Merge pull request #2627 from kyleknap/sigv4-sts

STS now signs using sigv4.
author: Kyle Knapp <kyleknap@amazon.com> 2014-09-19 13:10:30 -0700
committer: Kyle Knapp <kyleknap@amazon.com> 2014-09-19 13:10:30 -0700
commit: 36b247f9ba8830e081b9998502317a4c693f537e (patch)
tree: e5f4a4d494f9b4a3e76c9becde11ae52dd32c6ce
parent: fa3a39ed4344e077dd88b1e441082e7a15c78cbd (diff)
parent: f8d200e81e315f4bd665299d4e1a6862d74fbb48 (diff)
download: boto-36b247f9ba8830e081b9998502317a4c693f537e.tar.gz
2 files changed, 5 insertions, 17 deletions
diff --git a/boto/sts/connection.py b/boto/sts/connection.py
index 59526222..e02f0f1e 100644
--- a/boto/sts/connection.py
+++ b/boto/sts/connection.py
@@ -92,7 +92,7 @@ class STSConnection(AWSQueryConnection):
         if self.anon:
             return ['pure-query']
         else:
-            return ['sign-v2']
+            return ['hmac-v4']
 
     def _check_token_cache(self, token_key, duration=None, window_seconds=60):
         token = _session_token_cache.get(token_key, None)
diff --git a/tests/unit/sts/test_connection.py b/tests/unit/sts/test_connection.py
index 9bf70304..dd97c770 100644
--- a/tests/unit/sts/test_connection.py
+++ b/tests/unit/sts/test_connection.py
@@ -72,9 +72,7 @@ class TestSTSConnection(AWSMockServiceTestCase):
             {'Action': 'AssumeRole',
              'RoleArn': 'arn:role',
              'RoleSessionName': 'mysession'},
-            ignore_params_values=['Timestamp', 'AWSAccessKeyId',
-                                  'SignatureMethod', 'SignatureVersion',
-                                  'Version'])
+            ignore_params_values=['Version'])
         self.assertEqual(response.credentials.access_key, 'accesskey')
         self.assertEqual(response.credentials.secret_key, 'secretkey')
         self.assertEqual(response.credentials.session_token, 'session_token')
@@ -95,9 +93,7 @@ class TestSTSConnection(AWSMockServiceTestCase):
              'RoleSessionName': 'mysession',
              'SerialNumber': 'GAHT12345678',
              'TokenCode': 'abc123'},
-            ignore_params_values=['Timestamp', 'AWSAccessKeyId',
-                                  'SignatureMethod', 'SignatureVersion',
-                                  'Version'])
+            ignore_params_values=['Version'])
         self.assertEqual(response.credentials.access_key, 'accesskey')
         self.assertEqual(response.credentials.secret_key, 'secretkey')
         self.assertEqual(response.credentials.session_token, 'session_token')
@@ -160,16 +156,12 @@ class TestSTSWebIdentityConnection(AWSMockServiceTestCase):
         )
         self.assert_request_parameters({
           'RoleSessionName': 'guestuser',
-          'AWSAccessKeyId': 'aws_access_key_id',
           'RoleArn': arn,
           'WebIdentityToken': wit,
           'ProviderId': 'www.amazon.com',
           'Action': 'AssumeRoleWithWebIdentity'
         }, ignore_params_values=[
-          'SignatureMethod',
-          'Timestamp',
-          'SignatureVersion',
-          'Version',
+          'Version'
         ])
         self.assertEqual(
           response.credentials.access_key.strip(),
@@ -239,11 +231,7 @@ class TestSTSSAMLConnection(AWSMockServiceTestCase):
           'SAMLAssertion': assertion,
           'Action': 'AssumeRoleWithSAML'
         }, ignore_params_values=[
-          'AWSAccessKeyId',
-          'SignatureMethod',
-          'Timestamp',
-          'SignatureVersion',
-          'Version',
+          'Version'
         ])
         self.assertEqual(response.credentials.access_key, 'accesskey')
         self.assertEqual(response.credentials.secret_key, 'secretkey')
author	Kyle Knapp <kyleknap@amazon.com>	2014-09-19 13:10:30 -0700
committer	Kyle Knapp <kyleknap@amazon.com>	2014-09-19 13:10:30 -0700
commit	36b247f9ba8830e081b9998502317a4c693f537e (patch)
tree	e5f4a4d494f9b4a3e76c9becde11ae52dd32c6ce
parent	fa3a39ed4344e077dd88b1e441082e7a15c78cbd (diff)
parent	f8d200e81e315f4bd665299d4e1a6862d74fbb48 (diff)
download	boto-36b247f9ba8830e081b9998502317a4c693f537e.tar.gz