import time
import datetime
import json
import base64
import hmac
from hashlib import sha1 as sha
import collections
from urllib import urlencode
from urllib import quote
import operator
import uuid
import urlparse
def get_oss_signature(params, sk, http_method):
assert http_method in ["GET", "POST", "PUT"]
assert isinstance(params, dict)
policy_dict = collections.OrderedDict(sorted(params.items(), key=operator.itemgetter(0)))
policy_encode = '{}&%2F&{}'.format(http_method, quote(urlencode(policy_dict)))
new_sk = '{}&'.format(sk)
if isinstance(policy_encode, unicode):
policy_encode = policy_encode.encode('utf-8')
if isinstance(new_sk, unicode):
new_sk = new_sk.encode('utf-8')
h = hmac.new(new_sk, policy_encode, sha)
sign_result = base64.encodestring(h.digest()).strip()
return sign_result
def get_oss_sts_token(ak, sk, role_arn):
param = {'AccessKeyId': ak,
'Action': 'AssumeRole',
'Format': 'JSON',
'RoleArn': role_arn,
'RoleSessionName': 'client',
'SignatureMethod': 'HMAC-SHA1',
'SignatureNonce': str(uuid.uuid4()),
'SignatureVersion': '1.0',
'Timestamp': datetime.datetime.utcfromtimestamp(time.time()).strftime('%Y-%m-%dT%H:%M:%SZ'),
'Version': '2015-04-01'}
with CustomSession() as tx:
url = 'https://sts.aliyuncs.com'
param['Signature'] = get_oss_signature(param, sk, "GET")
res = tx.ses.get(url=url, params=param)
if res.status_code / 100 != 2:
raise StandardError("请求 ali oss sts 失败:%s" % res.content)
res_data = res.json()
if 'Credentials' not in res_data:
raise StandardError('ali oss sts 没有获取到相关的token')
return res_data['Credentials']
因为不满意阿里云提供的sdk,自己实现了下。
代码没有注释(一个不好的习惯),get_oss_signature是获取签名的,ak 是 access_key,sk 是 access_secret,
params是需要传的参数。
get_oss_sts_token获取 sts 的token。role_arn为角色
补充:
建了一个qq群:389954854,主要目的是互帮互助,通过交流促进python技术。很多初学者往往不知道如何下手,还等什么,快快加入进来吧!
或者关注微信公众号:python码码有趣的