From db38a0bbd86b4cd08e77c93c97c961366eebc0b0 Mon Sep 17 00:00:00 2001 From: shenqing-code Date: Mon, 2 Mar 2020 16:16:02 +0800 Subject: [PATCH] update --- examples/post_object_sample.py | 2 +- examples/temporary_signature_sample.py | 2 +- src/obs/client.py | 19 ++++++++++++++----- 3 files changed, 16 insertions(+), 7 deletions(-) diff --git a/examples/post_object_sample.py b/examples/post_object_sample.py index 0ba49db..f33fae2 100644 --- a/examples/post_object_sample.py +++ b/examples/post_object_sample.py @@ -19,7 +19,7 @@ AK = '*** Provide your Access Key ***' SK = '*** Provide your Secret Key ***' -server = 'your-endpoint' +server = 'https://your-endpoint' bucketName = 'my-obs-bucket-demo' objectKey = 'my-obs-object-key-demo' diff --git a/examples/temporary_signature_sample.py b/examples/temporary_signature_sample.py index 19f4d28..6907439 100644 --- a/examples/temporary_signature_sample.py +++ b/examples/temporary_signature_sample.py @@ -19,7 +19,7 @@ AK = '*** Provide your Access Key ***' SK = '*** Provide your Secret Key ***' -server = 'http://your-endpoint' +server = 'https://your-endpoint' bucketName = 'my-obs-bucket-demo' objectKey = 'my-obs-object-key-demo' diff --git a/src/obs/client.py b/src/obs/client.py index 5dc20b1..88483f7 100644 --- a/src/obs/client.py +++ b/src/obs/client.py @@ -444,7 +444,7 @@ def _make_request_internal(self, method, bucketName='', objectKey=None, pathArgs if not path: path = self.calling_format.get_url(bucketName, objectKey, pathArgs) - + headers = self._rename_request_headers(headers, method) if entity is not None and not callable(entity): @@ -461,6 +461,8 @@ def _make_request_internal(self, method, bucketName='', objectKey=None, pathArgs header_log = header_config.copy() header_log[const.HOST_HEADER] = '******' header_log[const.AUTHORIZATION_HEADER] = '******' + if self.ha.security_token_header() in header_log: + header_log[self.ha.security_token_header()] = "******" self.log_client.log(DEBUG, 'method:%s, path:%s, header:%s', method, path, header_log) conn = self._send_request(connect_server, method, path, header_config, entity, port, scheme, redirect, chunkedMode) return conn @@ -492,11 +494,18 @@ def _add_auth_headers(self, headers, method, bucketName, objectKey, pathArgs, sk longDate = now_date.strftime(const.LONG_DATE_FORMAT) v4Auth = auth.V4Authentication(ak, sk, str(self.region) if self.region is not None else '', shortDate, longDate, self.path_style, self.ha) ret = v4Auth.doAuth(method, bucketName, objectKey, pathArgs, headers) - self.log_client.log(DEBUG, '%s: %s' % (const.CANONICAL_REQUEST, ret[const.CANONICAL_REQUEST])) + + log_canonical_request = ret[const.CANONICAL_REQUEST] + if self.ha.security_token_header() in headers: + log_canonical_request = str.replace(log_canonical_request, headers[self.ha.security_token_header()],"******") + self.log_client.log(DEBUG, '%s: %s' % (const.CANONICAL_REQUEST, log_canonical_request)) else: obsAuth = auth.Authentication(ak, sk, self.path_style, self.ha, self.server, self.is_cname) ret = obsAuth.doAuth(method, bucketName, objectKey, pathArgs, headers) - self.log_client.log(DEBUG, '%s: %s' % (const.CANONICAL_STRING, ret[const.CANONICAL_STRING])) + log_canonical_string = ret[const.CANONICAL_STRING] + if self.ha.security_token_header() in headers: + log_canonical_string = str.replace(log_canonical_string, headers[self.ha.security_token_header()], "******") + self.log_client.log(DEBUG, '%s: %s' % (const.CANONICAL_STRING, log_canonical_string)) headers[const.AUTHORIZATION_HEADER] = ret[const.AUTHORIZATION_HEADER] return headers @@ -510,10 +519,10 @@ def _rename_request_headers(self, headers, method): if method not in (const.HTTP_METHOD_PUT, const.HTTP_METHOD_POST): continue k = self.ha._get_meta_header_prefix() + k - + if(k.lower().startswith(self.ha._get_meta_header_prefix())): k = util.encode_item(k, ' ;/?:@&=+$,') - + if(k.lower() == self.ha._get_header_prefix() + 'copy-source'): index = v.rfind('?versionId=') if index > 0: