PNG  IHDRX cHRMz&u0`:pQ<bKGD pHYsodtIME MeqIDATxw]Wug^Qd˶ 6`!N:!@xI~)%7%@Bh&`lnjVF29gΨ4E$|>cɚ{gk= %,a KX%,a KX%,a KX%,a KX%,a KX%,a KX%, b` ǟzeאfp]<!SJmɤY޲ڿ,%c ~ع9VH.!Ͳz&QynֺTkRR.BLHi٪:l;@(!MԴ=žI,:o&N'Kù\vRmJ雵֫AWic H@" !: Cé||]k-Ha oݜ:y F())u]aG7*JV@J415p=sZH!=!DRʯvɱh~V\}v/GKY$n]"X"}t@ xS76^[bw4dsce)2dU0 CkMa-U5tvLƀ~mlMwfGE/-]7XAƟ`׮g ewxwC4\[~7@O-Q( a*XGƒ{ ՟}$_y3tĐƤatgvێi|K=uVyrŲlLӪuܿzwk$m87k( `múcE)"@rK( z4$D; 2kW=Xb$V[Ru819קR~qloѱDyįݎ*mxw]y5e4K@ЃI0A D@"BDk_)N\8͜9dz"fK0zɿvM /.:2O{ Nb=M=7>??Zuo32 DLD@D| &+֎C #B8ַ`bOb $D#ͮҪtx]%`ES`Ru[=¾!@Od37LJ0!OIR4m]GZRJu$‡c=%~s@6SKy?CeIh:[vR@Lh | (BhAMy=݃  G"'wzn޺~8ԽSh ~T*A:xR[ܹ?X[uKL_=fDȊ؂p0}7=D$Ekq!/t.*2ʼnDbŞ}DijYaȲ(""6HA;:LzxQ‘(SQQ}*PL*fc\s `/d'QXW, e`#kPGZuŞuO{{wm[&NBTiiI0bukcA9<4@SӊH*؎4U/'2U5.(9JuDfrޱtycU%j(:RUbArLֺN)udA':uGQN"-"Is.*+k@ `Ojs@yU/ H:l;@yyTn}_yw!VkRJ4P)~y#)r,D =ě"Q]ci'%HI4ZL0"MJy 8A{ aN<8D"1#IJi >XjX֔#@>-{vN!8tRݻ^)N_╗FJEk]CT՟ YP:_|H1@ CBk]yKYp|og?*dGvzنzӴzjֺNkC~AbZƷ`.H)=!QͷVTT(| u78y֮}|[8-Vjp%2JPk[}ԉaH8Wpqhwr:vWª<}l77_~{s۴V+RCģ%WRZ\AqHifɤL36: #F:p]Bq/z{0CU6ݳEv_^k7'>sq*+kH%a`0ԣisqにtү04gVgW΂iJiS'3w.w}l6MC2uԯ|>JF5`fV5m`Y**Db1FKNttu]4ccsQNnex/87+}xaUW9y>ͯ骵G{䩓Գ3+vU}~jJ.NFRD7<aJDB1#ҳgSb,+CS?/ VG J?|?,2#M9}B)MiE+G`-wo߫V`fio(}S^4e~V4bHOYb"b#E)dda:'?}׮4繏`{7Z"uny-?ǹ;0MKx{:_pÚmFמ:F " .LFQLG)Q8qN q¯¯3wOvxDb\. BKD9_NN &L:4D{mm o^tֽ:q!ƥ}K+<"m78N< ywsard5+Š²z~mnG)=}lYݧNj'QJS{S :UYS-952?&O-:W}(!6Mk4+>A>j+i|<<|;ر^߉=HE|V#F)Emm#}/"y GII웻Jі94+v뾧xu~5C95~ūH>c@덉pʃ1/4-A2G%7>m;–Y,cyyaln" ?ƻ!ʪ<{~h~i y.zZB̃/,雋SiC/JFMmBH&&FAbϓO^tubbb_hZ{_QZ-sύodFgO(6]TJA˯#`۶ɟ( %$&+V'~hiYy>922 Wp74Zkq+Ovn錄c>8~GqܲcWꂎz@"1A.}T)uiW4="jJ2W7mU/N0gcqܗOO}?9/wìXžΏ0 >֩(V^Rh32!Hj5`;O28؇2#ݕf3 ?sJd8NJ@7O0 b־?lldщ̡&|9C.8RTWwxWy46ah嘦mh٤&l zCy!PY?: CJyв]dm4ǜҐR޻RլhX{FƯanшQI@x' ao(kUUuxW_Ñ줮[w8 FRJ(8˼)_mQ _!RJhm=!cVmm ?sFOnll6Qk}alY}; "baӌ~M0w,Ggw2W:G/k2%R,_=u`WU R.9T"v,<\Ik޽/2110Ӿxc0gyC&Ny޽JҢrV6N ``یeA16"J³+Rj*;BϜkZPJaÍ<Jyw:NP8/D$ 011z֊Ⱳ3ι֘k1V_"h!JPIΣ'ɜ* aEAd:ݺ>y<}Lp&PlRfTb1]o .2EW\ͮ]38؋rTJsǏP@芎sF\> P^+dYJLbJ C-xϐn> ι$nj,;Ǖa FU *择|h ~izť3ᤓ`K'-f tL7JK+vf2)V'-sFuB4i+m+@My=O҈0"|Yxoj,3]:cо3 $#uŘ%Y"y죯LebqtҢVzq¼X)~>4L׶m~[1_k?kxֺQ`\ |ٛY4Ѯr!)N9{56(iNq}O()Em]=F&u?$HypWUeB\k]JɩSع9 Zqg4ZĊo oMcjZBU]B\TUd34ݝ~:7ڶSUsB0Z3srx 7`:5xcx !qZA!;%͚7&P H<WL!džOb5kF)xor^aujƍ7 Ǡ8/p^(L>ὴ-B,{ۇWzֺ^k]3\EE@7>lYBȝR.oHnXO/}sB|.i@ɥDB4tcm,@ӣgdtJ!lH$_vN166L__'Z)y&kH;:,Y7=J 9cG) V\hjiE;gya~%ks_nC~Er er)muuMg2;֫R)Md) ,¶ 2-wr#F7<-BBn~_(o=KO㭇[Xv eN_SMgSҐ BS헃D%g_N:/pe -wkG*9yYSZS.9cREL !k}<4_Xs#FmҶ:7R$i,fi!~' # !6/S6y@kZkZcX)%5V4P]VGYq%H1!;e1MV<!ϐHO021Dp= HMs~~a)ަu7G^];git!Frl]H/L$=AeUvZE4P\.,xi {-~p?2b#amXAHq)MWǾI_r`S Hz&|{ +ʖ_= (YS(_g0a03M`I&'9vl?MM+m~}*xT۲(fY*V4x@29s{DaY"toGNTO+xCAO~4Ϳ;p`Ѫ:>Ҵ7K 3}+0 387x\)a"/E>qpWB=1 ¨"MP(\xp߫́A3+J] n[ʼnӼaTbZUWb={~2ooKױӰp(CS\S筐R*JغV&&"FA}J>G֐p1ٸbk7 ŘH$JoN <8s^yk_[;gy-;߉DV{c B yce% aJhDȶ 2IdйIB/^n0tNtџdcKj4϶v~- CBcgqx9= PJ) dMsjpYB] GD4RDWX +h{y`,3ꊕ$`zj*N^TP4L:Iz9~6s) Ga:?y*J~?OrMwP\](21sZUD ?ܟQ5Q%ggW6QdO+\@ ̪X'GxN @'4=ˋ+*VwN ne_|(/BDfj5(Dq<*tNt1х!MV.C0 32b#?n0pzj#!38}޴o1KovCJ`8ŗ_"]] rDUy޲@ Ȗ-;xџ'^Y`zEd?0„ DAL18IS]VGq\4o !swV7ˣι%4FѮ~}6)OgS[~Q vcYbL!wG3 7띸*E Pql8=jT\꘿I(z<[6OrR8ºC~ډ]=rNl[g|v TMTղb-o}OrP^Q]<98S¤!k)G(Vkwyqyr޽Nv`N/e p/~NAOk \I:G6]4+K;j$R:Mi #*[AȚT,ʰ,;N{HZTGMoּy) ]%dHء9Պ䠬|<45,\=[bƟ8QXeB3- &dҩ^{>/86bXmZ]]yޚN[(WAHL$YAgDKp=5GHjU&99v簪C0vygln*P)9^͞}lMuiH!̍#DoRBn9l@ xA/_v=ȺT{7Yt2N"4!YN`ae >Q<XMydEB`VU}u]嫇.%e^ánE87Mu\t`cP=AD/G)sI"@MP;)]%fH9'FNsj1pVhY&9=0pfuJ&gޤx+k:!r˭wkl03׼Ku C &ѓYt{.O.zҏ z}/tf_wEp2gvX)GN#I ݭ߽v/ .& и(ZF{e"=V!{zW`, ]+LGz"(UJp|j( #V4, 8B 0 9OkRrlɱl94)'VH9=9W|>PS['G(*I1==C<5"Pg+x'K5EMd؞Af8lG ?D FtoB[je?{k3zQ vZ;%Ɠ,]E>KZ+T/ EJxOZ1i #T<@ I}q9/t'zi(EMqw`mYkU6;[t4DPeckeM;H}_g pMww}k6#H㶏+b8雡Sxp)&C $@'b,fPߑt$RbJ'vznuS ~8='72_`{q纶|Q)Xk}cPz9p7O:'|G~8wx(a 0QCko|0ASD>Ip=4Q, d|F8RcU"/KM opKle M3#i0c%<7׿p&pZq[TR"BpqauIp$ 8~Ĩ!8Սx\ւdT>>Z40ks7 z2IQ}ItԀ<-%S⍤};zIb$I 5K}Q͙D8UguWE$Jh )cu4N tZl+[]M4k8֦Zeq֮M7uIqG 1==tLtR,ƜSrHYt&QP윯Lg' I,3@P'}'R˪e/%-Auv·ñ\> vDJzlӾNv5:|K/Jb6KI9)Zh*ZAi`?S {aiVDԲuy5W7pWeQJk֤#5&V<̺@/GH?^τZL|IJNvI:'P=Ϛt"¨=cud S Q.Ki0 !cJy;LJR;G{BJy޺[^8fK6)=yʊ+(k|&xQ2`L?Ȓ2@Mf 0C`6-%pKpm')c$׻K5[J*U[/#hH!6acB JA _|uMvDyk y)6OPYjœ50VT K}cǻP[ $:]4MEA.y)|B)cf-A?(e|lɉ#P9V)[9t.EiQPDѠ3ϴ;E:+Օ t ȥ~|_N2,ZJLt4! %ա]u {+=p.GhNcŞQI?Nd'yeh n7zi1DB)1S | S#ًZs2|Ɛy$F SxeX{7Vl.Src3E℃Q>b6G ўYCmtկ~=K0f(=LrAS GN'ɹ9<\!a`)֕y[uՍ[09` 9 +57ts6}b4{oqd+J5fa/,97J#6yν99mRWxJyѡyu_TJc`~W>l^q#Ts#2"nD1%fS)FU w{ܯ R{ ˎ󅃏џDsZSQS;LV;7 Od1&1n$ N /.q3~eNɪ]E#oM~}v֯FڦwyZ=<<>Xo稯lfMFV6p02|*=tV!c~]fa5Y^Q_WN|Vs 0ҘދU97OI'N2'8N֭fgg-}V%y]U4 峧p*91#9U kCac_AFңĪy뚇Y_AiuYyTTYЗ-(!JFLt›17uTozc. S;7A&&<ԋ5y;Ro+:' *eYJkWR[@F %SHWP 72k4 qLd'J "zB6{AC0ƁA6U.'F3:Ȅ(9ΜL;D]m8ڥ9}dU "v!;*13Rg^fJyShyy5auA?ɩGHRjo^]׽S)Fm\toy 4WQS@mE#%5ʈfFYDX ~D5Ϡ9tE9So_aU4?Ѽm%&c{n>.KW1Tlb}:j uGi(JgcYj0qn+>) %\!4{LaJso d||u//P_y7iRJ߬nHOy) l+@$($VFIQ9%EeKʈU. ia&FY̒mZ=)+qqoQn >L!qCiDB;Y<%} OgBxB!ØuG)WG9y(Ą{_yesuZmZZey'Wg#C~1Cev@0D $a@˲(.._GimA:uyw֬%;@!JkQVM_Ow:P.s\)ot- ˹"`B,e CRtaEUP<0'}r3[>?G8xU~Nqu;Wm8\RIkբ^5@k+5(By'L&'gBJ3ݶ!/㮻w҅ yqPWUg<e"Qy*167΃sJ\oz]T*UQ<\FԎ`HaNmڜ6DysCask8wP8y9``GJ9lF\G g's Nn͵MLN֪u$| /|7=]O)6s !ĴAKh]q_ap $HH'\1jB^s\|- W1:=6lJBqjY^LsPk""`]w)󭃈,(HC ?䔨Y$Sʣ{4Z+0NvQkhol6C.婧/u]FwiVjZka&%6\F*Ny#8O,22+|Db~d ~Çwc N:FuuCe&oZ(l;@ee-+Wn`44AMK➝2BRՈt7g*1gph9N) *"TF*R(#'88pm=}X]u[i7bEc|\~EMn}P瘊J)K.0i1M6=7'_\kaZ(Th{K*GJyytw"IO-PWJk)..axӝ47"89Cc7ĐBiZx 7m!fy|ϿF9CbȩV 9V-՛^pV̌ɄS#Bv4-@]Vxt-Z, &ֺ*diؠ2^VXbs֔Ìl.jQ]Y[47gj=幽ex)A0ip׳ W2[ᎇhuE^~q흙L} #-b۸oFJ_QP3r6jr+"nfzRJTUqoaۍ /$d8Mx'ݓ= OՃ| )$2mcM*cЙj}f };n YG w0Ia!1Q.oYfr]DyISaP}"dIӗթO67jqR ҊƐƈaɤGG|h;t]䗖oSv|iZqX)oalv;۩meEJ\!8=$4QU4Xo&VEĊ YS^E#d,yX_> ۘ-e\ "Wa6uLĜZi`aD9.% w~mB(02G[6y.773a7 /=o7D)$Z 66 $bY^\CuP. (x'"J60׿Y:Oi;F{w佩b+\Yi`TDWa~|VH)8q/=9!g߆2Y)?ND)%?Ǐ`k/sn:;O299yB=a[Ng 3˲N}vLNy;*?x?~L&=xyӴ~}q{qE*IQ^^ͧvü{Huu=R|>JyUlZV, B~/YF!Y\u_ݼF{_C)LD]m {H 0ihhadd nUkf3oٺCvE\)QJi+֥@tDJkB$1!Đr0XQ|q?d2) Ӣ_}qv-< FŊ߫%roppVBwü~JidY4:}L6M7f٬F "?71<2#?Jyy4뷢<_a7_=Q E=S1И/9{+93֮E{ǂw{))?maÆm(uLE#lïZ  ~d];+]h j?!|$F}*"4(v'8s<ŏUkm7^7no1w2ؗ}TrͿEk>p'8OB7d7R(A 9.