Created
December 19, 2016 23:59
-
-
Save mpontillo/b241012e69881357468b737bc9d329fc to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is an example of how to do an OAuth1 request manually, such as when a deploying MAAS node hits the metadata server. | |
| # Grab the TFTP config for the deploying/commissioning machine. | |
| # curl tftp://localhost/pxelinux.cfg/01-52-54-00-0a-25-ac | |
| APPEND nomodeset ... cloud-config-url=http://172.16.99.2:5240/MAAS/metadata/latest/by-id/nrwbgy/?op=get_preseed ... | |
| # Grab the cloud-config for the machine. | |
| # curl http://172.16.99.2:5240/MAAS/metadata/latest/by-id/nrwbgy/?op=get_preseed | |
| ... | |
| reporting: | |
| maas: {consumer_key: wAV38gKN2rZKh9QHtX, endpoint: 'http://172.16.99.2:5240/MAAS/metadata/status/nrwbgy', | |
| token_key: GKgqt9xJwDbAXwk7uX, token_secret: nzGPjpEnA9HTfGTezwy2w2DV4SEuu6rR, | |
| type: webhook} | |
| ... | |
| # Given this information, we can use the Python OAuth client to sign a request to the given URL. | |
| # python3 | |
| >>> import oauthlib.oauth1 as oauth1 | |
| >>> import time | |
| # Here we construct the OAuth client, using the consumer_key, resource_owner_key as token_key, and token_secret as resource_owner_secret. | |
| >>> client = oauth1.Client('wAV38gKN2rZKh9QHtX', client_secret='', resource_owner_key='GKgqt9xJwDbAXwk7uX', resource_owner_secret='nzGPjpEnA9HTfGTezwy2w2DV4SEuu6rR', signature_method=oauth1.SIGNATURE_PLAINTEXT, timestamp=str(int(time.time()))) | |
| # This is a test signature. The test shows that sign() returned a tuple of (url, headers). | |
| >>> client.sign('http://172.16.99.2:5240/MAAS/metadata/status/nrwbgy') | |
| ('http://172.16.99.2:5240/MAAS/metadata/status/nrwbgy', {'Authorization': 'OAuth oauth_nonce="141629090311439480731482190563", oauth_timestamp="1482190509", oauth_version="1.0", oauth_signature_method="PLAINTEXT", oauth_consumer_key="wAV38gKN2rZKh9QHtX", oauth_token="GKgqt9xJwDbAXwk7uX", oauth_signature="%26nzGPjpEnA9HTfGTezwy2w2DV4SEuu6rR"'}, None) | |
| # This line of code will format the OAuth key so we can use it as an HTTP header. | |
| >>> for k, v in client.sign('http://172.16.99.2:5240/MAAS/metadata/status/nrwbgy')[1].items(): print("%s: %s" % (k, v)) | |
| ... | |
| Authorization: OAuth oauth_nonce="94760624936955683481482190759", oauth_timestamp="1482190509", oauth_version="1.0", oauth_signature_method="PLAINTEXT", oauth_consumer_key="wAV38gKN2rZKh9QHtX", oauth_token="GKgqt9xJwDbAXwk7uX", oauth_signature="%26nzGPjpEnA9HTfGTezwy2w2DV4SEuu6rR" | |
| # We're done. Use the -H parameter to pass in the Authorization header (in single-quotes). | |
| # curl -H 'Authorization: OAuth oauth_nonce="94760624936955683481482190759", oauth_timestamp="1482190509", oauth_version="1.0", oauth_signature_method="PLAINTEXT", oauth_consumer_key="wAV38gKN2rZKh9QHtX", oauth_token="GKgqt9xJwDbAXwk7uX", oauth_signature="%26nzGPjpEnA9HTfGTezwy2w2DV4SEuu6rR"' http://172.16.99.2:5240/MAAS/metadata/status/nrwbgy | |
| # Note that the signature has to be regenerated for every request, both to get a new nonce and to update the timestamp! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment