diff options
| author | Josh Gachnang <josh@pcsforeducation.com> | 2014-06-25 13:28:42 -0700 |
|---|---|---|
| committer | Josh Gachnang <josh@pcsforeducation.com> | 2014-07-11 13:05:22 -0700 |
| commit | def0e0a6435deee5c55b7859e1b132590ea0860c (patch) | |
| tree | b4c458bab09104a47925edde2d794e6a5ebc48ea /swiftclient/utils.py | |
| parent | 3d0de79e26e2aa6285742c60aca3c164e9c2fbb9 (diff) | |
| download | python-swiftclient-def0e0a6435deee5c55b7859e1b132590ea0860c.tar.gz | |
Adding Swift Temporary URL support
Temporary URLs allow a user to sign an object URL with a shared
secret to so that the object can be downloaded without auth for
a specified amount of time.
http://docs.openstack.org/trunk/config-reference/content/object-storage-tempurl.html
Change-Id: Ife0b6c98c975e074d4dad0a31145573b784747c5
Diffstat (limited to 'swiftclient/utils.py')
| -rw-r--r-- | swiftclient/utils.py | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/swiftclient/utils.py b/swiftclient/utils.py index 058181d..0f442b3 100644 --- a/swiftclient/utils.py +++ b/swiftclient/utils.py @@ -13,6 +13,10 @@ # See the License for the specific language governing permissions and # limitations under the License. """Miscellaneous utility functions for use with Swift.""" +import hashlib +import hmac +import logging +import time import six @@ -59,6 +63,51 @@ def prt_bytes(bytes, human_flag): return(bytes) +def generate_temp_url(path, seconds, key, method): + """ Generates a temporary URL that gives unauthenticated access to the + Swift object. + + :param path: The full path to the Swift object. Example: + /v1/AUTH_account/c/o. + :param seconds: The amount of time in seconds the temporary URL will + be valid for. + :param key: The secret temporary URL key set on the Swift cluster. + To set a key, run 'swift post -m + "Temp-URL-Key:b3968d0207b54ece87cccc06515a89d4"' + :param method: A HTTP method, typically either GET or PUT, to allow for + this temporary URL. + :raises: ValueError if seconds is not a positive integer + :raises: TypeError if seconds is not an integer + :return: the path portion of a temporary URL + """ + if seconds < 0: + raise ValueError('seconds must be a positive integer') + try: + expiration = int(time.time() + seconds) + except TypeError: + raise TypeError('seconds must be an integer') + + standard_methods = ['GET', 'PUT', 'HEAD', 'POST', 'DELETE'] + if method.upper() not in standard_methods: + logger = logging.getLogger("swiftclient") + logger.warning('Non default HTTP method %s for tempurl specified, ' + 'possibly an error', method.upper()) + + hmac_body = '\n'.join([method.upper(), str(expiration), path]) + + # Encode to UTF-8 for py3 compatibility + sig = hmac.new(key.encode(), + hmac_body.encode(), + hashlib.sha1).hexdigest() + + return ('{path}?temp_url_sig=' + '{sig}&temp_url_expires={exp}'.format( + path=path, + sig=sig, + exp=expiration) + ) + + class LengthWrapper(object): def __init__(self, readable, length): |