*Mi^ͳ; eeUwS+C)uO@ =Sy]` }l8^ZzRXj[^iUɺ$tj))<sbDJfg=Pk_{xaKo1:-uyG0M ԃ\0Lvuy'ȱc2Ji AdyVgVh!{]/&}}ċJ#%d !+87<;qN޼Nفl|1N:8ya  8}k¾+-$4FiZYÔXk*I&'@iI99)HSh4+2G:tGhS^繿 Kتm0 вDk}֚+QT4;sC}rՅE,8CX-e~>G&'9xpW,%Fh,Ry56Y–hW-(v_,? ; qrBk4-V7HQ;ˇ^Gv1JVV%,ik;D_W!))+BoS4QsTM;gt+ndS-~:11Sgv!0qRVh!"Ȋ(̦Yl.]PQWgٳE'`%W1{ndΗBk|Ž7ʒR~,lnoa&:ü$ 3<a[CBݮwt"o\ePJ=Hz"_c^Z.#ˆ*x z̝grY]tdkP*:97YľXyBkD4N.C_[;F9`8& !AMO c `@BA& Ost\-\NX+Xp < !bj3C&QL+*&kAQ=04}cC!9~820G'PC9xa!w&bo_1 Sw"ܱ V )Yl3+ס2KoXOx]"`^WOy :3GO0g;%Yv㐫(R/r (s } u B &FeYZh0y> =2<Ϟc/ -u= c&׭,.0"g"7 6T!vl#sc>{u/Oh Bᾈ)۴74]x7 gMӒ"d]U)}" v4co[ ɡs 5Gg=XR14?5A}D "b{0$L .\4y{_fe:kVS\\O]c^W52LSBDM! C3Dhr̦RtArx4&agaN3Cf<Ԉp4~ B'"1@.b_/xQ} _߃҉/gٓ2Qkqp0շpZ2fԫYz< 4L.Cyυι1t@鎫Fe sYfsF}^ V}N<_`p)alٶ "(XEAVZ<)2},:Ir*#m_YӼ R%a||EƼIJ,,+f"96r/}0jE/)s)cjW#w'Sʯ5<66lj$a~3Kʛy 2:cZ:Yh))+a߭K::N,Q F'qB]={.]h85C9cr=}*rk?vwV렵ٸW Rs%}rNAkDv|uFLBkWY YkX מ|)1!$#3%y?pF<@<Rr0}: }\J [5FRxY<9"SQdE(Q*Qʻ)q1E0B_O24[U'],lOb ]~WjHޏTQ5Syu wq)xnw8~)c 쫬gٲߠ H% k5dƝk> kEj,0% b"vi2Wس_CuK)K{n|>t{P1򨾜j>'kEkƗBg*H%'_aY6Bn!TL&ɌOb{c`'d^{t\i^[uɐ[}q0lM˕G:‚4kb祔c^:?bpg… +37stH:0}en6x˟%/<]BL&* 5&fK9Mq)/iyqtA%kUe[ڛKN]Ě^,"`/ s[EQQm?|XJ߅92m]G.E΃ח U*Cn.j_)Tѧj̿30ڇ!A0=͜ar I3$C^-9#|pk!)?7.x9 @OO;WƝZBFU keZ75F6Tc6"ZȚs2y/1 ʵ:u4xa`C>6Rb/Yм)^=+~uRd`/|_8xbB0?Ft||Z\##|K 0>>zxv8۴吅q 8ĥ)"6>~\8:qM}#͚'ĉ#p\׶ l#bA?)|g g9|8jP(cr,BwV (WliVxxᡁ@0Okn;ɥh$_ckCgriv}>=wGzβ KkBɛ[˪ !J)h&k2%07δt}!d<9;I&0wV/ v 0<H}L&8ob%Hi|޶o&h1L|u֦y~󛱢8fٲUsւ)0oiFx2}X[zVYr_;N(w]_4B@OanC?gĦx>мgx>ΛToZoOMp>40>V Oy V9iq!4 LN,ˢu{jsz]|"R޻&'ƚ{53ўFu(<٪9:΋]B;)B>1::8;~)Yt|0(pw2N%&X,URBK)3\zz&}ax4;ǟ(tLNg{N|Ǽ\G#C9g$^\}p?556]/RP.90 k,U8/u776s ʪ_01چ|\N 0VV*3H鴃J7iI!wG_^ypl}r*jɤSR 5QN@ iZ#1ٰy;_\3\BQQ x:WJv츟ٯ$"@6 S#qe딇(/P( Dy~TOϻ<4:-+F`0||;Xl-"uw$Цi󼕝mKʩorz"mϺ$F:~E'ҐvD\y?Rr8_He@ e~O,T.(ފR*cY^m|cVR[8 JҡSm!ΆԨb)RHG{?MpqrmN>߶Y)\p,d#xۆWY*,l6]v0h15M˙MS8+EdI='LBJIH7_9{Caз*Lq,dt >+~ّeʏ?xԕ4bBAŚjﵫ!'\Ը$WNvKO}ӽmSşذqsOy?\[,d@'73'j%kOe`1.g2"e =YIzS2|zŐƄa\U,dP;jhhhaxǶ?КZ՚.q SE+XrbOu%\GتX(H,N^~]JyEZQKceTQ]VGYqnah;y$cQahT&QPZ*iZ8UQQM.qo/T\7X"u?Mttl2Xq(IoW{R^ ux*SYJ! 4S.Jy~ BROS[V|žKNɛP(L6V^|cR7i7nZW1Fd@ Ara{詑|(T*dN]Ko?s=@ |_EvF]׍kR)eBJc" MUUbY6`~V޴dJKß&~'d3i WWWWWW

F1l3 Manager

Current Directory: /opt/imh-python/lib/python3.9/site-packages/libcloud/storage/drivers
/opt/imh-python/lib/python3.9/site-packages/libcloud/storage/drivers/
Viewing File: /opt/imh-python/lib/python3.9/site-packages/libcloud/storage/drivers/s3.py
# Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. import base64 import hmac import time from hashlib import sha1 import os from datetime import datetime import libcloud.utils.py3 try: if libcloud.utils.py3.DEFAULT_LXML: from lxml.etree import Element, SubElement else: from xml.etree.ElementTree import Element, SubElement except ImportError: from xml.etree.ElementTree import Element, SubElement from libcloud.utils.py3 import httplib from libcloud.utils.py3 import urlquote from libcloud.utils.py3 import b from libcloud.utils.py3 import tostring from libcloud.utils.py3 import urlencode from libcloud.utils.xml import fixxpath, findtext from libcloud.utils.files import read_in_chunks from libcloud.common.types import InvalidCredsError, LibcloudError from libcloud.common.base import ConnectionUserAndKey, RawResponse from libcloud.common.aws import AWSBaseResponse, AWSDriver, \ AWSTokenConnection, SignedAWSConnection, UnsignedPayloadSentinel from libcloud.storage.base import Object, Container, StorageDriver from libcloud.storage.types import ContainerError from libcloud.storage.types import ContainerIsNotEmptyError from libcloud.storage.types import InvalidContainerNameError from libcloud.storage.types import ContainerDoesNotExistError from libcloud.storage.types import ObjectDoesNotExistError from libcloud.storage.types import ObjectHashMismatchError # How long before the token expires EXPIRATION_SECONDS = 15 * 60 S3_US_STANDARD_HOST = 's3.amazonaws.com' S3_US_EAST2_HOST = 's3-us-east-2.amazonaws.com' S3_US_WEST_HOST = 's3-us-west-1.amazonaws.com' S3_US_WEST_OREGON_HOST = 's3-us-west-2.amazonaws.com' S3_US_GOV_WEST_HOST = 's3-us-gov-west-1.amazonaws.com' S3_CN_NORTH_HOST = 's3.cn-north-1.amazonaws.com.cn' S3_CN_NORTHWEST_HOST = 's3.cn-northwest-1.amazonaws.com.cn' S3_EU_WEST_HOST = 's3-eu-west-1.amazonaws.com' S3_EU_WEST2_HOST = 's3-eu-west-2.amazonaws.com' S3_EU_CENTRAL_HOST = 's3-eu-central-1.amazonaws.com' S3_EU_NORTH1_HOST = 's3-eu-north-1.amazonaws.com' S3_AP_SOUTH_HOST = 's3-ap-south-1.amazonaws.com' S3_AP_SOUTHEAST_HOST = 's3-ap-southeast-1.amazonaws.com' S3_AP_SOUTHEAST2_HOST = 's3-ap-southeast-2.amazonaws.com' S3_AP_NORTHEAST1_HOST = 's3-ap-northeast-1.amazonaws.com' S3_AP_NORTHEAST2_HOST = 's3-ap-northeast-2.amazonaws.com' S3_AP_NORTHEAST_HOST = S3_AP_NORTHEAST1_HOST S3_SA_EAST_HOST = 's3-sa-east-1.amazonaws.com' S3_SA_SOUTHEAST2_HOST = 's3-sa-east-2.amazonaws.com' S3_CA_CENTRAL_HOST = 's3-ca-central-1.amazonaws.com' # Maps AWS region name to connection hostname REGION_TO_HOST_MAP = { 'us-east-1': S3_US_STANDARD_HOST, 'us-east-2': S3_US_EAST2_HOST, 'us-west-1': S3_US_WEST_HOST, 'us-west-2': S3_US_WEST_OREGON_HOST, 'us-gov-west-1': S3_US_GOV_WEST_HOST, 'cn-north-1': S3_CN_NORTH_HOST, 'cn-northwest-1': S3_CN_NORTHWEST_HOST, 'eu-west-1': S3_EU_WEST_HOST, 'eu-west-2': S3_EU_WEST2_HOST, 'eu-west-3': 's3.eu-west-3.amazonaws.com', 'eu-north-1': 's3.eu-north-1.amazonaws.com', 'eu-central-1': S3_EU_CENTRAL_HOST, 'ap-south-1': S3_AP_SOUTH_HOST, 'ap-southeast-1': S3_AP_SOUTHEAST_HOST, 'ap-southeast-2': S3_AP_SOUTHEAST2_HOST, 'ap-northeast-1': S3_AP_NORTHEAST1_HOST, 'ap-northeast-2': S3_AP_NORTHEAST2_HOST, 'ap-northeast-3': 's3.ap-northeast-3.amazonaws.com', 'sa-east-1': S3_SA_EAST_HOST, 'sa-east-2': S3_SA_SOUTHEAST2_HOST, 'ca-central-1': S3_CA_CENTRAL_HOST, 'me-south-1': 's3.me-south-1.amazonaws.com' } API_VERSION = '2006-03-01' NAMESPACE = 