2024-02-24 17:16:34 -07:00
|
|
|
import datetime as dt
|
2017-12-18 18:00:13 -07:00
|
|
|
import hashlib
|
|
|
|
import hmac
|
2024-06-11 17:09:58 -06:00
|
|
|
import urllib.parse
|
2017-12-18 18:00:13 -07:00
|
|
|
|
|
|
|
from .common import InfoExtractor
|
|
|
|
|
|
|
|
|
2022-11-15 17:57:43 -07:00
|
|
|
class AWSIE(InfoExtractor): # XXX: Conventionally, base classes should end with BaseIE/InfoExtractor
|
2017-12-18 18:00:13 -07:00
|
|
|
_AWS_ALGORITHM = 'AWS4-HMAC-SHA256'
|
|
|
|
_AWS_REGION = 'us-east-1'
|
|
|
|
|
|
|
|
def _aws_execute_api(self, aws_dict, video_id, query=None):
|
|
|
|
query = query or {}
|
2024-02-24 17:16:34 -07:00
|
|
|
amz_date = dt.datetime.now(dt.timezone.utc).strftime('%Y%m%dT%H%M%SZ')
|
2017-12-18 18:00:13 -07:00
|
|
|
date = amz_date[:8]
|
|
|
|
headers = {
|
|
|
|
'Accept': 'application/json',
|
|
|
|
'Host': self._AWS_PROXY_HOST,
|
|
|
|
'X-Amz-Date': amz_date,
|
2024-06-11 17:09:58 -06:00
|
|
|
'X-Api-Key': self._AWS_API_KEY,
|
2017-12-18 18:00:13 -07:00
|
|
|
}
|
|
|
|
session_token = aws_dict.get('session_token')
|
|
|
|
if session_token:
|
|
|
|
headers['X-Amz-Security-Token'] = session_token
|
|
|
|
|
|
|
|
def aws_hash(s):
|
2024-06-11 17:09:58 -06:00
|
|
|
return hashlib.sha256(s.encode()).hexdigest()
|
2017-12-18 18:00:13 -07:00
|
|
|
|
|
|
|
# Task 1: http://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html
|
2024-06-11 17:09:58 -06:00
|
|
|
canonical_querystring = urllib.parse.urlencode(query)
|
2017-12-18 18:00:13 -07:00
|
|
|
canonical_headers = ''
|
2017-12-28 16:13:23 -07:00
|
|
|
for header_name, header_value in sorted(headers.items()):
|
2024-06-11 17:09:58 -06:00
|
|
|
canonical_headers += f'{header_name.lower()}:{header_value}\n'
|
2017-12-28 16:13:23 -07:00
|
|
|
signed_headers = ';'.join([header.lower() for header in sorted(headers.keys())])
|
2017-12-18 18:00:13 -07:00
|
|
|
canonical_request = '\n'.join([
|
|
|
|
'GET',
|
|
|
|
aws_dict['uri'],
|
|
|
|
canonical_querystring,
|
|
|
|
canonical_headers,
|
|
|
|
signed_headers,
|
2024-06-11 17:09:58 -06:00
|
|
|
aws_hash(''),
|
2017-12-18 18:00:13 -07:00
|
|
|
])
|
|
|
|
|
|
|
|
# Task 2: http://docs.aws.amazon.com/general/latest/gr/sigv4-create-string-to-sign.html
|
|
|
|
credential_scope_list = [date, self._AWS_REGION, 'execute-api', 'aws4_request']
|
|
|
|
credential_scope = '/'.join(credential_scope_list)
|
|
|
|
string_to_sign = '\n'.join([self._AWS_ALGORITHM, amz_date, credential_scope, aws_hash(canonical_request)])
|
|
|
|
|
|
|
|
# Task 3: http://docs.aws.amazon.com/general/latest/gr/sigv4-calculate-signature.html
|
|
|
|
def aws_hmac(key, msg):
|
2024-06-11 17:09:58 -06:00
|
|
|
return hmac.new(key, msg.encode(), hashlib.sha256)
|
2017-12-18 18:00:13 -07:00
|
|
|
|
|
|
|
def aws_hmac_digest(key, msg):
|
|
|
|
return aws_hmac(key, msg).digest()
|
|
|
|
|
|
|
|
def aws_hmac_hexdigest(key, msg):
|
|
|
|
return aws_hmac(key, msg).hexdigest()
|
|
|
|
|
2024-06-11 17:09:58 -06:00
|
|
|
k_signing = ('AWS4' + aws_dict['secret_key']).encode()
|
2017-12-18 18:00:13 -07:00
|
|
|
for value in credential_scope_list:
|
|
|
|
k_signing = aws_hmac_digest(k_signing, value)
|
|
|
|
|
|
|
|
signature = aws_hmac_hexdigest(k_signing, string_to_sign)
|
|
|
|
|
|
|
|
# Task 4: http://docs.aws.amazon.com/general/latest/gr/sigv4-add-signature-to-request.html
|
|
|
|
headers['Authorization'] = ', '.join([
|
2024-06-11 17:09:58 -06:00
|
|
|
'{} Credential={}/{}'.format(self._AWS_ALGORITHM, aws_dict['access_key'], credential_scope),
|
|
|
|
f'SignedHeaders={signed_headers}',
|
|
|
|
f'Signature={signature}',
|
2017-12-18 18:00:13 -07:00
|
|
|
])
|
|
|
|
|
|
|
|
return self._download_json(
|
2024-06-11 17:09:58 -06:00
|
|
|
'https://{}{}{}'.format(self._AWS_PROXY_HOST, aws_dict['uri'], '?' + canonical_querystring if canonical_querystring else ''),
|
2017-12-18 18:00:13 -07:00
|
|
|
video_id, headers=headers)
|