Skip to content

Commit

Permalink
Merge pull request #230 from uploadcare/fix/v3-akamai
Browse files Browse the repository at this point in the history
Fix akamai secure url generatio
  • Loading branch information
dmitry-mukhin authored Nov 25, 2022
2 parents 927459c + 25ce62d commit 594008d
Show file tree
Hide file tree
Showing 5 changed files with 31 additions and 14 deletions.
13 changes: 9 additions & 4 deletions HISTORY.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,19 +6,24 @@ The format is based on [Keep a
Changelog](https://keepachangelog.com/en/1.0.0/), and this project
adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [3.1.1](https://github.com/uploadcare/pyuploadcare/compare/v3.1.0...v3.1.1) - TBD
## [3.2.0](https://github.com/uploadcare/pyuploadcare/compare/v3.1.0...v3.2.0) - TBD


### Changed

- freeze `httpx` dependency for py37+ (`=0.23.0`) to prevent breaking changes in processing files opened in text mode

### Fixed

- Akamai signed URL generation

## [3.1.0](https://github.com/uploadcare/pyuploadcare/compare/v3.0.1...v3.1.0) - 2022-10-24

### Changed

- Bumped `httpx` dependency for py37+
- Add `follow_redirects` argument for Client request method
- Using `allow_redirects` argument is allowed, but will cause a deprecating warning
- Using `allow_redirects` argument is allowed, but will cause a deprecating warning
- Bumped `black` dependency

## [3.0.1](https://github.com/uploadcare/pyuploadcare/compare/v3.0.0...v3.0.1) - 2022-10-06
Expand Down Expand Up @@ -275,12 +280,12 @@ UnicodeDecodeError: 'ascii' codec can't decode byte 0xc5 ...
- Widget was updated up to *0.8.1.2*.

- It was invoking `File.store()`, `FileGroup.store()` methods on every model instance saving, e.g.:

``` python
photo.title = 'new title'
photo.save()
```

Now it happens while saving by form, namely by calling
`your_model_form.is_valid()`. There is other thing that can trigger
storing -- calling `photo.full_clean()` directly.
Expand Down
2 changes: 1 addition & 1 deletion pyproject.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[tool.poetry]
name = "pyuploadcare"
version = "3.1.1"
version = "3.2.0"
description = "Python library for Uploadcare.com"
authors = ["Uploadcare Inc <[email protected]>"]
readme = "README.md"
Expand Down
2 changes: 1 addition & 1 deletion pyuploadcare/__init__.py
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# isort: skip_file
__version__ = "3.1.1"
__version__ = "3.2.0"

from pyuploadcare.resources.file import File # noqa: F401
from pyuploadcare.resources.file_group import FileGroup # noqa: F401
Expand Down
5 changes: 3 additions & 2 deletions pyuploadcare/secure_url.py
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import binascii
import hashlib
import hmac
import time
Expand Down Expand Up @@ -26,7 +27,7 @@ def __init__(
cdn_url: str,
secret_key: str,
window: int = 300,
hash_algo=hashlib.sha1,
hash_algo=hashlib.sha256,
):
self.secret_key = secret_key
self.cdn_url = cdn_url
Expand Down Expand Up @@ -87,7 +88,7 @@ def _build_signature(self, expire: int, acl: str) -> str:
]

signature = hmac.new(
self.secret_key.encode(),
binascii.a2b_hex(self.secret_key.encode()),
self.field_delimeter.join(hash_source).encode(),
self.hash_algo,
).hexdigest()
Expand Down
23 changes: 17 additions & 6 deletions tests/functional/test_secure_url.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,23 +4,32 @@
from pyuploadcare.secure_url import AkamaiSecureUrlBuilder


known_secret = (
"73636b61519adede42191efe1e73f02a67c7b692e3765f90c250c230be095211"
)


@pytest.mark.freeze_time("2021-10-12")
def test_generate_secure_url():
secure_url_bulder = AkamaiSecureUrlBuilder("cdn.yourdomain.com", "secret")
secure_url_bulder = AkamaiSecureUrlBuilder(
"cdn.yourdomain.com", known_secret
)
secure_url = secure_url_bulder.build(
"52da3bfc-7cd8-4861-8b05-126fef7a6994"
)
assert secure_url == (
"https://cdn.yourdomain.com/52da3bfc-7cd8-4861-8b05-126fef7a6994/?token="
"exp=1633997100~"
"acl=/52da3bfc-7cd8-4861-8b05-126fef7a6994/~"
"hmac=a33cfc66c3e3592e712cdd1f82bd79d51df93b06"
"hmac=81852547d9dbd9eefd24bee2cada6eab02244b9013533bc8511511923098df72"
)


@pytest.mark.freeze_time("2021-10-12")
def test_generate_secure_url_with_transformation():
secure_url_bulder = AkamaiSecureUrlBuilder("cdn.yourdomain.com", "secret")
secure_url_bulder = AkamaiSecureUrlBuilder(
"cdn.yourdomain.com", known_secret
)
secure_url = secure_url_bulder.build(
"52da3bfc-7cd8-4861-8b05-126fef7a6994/-/resize/640x/other/transformations/"
)
Expand All @@ -29,13 +38,15 @@ def test_generate_secure_url_with_transformation():
"-/resize/640x/other/transformations/?token="
"exp=1633997100~"
"acl=/52da3bfc-7cd8-4861-8b05-126fef7a6994/-/resize/640x/other/transformations/~"
"hmac=24d11299339bdf9dcba26c7a5603c7ca63503fda"
"hmac=a3ae2b3e3adfcb5d41ca753598e19d17264ac87d2b0b828ccdac5136e63f2f1a"
)


@pytest.mark.freeze_time("2021-10-12")
def test_client_generate_secure_url():
secure_url_bulder = AkamaiSecureUrlBuilder("cdn.yourdomain.com", "secret")
secure_url_bulder = AkamaiSecureUrlBuilder(
"cdn.yourdomain.com", known_secret
)

uploadcare = Uploadcare(
public_key="public",
Expand All @@ -49,5 +60,5 @@ def test_client_generate_secure_url():
"https://cdn.yourdomain.com/52da3bfc-7cd8-4861-8b05-126fef7a6994/?token="
"exp=1633997100~"
"acl=/52da3bfc-7cd8-4861-8b05-126fef7a6994/~"
"hmac=a33cfc66c3e3592e712cdd1f82bd79d51df93b06"
"hmac=81852547d9dbd9eefd24bee2cada6eab02244b9013533bc8511511923098df72"
)

0 comments on commit 594008d

Please sign in to comment.