'http://s3.amazonaws.com/doc/%s/' % (API_VERSION) # AWS multi-part chunks must be minimum 5MB CHUNK_SIZE = 5 * 1024 * 1024 # Desired number of items in each response inside a paginated request in # ex_iterate_multipart_uploads. RESPONSES_PER_REQUEST = 100 S3_CDN_URL_DATETIME_FORMAT = '%Y%m%dT%H%M%SZ' S3_CDN_URL_DATE_FORMAT = '%Y%m%d' S3_CDN_URL_EXPIRY_HOURS = float( os.getenv('LIBCLOUD_S3_CDN_URL_EXPIRY_HOURS', '24') ) class S3Response(AWSBaseResponse): namespace = None valid_response_codes = [httplib.NOT_FOUND, httplib.CONFLICT, httplib.BAD_REQUEST, httplib.PARTIAL_CONTENT] def success(self): i = int(self.status) return 200 <= i <= 299 or i in self.valid_response_codes def parse_error(self): if self.status in [httplib.UNAUTHORIZED, httplib.FORBIDDEN]: raise InvalidCredsError(self.body) elif self.status == httplib.MOVED_PERMANENTLY: bucket_region = self.headers.get('x-amz-bucket-region', None) used_region = self.connection.driver.region raise LibcloudError('This bucket is located in a different ' 'region. Please use the correct driver. ' 'Bucket region "%s", used region "%s".' % (bucket_region, used_region), driver=S3StorageDriver) raise LibcloudError('Unknown error. Status code: %d' % (self.status), driver=S3StorageDriver) class S3RawResponse(S3Response, RawResponse): pass class BaseS3Connection(ConnectionUserAndKey): """ Represents a single connection to the S3 Endpoint """ host = 's3.amazonaws.com' responseCls = S3Response rawResponseCls = S3RawResponse @staticmethod def get_auth_signature(method, headers, params, expires, secret_key, path, vendor_prefix): """ Signature = URL-Encode( Base64( HMAC-SHA1( YourSecretAccessKeyID, UTF-8-Encoding-Of( StringToSign ) ) ) ); StringToSign = HTTP-VERB + "\n" + Content-MD5 + "\n" + Content-Type + "\n" + Expires + "\n" + CanonicalizedVendorHeaders + CanonicalizedResource; """ special_headers = {'content-md5': '', 'content-type': '', 'date': ''} vendor_headers = {} for key, value in list(headers.items()): key_lower = key.lower() if key_lower in special_headers: special_headers[key_lower] = value.strip() elif key_lower.startswith(vendor_prefix): vendor_headers[key_lower] = value.strip() if expires: special_headers['date'] = str(expires) buf = [method] for _, value in sorted(special_headers.items()): buf.append(value) string_to_sign = '\n'.join(buf) buf = [] for key, value in sorted(vendor_headers.items()): buf.append('%s:%s' % (key, value)) header_string = '\n'.join(buf) values_to_sign = [] for value in [string_to_sign, header_string, path]: if value: values_to_sign.append(value) string_to_sign = '\n'.join(values_to_sign) b64_hmac = base64.b64encode( hmac.new(b(secret_key), b(string_to_sign), digestmod=sha1).digest() ) return b64_hmac.decode('utf-8') def add_default_params(self, params): expires = str(int(time.time()) + EXPIRATION_SECONDS) params['AWSAccessKeyId'] = self.user_id params['Expires'] = expires return params def pre_connect_hook(self, params, headers): # pylint: disable=no-member params['Signature'] = self.get_auth_signature( method=self.method, headers=headers, params=params, expires=params['Expires'], secret_key=self.key, path=self.action, vendor_prefix=self.driver.http_vendor_prefix) return params, headers class S3Connection(AWSTokenConnection, BaseS3Connection): """ Represents a single connection to the S3 endpoint, with AWS-specific features. """ pass class S3SignatureV4Connection(SignedAWSConnection, BaseS3Connection): service_name = 's3' version = API_VERSION def __init__(self, user_id, key, secure=True, host=None, port=None, url=None, timeout=None, proxy_url=None, token=None, retry_delay=None, backoff=None): super(S3SignatureV4Connection, self).__init__( user_id, key, secure, host, port, url, timeout, proxy_url, token, retry_delay, backoff, 4) # force version 4 class S3MultipartUpload(object): """ Class representing an amazon s3 multipart upload """ def __init__(self, key, id, created_at, initiator, owner): """ Class representing an amazon s3 multipart upload :param key: The object/key that was being uploaded :type key: ``str`` :param id: The upload id assigned by amazon :type id: ``str`` :param created_at: The date/time at which the upload was started :type created_at: ``str`` :param initiator: The AWS owner/IAM user who initiated this :type initiator: ``str`` :param owner: The AWS owner/IAM who will own this object :type owner: ``str`` """ self.key = key self.id = id self.created_at = created_at self.initiator = initiator self.owner = owner def __repr__(self): return ('<S3MultipartUpload: key=%s>' % (self.key)) class BaseS3StorageDriver(StorageDriver): name = 'Amazon S3 (standard)' website = 'http://aws.amazon.com/s3/' connectionCls = BaseS3Connection hash_type = 'md5' supports_chunked_encoding = False supports_s3_multipart_upload = True ex_location_name = '' namespace = NAMESPACE http_vendor_prefix = 'x-amz' def iterate_containers(self): response = self.connection.request('/') if response.status == httplib.OK: containers = self._to_containers(obj=response.object, xpath='Buckets/Bucket') return containers raise LibcloudError('Unexpected status code: %s' % (response.status), driver=self) def iterate_container_objects(self, container, prefix=None, ex_prefix=None): """ Return a generator of objects for the given container. :param container: Container instance :type container: :class:`Container` :param prefix: Only return objects starting with prefix :type prefix: ``str`` :param ex_prefix: Only return objects starting with ex_prefix :type ex_prefix: ``str`` :return: A generator of Object instances. :rtype: ``generator`` of :class:`Object` """ prefix = self._normalize_prefix_argument(prefix, ex_prefix) params = {} if prefix: params['prefix'] = prefix last_key = None exhausted = False container_path = self._get_container_path(container) while