diff options
Diffstat (limited to 'boto/provider.py')
| -rw-r--r-- | boto/provider.py | 73 |
1 files changed, 64 insertions, 9 deletions
diff --git a/boto/provider.py b/boto/provider.py index 2febdc99..8b1a7df6 100644 --- a/boto/provider.py +++ b/boto/provider.py @@ -31,6 +31,8 @@ from datetime import datetime import boto from boto import config +from boto.compat import expanduser +from boto.pyami.config import Config from boto.gs.acl import ACL from boto.gs.acl import CannedACLStrings as CannedGSACLStrings from boto.s3.acl import CannedACLStrings as CannedS3ACLStrings @@ -66,13 +68,16 @@ STORAGE_PERMISSIONS_ERROR = 'StoragePermissionsError' STORAGE_RESPONSE_ERROR = 'StorageResponseError' +class ProfileNotFoundError(ValueError): pass + + class Provider(object): CredentialMap = { 'aws': ('aws_access_key_id', 'aws_secret_access_key', - 'aws_security_token'), + 'aws_security_token', 'aws_profile'), 'google': ('gs_access_key_id', 'gs_secret_access_key', - None), + None, None), } AclClassMap = { @@ -182,9 +187,17 @@ class Provider(object): self.acl_class = self.AclClassMap[self.name] self.canned_acls = self.CannedAclsMap[self.name] self._credential_expiry_time = None + + # Load shared credentials file if it exists + shared_path = os.path.join(expanduser('~'), '.aws', 'credentials') + self.shared_credentials = Config(do_load=False) + if os.path.exists(shared_path): + self.shared_credentials.load_from_path(shared_path) + self.get_credentials(access_key, secret_key, security_token, profile_name) self.configure_headers() self.configure_errors() + # Allow config file to override default host and port. host_opt_name = '%s_host' % self.HostKeyMap[self.name] if config.has_option('Credentials', host_opt_name): @@ -247,16 +260,39 @@ class Provider(object): def get_credentials(self, access_key=None, secret_key=None, security_token=None, profile_name=None): - access_key_name, secret_key_name, security_token_name = self.CredentialMap[self.name] + access_key_name, secret_key_name, security_token_name, \ + profile_name_name = self.CredentialMap[self.name] + + # Load profile from shared environment variable if it was not + # already passed in and the environment variable exists + if profile_name is None and profile_name_name.upper() in os.environ: + profile_name = os.environ[profile_name_name.upper()] + + shared = self.shared_credentials + if access_key is not None: self.access_key = access_key boto.log.debug("Using access key provided by client.") elif access_key_name.upper() in os.environ: self.access_key = os.environ[access_key_name.upper()] boto.log.debug("Using access key found in environment variable.") - elif config.has_option("profile %s" % profile_name, access_key_name): - self.access_key = config.get("profile %s" % profile_name, access_key_name) - boto.log.debug("Using access key found in config file: profile %s." % profile_name) + elif profile_name is not None: + if shared.has_option(profile_name, access_key_name): + self.access_key = shared.get(profile_name, access_key_name) + boto.log.debug("Using access key found in shared credential " + "file for profile %s." % profile_name) + elif config.has_option("profile %s" % profile_name, + access_key_name): + self.access_key = config.get("profile %s" % profile_name, + access_key_name) + boto.log.debug("Using access key found in config file: " + "profile %s." % profile_name) + else: + raise ProfileNotFoundError('Profile "%s" not found!' % + profile_name) + elif shared.has_option('default', access_key_name): + self.access_key = shared.get('default', access_key_name) + boto.log.debug("Using access key found in shared credential file.") elif config.has_option('Credentials', access_key_name): self.access_key = config.get('Credentials', access_key_name) boto.log.debug("Using access key found in config file.") @@ -267,9 +303,22 @@ class Provider(object): elif secret_key_name.upper() in os.environ: self.secret_key = os.environ[secret_key_name.upper()] boto.log.debug("Using secret key found in environment variable.") - elif config.has_option("profile %s" % profile_name, secret_key_name): - self.secret_key = config.get("profile %s" % profile_name, secret_key_name) - boto.log.debug("Using secret key found in config file: profile %s." % profile_name) + elif profile_name is not None: + if shared.has_option(profile_name, secret_key_name): + self.secret_key = shared.get(profile_name, secret_key_name) + boto.log.debug("Using secret key found in shared credential " + "file for profile %s." % profile_name) + elif config.has_option("profile %s" % profile_name, secret_key_name): + self.secret_key = config.get("profile %s" % profile_name, + secret_key_name) + boto.log.debug("Using secret key found in config file: " + "profile %s." % profile_name) + else: + raise ProfileNotFoundError('Profile "%s" not found!' % + profile_name) + elif shared.has_option('default', secret_key_name): + self.secret_key = shared.get('default', secret_key_name) + boto.log.debug("Using secret key found in shared credential file.") elif config.has_option('Credentials', secret_key_name): self.secret_key = config.get('Credentials', secret_key_name) boto.log.debug("Using secret key found in config file.") @@ -299,6 +348,12 @@ class Provider(object): self.security_token = os.environ[security_token_name.upper()] boto.log.debug("Using security token found in environment" " variable.") + elif shared.has_option(profile_name or 'default', + security_token_name): + self.security_token = shared.get(profile_name or 'default', + security_token_name) + boto.log.debug("Using security token found in shared " + "credential file.") elif config.has_option('Credentials', security_token_name): self.security_token = config.get('Credentials', security_token_name) |