param ak: Access id |
|
:param secret: Access secret |
|
:param params: request params |
|
:param method: http method |
|
:param region: aliyun region https://help.aliyun.com/document_detail/40654.html |
|
''' |
|
self._ak = ak |
|
self._secret = "{secret}&".format(secret=secret) |
|
self._method = method |
|
self.params = { |
|
"Format": "JSON", |
|
"Version": self.APIVERSION, # replace |
|
"AccessKeyId": self._ak, |
|
"SignatureMethod": "HMAC-SHA1", |
|
"Timestamp": self.__get_iso_8061_date(), |
|
"SignatureVersion": "1.0", |
|
"SignatureNonce": random.random() |
|
} |
|
self.params.update(params) |
|
self.__sign() |
|
|
|
def __get_iso_8061_date(self): |
|
# from Aliyun Core Sdk utils parameter_helper.py |
|
return time.strftime(self.FORMAT_ISO_8601, time.gmtime()) |
|
|
|
@staticmethod |
|
def __percent_encode(string): |
|
# from Aliyun Core Sdk utils parameter_helper.py |
|
res = quote(string.encode('utf8'), '') |
|
res = res.replace('+', '%20') |
|
res = res.replace('*', '%2A') |
|
res = res.replace('%7E', '~') |
|
return res |
|
|
|
def __str_to_sign(self): |
|
''' |
|
https://yq.aliyun.com/articles/79060 |
|
https://help.aliyun.com/document_detail/25492.html |
|
:return: |
|
''' |
|
params_s = sorted(self.params.items(), key=lambda x: x[0]) |
|
args_list = [] |
|
for i in params_s: |
|
key, value = i |
|
if key == "Timestamp" or key == "RoleArn": |
|
value = self.__percent_encode(value) |
|
args_list.append("{key}={value}".format(key=key, value=value)) |
|
stand_str = "&".join(args_list) |
|
uri_encode = self.__percent_encode("/") |
|
args_encode = self.__percent_encode(stand_str) |
|
url_encode = "{method}&{uri}&{args}".format(method=self._method, uri=uri_encode, args=args_encode) |
|
return url_encode |
|
|
|
def __sign(self): |
|
''' |
|
sha1hmac encrypt |
|
:return: |
|
''' |
|
signstr = hmac.new(bytearray(self._secret, 'utf8'), bytearray(self.__str_to_sign(), 'utf8'), |
|
sha1).digest() |
|
signbase64 = base64.b64encode(signstr).decode().strip() |
|
self.params['Signature'] = signbase64 |
|
return self.params |
|
|
|
|
|
if __name__ == '__main__': |
|
params = {"Action": "AssumeRole", |
|
"RoleArn":"", # replace |
|
"RoleSessionName":"", # random string |
|
"policy": "", |
|
"DurationSeconds":"3600" |
|
|
|
} |
|
|
|
s = Sign(ak="", secret="", |
|
params=params, |
|
method="GET") # replace ak and secret |
|
|
|
resp = requests.get("https://sts.aliyuncs.com", params=s.params) |
|
print(json.dumps(resp.json(),indent=4)) |