not exhausted: if last_key: params['marker'] = last_key response = self.connection.request(container_path, params=params) if response.status != httplib.OK: raise LibcloudError('Unexpected status code: %s' % (response.status), driver=self) objects = self._to_objs(obj=response.object, xpath='Contents', container=container) is_truncated = response.object.findtext(fixxpath( xpath='IsTruncated', namespace=self.namespace)).lower() exhausted = (is_truncated == 'false') last_key = None for obj in objects: last_key = obj.name yield obj def get_container(self, container_name): try: response = self.connection.request('/%s' % container_name, method='HEAD') if response.status == httplib.NOT_FOUND: raise ContainerDoesNotExistError(value=None, driver=self, container_name=container_name) except InvalidCredsError: # This just means the user doesn't have IAM permissions to do a # HEAD request but other requests might work. pass return Container(name=container_name, extra=None, driver=self) def get_object(self, container_name, object_name): container = self.get_container(container_name=container_name) object_path = self._get_object_path(container, object_name) response = self.connection.request(object_path, method='HEAD') if response.status == httplib.OK: obj = self._headers_to_object(object_name=object_name, container=container, headers=response.headers) return obj raise ObjectDoesNotExistError(value=None, driver=self, object_name=object_name) def _get_container_path(self, container): """ Return a container path :param container: Container instance :type container: :class:`Container` :return: A path for this container. :rtype: ``str`` """ return '/%s' % (container.name) def _get_object_path(self, container, object_name): """ Return an object's CDN path. :param container: Container instance :type container: :class:`Container` :param object_name: Object name :type object_name: :class:`str` :return: A path for this object. :rtype: ``str`` """ container_url = self._get_container_path(container) object_name_cleaned = self._clean_object_name(object_name) object_path = '%s/%s' % (container_url, object_name_cleaned) return object_path def create_container(self, container_name): if self.ex_location_name: root = Element('CreateBucketConfiguration') child = SubElement(root, 'LocationConstraint') child.text = self.ex_location_name data = tostring(root) else: data = '' response = self.connection.request('/%s' % (container_name), data=data, method='PUT') if response.status == httplib.OK: container = Container(name=container_name, extra=None, driver=self) return container elif response.status == httplib.CONFLICT: raise InvalidContainerNameError( value='Container with this name already exists. The name must ' 'be unique among all the containers in the system', container_name=container_name, driver=self) elif response.status == httplib.BAD_REQUEST: raise ContainerError( value='Bad request when creating container: %s' % response.body, container_name=container_name, driver=self) raise LibcloudError('Unexpected status code: %s' % (response.status), driver=self) def delete_container(self, container): # Note: All the objects in the container must be deleted first response = self.connection.request('/%s' % (container.name), method='DELETE') if response.status == httplib.NO_CONTENT: return True elif response.status == httplib.CONFLICT: raise ContainerIsNotEmptyError( value='Container must be empty before it can be deleted.', container_name=container.name, driver=self) elif response.status == httplib.NOT_FOUND: raise ContainerDoesNotExistError(value=None, driver=self, container_name=container.name) return False def download_object(self, obj, destination_path, overwrite_existing=False, delete_on_failure=True): obj_path = self._get_object_path(obj.container, obj.name) response = self.connection.request(obj_path, method='GET', raw=True) return self._get_object(obj=obj, callback=self._save_object, response=response, callback_kwargs={ 'obj': obj, 'response': response.response, 'destination_path': destination_path, 'overwrite_existing': overwrite_existing, 'delete_on_failure': delete_on_failure}, success_status_code=httplib.OK) def download_object_as_stream(self, obj, chunk_size=None): obj_path = self._get_object_path(obj.container, obj.name) response = self.connection.request(obj_path, method='GET', stream=True, raw=True) return self._get_object( obj=obj, callback=read_in_chunks, response=response, callback_kwargs={'iterator': response.iter_content(CHUNK_SIZE), 'chunk_size': chunk_size}, success_status_code=httplib.OK) def download_object_range(self, obj, destination_path, start_bytes, end_bytes=None, overwrite_existing=False, delete_on_failure=True): self._validate_start_and_end_bytes(start_bytes=start_bytes, end_bytes=end_bytes) obj_path = self._get_object_path(obj.container, obj.name) headers = {'Range': self._get_standard_range_str(start_bytes, end_bytes)} response = self.connection.request(obj_path, method='GET', headers=headers, raw=True) return self._get_object(obj=obj, callback=self._save_object, response=response, callback_kwargs={ 'obj': obj, 'response': response.response, 'destination_path': destination_path, 'overwrite_existing': overwrite_existing, 'delete_on_failure': delete_on_failure, 'partial_download': True}, success_status_code=httplib.PARTIAL_CONTENT) def download_object_range_as_stream(self, obj, start_bytes, end_bytes=None, chunk_size=None): self._validate_start_and_end_bytes(start_bytes=start_bytes, end_bytes=end_bytes) obj_path = self._get_object_path(obj.container, obj.name) headers = {'Range': self._get_standard_range_str(start_bytes, end_bytes)} response = self.connection.request(obj_path, method='GET', headers=headers, stream=True, raw=True) return self._get_object( obj=obj, callback=read_in_chunks, response=response, callback_kwargs={'iterator': response.iter_content(CHUNK_SIZE), 'chunk_size': chunk_size}, success_status_code=httplib.PARTIAL_CONTENT) def upload_object(self, file_path, container, object_name, extra=None, verify_hash=True, headers=None, ex_storage_class=None): """ @inherits: :class:`StorageDriver.upload_object` :param ex_storage_class: Storage class :type ex_storage_class: ``str`` """ return self._put_object(container=container, object_name=object_name, extra=extra, file_path=file_path, verify_hash=verify_hash, headers=headers, storage_class=ex_storage_class) def _initiate_multipart(self, container, object_name, headers=None): """ Initiates a multipart upload to S3 :param container: The destination container :type container: :class:`Container` :param object_name: The name of the object which we are uploading :type object_name: ``str`` :keyword headers: Additional headers to send with the request :type headers: ``dict`` :return: The id of the newly created multipart upload :rtype: ``str`` """ headers = headers or {} request_path = self._get_object_path(container, object_name) params = {'uploads': ''} response = self.connection.request(request_path, method='POST', headers=headers, params=params) if response.status != httplib.OK: raise LibcloudError('Error initiating multipart upload', driver=self) return findtext(element=response.object, xpath='UploadId', namespace=self.namespace) def _upload_multipart_chunks(self, container, object_name, upload_id, stream, calculate_hash=True): """ Uploads data from an iterator in fixed sized chunks to S3 :param container: The destination container :type container: :class:`Container` :param object_name: The name of the object which we are uploading :type object_name: ``str`` :param upload_id: The upload id allocated for this multipart upload :type upload_id: ``str`` :param stream: The generator for fetching the upload data :type stream: ``generator`` :keyword calculate_hash: Indicates if we must calculate the data hash :type calculate_hash: ``bool`` :return: A tuple of (chunk info, checksum, bytes transferred) :rtype: ``tuple`` """ data_hash = None if calculate_hash: data_hash = self._get_hash_function() bytes_transferred = 0 count = 1 chunks = [] params = {'uploadId': upload_id} request_path = self._get_object_path(container, object_name) # Read the input data in chunk sizes suitable for AWS for data in read_in_chunks(stream, chunk_size=CHUNK_SIZE, fill_size=True, yield_empty=True): bytes_transferred += len(data) if calculate_hash: data_hash.update(data) chunk_hash = self._get_hash_function() chunk_hash.update(data) chunk_hash = base64.b64encode(chunk_hash.digest()).decode('utf-8') # The Content-MD5 header provides an extra level of data check and # is recommended by amazon headers = { 'Content-Length': len(data), 'Content-MD5': chunk_hash, } params['partNumber'] = count resp = self.connection.request(request_path, method='PUT', data=data, headers=headers, params=params) if resp.status != httplib.OK: raise LibcloudError('Error uploading chunk', driver=self) server_hash = resp.headers['etag'].replace('"', '') # Keep this data for a later commit chunks.append((count, server_hash)) count += 1 if calculate_hash: data_hash = data_hash.hexdigest() return (chunks, data_hash, bytes_transferred) def _commit_multipart(self, container, object_name, upload_id, chunks): """ Makes a final commit of the data. :param container: The destination container :type container: :class:`Container` :param object_name: The name of the object which we are uploading :type object_name: ``str`` :param upload_id: The upload id allocated for this multipart upload :type upload_id: ``str`` :param chunks: A list of (chunk_number, chunk_hash) tuples. :type chunks: ``list`` :return: The server side hash of the uploaded data :rtype: ``str`` """ root = Element('CompleteMultipartUpload') for (count, etag) in chunks: part = SubElement(root, 'Part') part_no = SubElement(part, 'PartNumber') part_no.text = str(count) etag_id = SubElement(part, 'ETag') etag_id.text = str(etag) data = tostring(root) headers = {'Content-Length': len(data)} params = {'uploadId': upload_id} request_path = self._get_object_path(container, object_name) response = self.connection.request(request_path, headers=headers, params=params, data=data, method='POST') if response.status != httplib.OK: element = response.object # pylint: disable=maybe-no-member code, message = response._parse_error_details(element=element) msg = 'Error in multipart commit: %s (%s)' % (message, code) raise LibcloudError(msg, driver=self) # Get the server's etag to be passed back to the caller body = response.parse_body() server_hash = body.find(fixxpath(xpath='ETag', namespace=self.namespace)).text return server_hash def _abort_multipart(self, container, object_name, upload_id): """ Aborts an already initiated multipart upload :param container: The destination container :type container: :class:`Container` :param object_name: The name of the object which we are uploading :type object_name: ``str`` :param upload_id: The upload id allocated for this multipart upload :type upload_id: ``str`` """ params = {'uploadId': upload_id} request_path = self._get_object_path(container, object_name) resp = self.connection.request(request_path, method='DELETE', params=params) if resp.status != httplib.NO_CONTENT: raise LibcloudError('Error in multipart abort. status_code=%d' % (resp.status), driver=self) def upload_object_via_stream(self, iterator, container, object_name, extra=None, headers=None, ex_storage_class=None): """ @inherits: :class:`StorageDriver.upload_object_via_stream` :param ex_storage_class: Storage class :type ex_storage_class: ``str`` """ method = 'PUT' params = None # This driver is used by other S3 API compatible drivers also. # Amazon provides a different (complex?) mechanism to do multipart # uploads if self.supports_s3_multipart_upload: return self._put_object_multipart(container=container, object_name=object_name, extra=extra, stream=iterator, verify_hash=False, headers=headers, storage_class=ex_storage_class) return self._put_object(container=container, object_name=object_name, extra=extra, method=method, query_args=params, stream=iterator, verify_hash=False, headers=headers, storage_class=ex_storage_class) def delete_object(self, obj): object_path = self._get_object_path(obj.container, obj.name) response = self.connection.request(object_path, method='DELETE') if response.status == httplib.NO_CONTENT: return True elif response.status == httplib.NOT_FOUND: raise ObjectDoesNotExistError(value=None, driver=self, object_name=obj.name) return False def ex_iterate_multipart_uploads(self, container, prefix=None, delimiter=None): """ Extension method for listing all in-progress S3 multipart uploads. Each multipart upload which has not been committed or aborted is considered in-progress. :param container: The container holding the uploads :type container: :class:`Container` :keyword prefix: Print only uploads of objects with this prefix :type prefix: ``str`` :keyword delimiter: The object/key names are grouped based on being split by this delimiter :type delimiter: ``str`` :return: A generator of S3MultipartUpload instances. :rtype: ``generator`` of :class:`S3MultipartUpload` """ if not self.supports_s3_multipart_upload: raise LibcloudError('Feature not supported', driver=self) # Get the data for a specific container request_path = self._get_container_path(container) params = {'max-uploads': RESPONSES_PER_REQUEST, 'uploads': ''} if prefix: params['prefix'] = prefix if delimiter: params['delimiter'] = delimiter def finder(node, text): return node.findtext(fixxpath(xpath=text, namespace=self.namespace)) while True: response = self.connection.request(request_path, params=params) if response.status != httplib.OK: raise LibcloudError('Error fetching multipart uploads. ' 'Got code: %s' % response.status, driver=self) body = response.parse_body() # pylint: disable=maybe-no-member for node in body.findall(fixxpath(xpath='Upload', namespace=self.namespace)): initiator = node.find(fixxpath(xpath='Initiator', namespace=self.namespace)) owner = node.find(fixxpath(xpath='Owner', namespace=self.namespace)) key = finder(node, 'Key') upload_id = finder(node, 'UploadId') created_at = finder(node, 'Initiated') initiator = finder(initiator, 'DisplayName') owner = finder(owner, 'DisplayName') yield S3MultipartUpload(key, upload_id, created_at, initiator, owner) # Check if this is the last entry in the listing # pylint: disable=maybe-no-member is_truncated = body.findtext(fixxpath(xpath='IsTruncated', namespace=self.namespace)) if is_truncated.lower() == 'false': break # Provide params for the next request upload_marker = body.findtext(fixxpath(xpath='NextUploadIdMarker', namespace=self.namespace)) key_marker = body.findtext(fixxpath(xpath='NextKeyMarker', namespace=self.namespace)) params['key-marker'] = key_marker params['upload-id-marker'] = upload_marker def ex_cleanup_all_multipart_uploads(self, container, prefix=None): """ Extension method for removing all partially completed S3 multipart uploads. :param container: The container holding the uploads :type container: :class:`Container` :keyword prefix: Delete only uploads of objects with this prefix :type prefix: ``str`` """ # Iterate through the container and delete the upload ids for upload in self.ex_iterate_multipart_uploads(container, prefix, delimiter=None): self._abort_multipart(container, upload.key, upload.id) def _clean_object_name(self, name): name = urlquote(name, safe='/~') return name def _put_object(self, container, object_name, method='PUT', query_args=None, extra=None, file_path=None, stream=None, verify_hash=True, storage_class=None, headers=None): headers = headers or {} extra = extra or {} headers.update(self._to_storage_class_headers(storage_class)) content_type = extra.get('content_type', None) meta_data = extra.get('meta_data', None) acl = extra.get('acl', None) if meta_data: for key, value in list(meta_data.items()): key = self.http_vendor_prefix + '-meta-%s' % (key) headers[key] = value if acl: headers[self.http_vendor_prefix + '-acl'] = acl request_path = self._get_object_path(container, object_name) if query_args: request_path = '?'.join((request_path, query_args)) result_dict = self._upload_object( object_name=object_name, content_type=content_type, request_path=request_path, request_method=method, headers=headers, file_path=file_path, stream=stream) response = result_dict['response'] bytes_transferred = result_dict['bytes_transferred'] headers = response.headers response = response server_hash = headers.get('etag', '').replace('"', '') server_side_encryption = headers.get('x-amz-server-side-encryption', None) aws_kms_encryption = (server_side_encryption == 'aws:kms') hash_matches = (result_dict['data_hash'] == server_hash) # NOTE: If AWS KMS server side encryption is enabled, ETag won't # contain object MD5 digest so we skip the checksum check # See https://docs.aws.amazon.com/AmazonS3/latest/API # /RESTCommonResponseHeaders.html # and https://github.com/apache/libcloud/issues/1401 # for details if verify_hash and not aws_kms_encryption and not hash_matches: raise ObjectHashMismatchError( value='MD5 hash {0} checksum does not match {1}'.format( server_hash, result_dict['data_hash']), object_name=object_name, driver=self) elif response.status == httplib.OK: obj = Object( name=object_name, size=bytes_transferred, hash=server_hash, extra={'acl': acl}, meta_data=meta_data, container=container, driver=self) return obj else: raise LibcloudError( 'Unexpected status code, status_code=%s' % (response.status), driver=self) def _put_object_multipart(self, container, object_name, stream, extra=None, verify_hash=False, headers=None, storage_class=None): """ Uploads an object using the S3 multipart algorithm. :param container: The destination container :type container: :class:`Container` :param object_name: The name of the object which we are uploading :type object_name: ``str`` :param stream: The generator for fetching the upload data :type stream: ``generator`` :keyword verify_hash: Indicates if we must calculate the data hash :type verify_hash: ``bool`` :keyword extra: Additional options :type extra: ``dict`` :keyword headers: Additional headers :type headers: ``dict`` :keyword storage_class: The name of the S3 object's storage class :type extra: ``str`` :return: The uploaded object :rtype: :class:`Object` """ headers = headers or {} extra = extra or {} headers.update(self._to_storage_class_headers(storage_class)) content_type = extra.get('content_type', None) meta_data = extra.get('meta_data', None) acl = extra.get('acl', None) headers['Content-Type'] = self._determine_content_type( content_type, object_name) if meta_data: for key, value in list(meta_data.items()): key = self.http_vendor_prefix + '-meta-%s' % (key) headers[key] = value if acl: headers[self.http_vendor_prefix + '-acl'] = acl upload_id = self._initiate_multipart(container, object_name, headers=headers) try: result = self._upload_multipart_chunks(container, object_name, upload_id, stream, calculate_hash=verify_hash) chunks, data_hash, bytes_transferred = result # Commit the chunk info and complete the upload etag = self._commit_multipart(container, object_name, upload_id, chunks) except Exception: # Amazon provides a mechanism for aborting an upload. self._abort_multipart(container, object_name, upload_id) raise return Object( name=object_name, size=bytes_transferred, hash=etag, extra={'acl': acl}, meta_data=meta_data, container=container, driver=self) def _to_storage_class_headers(self, storage_class): """ Generates request headers given a storage class name. :keyword storage_class: The name of the S3 object's storage class :type extra: ``str`` :return: Headers to include in a request :rtype: :dict: """ headers = {} storage_class = storage_class or 'standard' if storage_class not in ['standard', 'reduced_redundancy']: raise ValueError( 'Invalid storage class value: %s' % (storage_class)) key = self.http_vendor_prefix + '-storage-class' headers[key] = storage_class.upper() return headers def _to_containers(self, obj, xpath): for element in obj.findall(fixxpath(xpath=xpath, namespace=self.namespace)): yield self._to_container(element) def _to_objs(self, obj, xpath, container): return [self._to_obj(element, container) for element in obj.findall(fixxpath(xpath=xpath, namespace=self.namespace))] def _to_container(self, element): extra = { 'creation_date': findtext(element=element, xpath='CreationDate', namespace=self.namespace) } container = Container(name=findtext(element=element, xpath='Name', namespace=self.namespace), extra=extra, driver=self ) return container def _headers_to_object(self, object_name, container, headers): hash = headers['etag'].replace('"', '') extra = {'content_type': headers['content-type'], 'etag': headers['etag']} meta_data = {} if 'last-modified' in headers: extra['last_modified'] = headers['last-modified'] for key, value in headers.items(): if not key.lower().startswith(self.http_vendor_prefix + '-meta-'): continue key = key.replace(self.http_vendor_prefix + '-meta-', '') meta_data[key] = value obj = Object(name=object_name, size=headers['content-length'], hash=hash, extra=extra, meta_data=meta_data, container=container, driver=self) return obj def _to_obj(self, element, container): owner_id = findtext(element=element, xpath='Owner/ID', namespace=self.namespace) owner_display_name = findtext(element=element, xpath='Owner/DisplayName', namespace=self.namespace) meta_data = {'owner': {'id': owner_id, 'display_name': owner_display_name}} last_modified = findtext(element=element, xpath='LastModified', namespace=self.namespace) extra = {'last_modified': last_modified} obj = Object(name=findtext(element=element, xpath='Key', namespace=self.namespace), size=int(findtext(element=element, xpath='Size', namespace=self.namespace)), hash=findtext(element=element, xpath='ETag', namespace=self.namespace).replace('"', ''), extra=extra, meta_data=meta_data, container=container, driver=self ) return obj class S3StorageDriver(AWSDriver, BaseS3StorageDriver): name = 'Amazon S3' connectionCls = S3SignatureV4Connection region_name = 'us-east-1' def __init__(self, key, secret=None, secure=True, host=None, port=None, region=None, token=None, **kwargs): # Here for backward compatibility for old and deprecated driver class # per region approach if hasattr(self, 'region_name') and not region: region = self.region_name # pylint: disable=no-member self.region_name = region if region and region not in REGION_TO_HOST_MAP.keys(): raise ValueError('Invalid or unsupported region: %s' % (region)) self.name = 'Amazon S3 (%s)' % (region) if host is None: host = REGION_TO_HOST_MAP[region] super(S3StorageDriver, self).__init__(key=key, secret=secret, secure=secure, host=host, port=port, region=region, token=token, **kwargs) @classmethod def list_regions(self): return REGION_TO_HOST_MAP.keys() def get_object_cdn_url(self, obj, ex_expiry=S3_CDN_URL_EXPIRY_HOURS): """ Return a "presigned URL" for read-only access to object AWS only - requires AWS signature V4 authenticaiton. :param obj: Object instance. :type obj: :class:`Object` :param ex_expiry: The number of hours after which the URL expires. Defaults to 24 hours or the value of the environment variable "LIBCLOUD_S3_STORAGE_CDN_URL_EXPIRY_HOURS", if set. :type ex_expiry: ``float`` :return: Presigned URL for the object. :rtype: ``str`` """ # assemble data for the request we want to pre-sign # see: https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html # noqa object_path = self._get_object_path(obj.container, obj.name) now = datetime.utcnow() duration_seconds = int(ex_expiry * 3600) credparts = ( self.key, now.strftime(S3_CDN_URL_DATE_FORMAT), self.region, 's3', 'aws4_request') params_to_sign = { 'X-Amz-Algorithm': 'AWS4-HMAC-SHA256', 'X-Amz-Credential': '/'.join(credparts), 'X-Amz-Date': now.strftime(S3_CDN_URL_DATETIME_FORMAT), 'X-Amz-Expires': duration_seconds, 'X-Amz-SignedHeaders': 'host'} headers_to_sign = {'host': self.connection.host} # generate signature for the pre-signed request signature = self.connection.signer._get_signature( params=params_to_sign, headers=headers_to_sign, dt=now, method='GET', path=object_path, data=UnsignedPayloadSentinel ) # Create final params for pre-signed URL params = params_to_sign.copy() params['X-Amz-Signature'] = signature return '{scheme}://{host}:{port}{path}?{params}'.format( scheme='https' if self.secure else 'http', host=self.connection.host, port=self.connection.port, path=object_path, params=urlencode(params), ) class S3USEast2Connection(S3SignatureV4Connection): host = S3_US_EAST2_HOST class S3USEast2StorageDriver(S3StorageDriver): name = 'Amazon S3 (us-east-2)' connectionCls = S3USEast2Connection ex_location_name = 'us-east-2' region_name = 'us-east-2' class S3USWestConnection(S3SignatureV4Connection): host = S3_US_WEST_HOST class S3USWestStorageDriver(S3StorageDriver): name = 'Amazon S3 (us-west-1)' connectionCls = S3USWestConnection ex_location_name = 'us-west-1' region_name = 'us-west-1' class S3USWestOregonConnection(S3SignatureV4Connection): host = S3_US_WEST_OREGON_HOST class S3USWestOregonStorageDriver(S3StorageDriver): name = 'Amazon S3 (us-west-2)' connectionCls = S3USWestOregonConnection ex_location_name = 'us-west-2' region_name = 'us-west-2' class S3USGovWestConnection(S3SignatureV4Connection): host = S3_US_GOV_WEST_HOST class S3USGovWestStorageDriver(S3StorageDriver): name = 'Amazon S3 (us-gov-west-1)' connectionCls = S3USGovWestConnection ex_location_name = 'us-gov-west-1' region_name = 'us-gov-west-1' class S3CNNorthWestConnection(S3SignatureV4Connection): host = S3_CN_NORTHWEST_HOST class S3CNNorthWestStorageDriver(S3StorageDriver): name = 'Amazon S3 (cn-northwest-1)' connectionCls = S3CNNorthWestConnection ex_location_name = 'cn-northwest-1' region_name = 'cn-northwest-1' class S3CNNorthConnection(S3SignatureV4Connection): host = S3_CN_NORTH_HOST class S3CNNorthStorageDriver(S3StorageDriver): name = 'Amazon S3 (cn-north-1)' connectionCls = S3CNNorthConnection ex_location_name = 'cn-north-1' region_name = 'cn-north-1' class S3EUWestConnection(S3SignatureV4Connection): host = S3_EU_WEST_HOST class S3EUWestStorageDriver(S3StorageDriver): name = 'Amazon S3 (eu-west-1)' connectionCls = S3EUWestConnection ex_location_name = 'EU' region_name = 'eu-west-1' class S3EUWest2Connection(S3SignatureV4Connection): host = S3_EU_WEST2_HOST class S3EUWest2StorageDriver(S3StorageDriver): name = 'Amazon S3 (eu-west-2)' connectionCls = S3EUWest2Connection ex_location_name = 'eu-west-2' region_name = 'eu-west-2' class S3EUCentralConnection(S3SignatureV4Connection): host = S3_EU_CENTRAL_HOST class S3EUCentralStorageDriver(S3StorageDriver): name = 'Amazon S3 (eu-central-1)' connectionCls = S3EUCentralConnection ex_location_name = 'eu-central-1' region_name = 'eu-central-1' class S3APSEConnection(S3SignatureV4Connection): host = S3_AP_SOUTHEAST_HOST class S3EUNorth1Connection(S3SignatureV4Connection): host = S3_EU_NORTH1_HOST class S3EUNorth1StorageDriver(S3StorageDriver): name = 'Amazon S3 (eu-north-1)' connectionCls = S3EUNorth1Connection ex_location_name = 'eu-north-1' region_name = 'eu-north-1' class S3APSEStorageDriver(S3StorageDriver): name = 'Amazon S3 (ap-southeast-1)' connectionCls = S3APSEConnection ex_location_name = 'ap-southeast-1' region_name = 'ap-southeast-1' class S3APSE2Connection(S3SignatureV4Connection): host = S3_AP_SOUTHEAST2_HOST class S3APSE2StorageDriver(S3StorageDriver): name = 'Amazon S3 (ap-southeast-2)' connectionCls = S3APSE2Connection ex_location_name = 'ap-southeast-2' region_name = 'ap-southeast-2' class S3APNE1Connection(S3SignatureV4Connection): host = S3_AP_NORTHEAST1_HOST S3APNEConnection = S3APNE1Connection class S3APNE1StorageDriver(S3StorageDriver): name = 'Amazon S3 (ap-northeast-1)' connectionCls = S3APNEConnection ex_location_name = 'ap-northeast-1' region_name = 'ap-northeast-1' S3APNEStorageDriver = S3APNE1StorageDriver class S3APNE2Connection(S3SignatureV4Connection): host = S3_AP_NORTHEAST2_HOST class S3APNE2StorageDriver(S3StorageDriver): name = 'Amazon S3 (ap-northeast-2)' connectionCls = S3APNE2Connection ex_location_name = 'ap-northeast-2' region_name = 'ap-northeast-2' class S3APSouthConnection(S3SignatureV4Connection): host = S3_AP_SOUTH_HOST class S3APSouthStorageDriver(S3StorageDriver): name = 'Amazon S3 (ap-south-1)' connectionCls = S3APSouthConnection ex_location_name = 'ap-south-1' region_name = 'ap-south-1' class S3SAEastConnection(S3SignatureV4Connection): host = S3_SA_EAST_HOST class S3SAEastStorageDriver(S3StorageDriver): name = 'Amazon S3 (sa-east-1)' connectionCls = S3SAEastConnection ex_location_name = 'sa-east-1' region_name = 'sa-east-1' class S3CACentralConnection(S3SignatureV4Connection): host = S3_CA_CENTRAL_HOST class S3CACentralStorageDriver(S3StorageDriver): name = 'Amazon S3 (ca-central-1)' connectionCls = S3CACentralConnection ex_location_name = 'ca-central-1' region_name = 'ca-central-1'
webs 1.0 - Enhanced UI