Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding ability to sign URL from GAE. #921

Merged
merged 1 commit into from
Jun 24, 2015
Merged

Conversation

dhermes
Copy link
Contributor

@dhermes dhermes commented Jun 13, 2015

Also refactoring _get_signed_query_params and the related tests so that the signing process and service account name determination are isolated methods.

Fixes #607.

@googlebot googlebot added the cla: yes This human has signed the Contributor License Agreement. label Jun 13, 2015
@dhermes
Copy link
Contributor Author

dhermes commented Jun 13, 2015

@jgeewax I was actually reminded of this old bug when discussing some performance issues of apitools on GCE.


Is there a GCE equivalent (I assume via metadata server) of

from google.appengine.api import app_identity
_, signed_bytes = app_identity.sign_blob(string_to_sign)

Is there someone who works on GCE who might be worth asking?

@jgeewax
Copy link
Contributor

jgeewax commented Jun 16, 2015

@ludoch : Do you know if there's a GCE equivalent of GAE Python's app_identity.sign_blob() ?

@dhermes
Copy link
Contributor Author

dhermes commented Jun 16, 2015

@jgeewax I made #922 and commented on what the metadata server tells us about the service account.

@dhermes
Copy link
Contributor Author

dhermes commented Jun 24, 2015

@tseaver PTAL

if _GAECreds is not None and isinstance(credentials, _GAECreds):
_, signed_bytes = app_identity.sign_blob(string_to_sign)
return signed_bytes
else:

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

This comment was marked as spam.

Also refactoring _get_signed_query_params and the related
tests so that the signing process and service account name
determination are isolated methods.

Fixes googleapis#607.
@dhermes
Copy link
Contributor Author

dhermes commented Jun 24, 2015

@tseaver Done (and rebased on top of HEAD).

@tseaver
Copy link
Contributor

tseaver commented Jun 24, 2015

LGTM

dhermes added a commit that referenced this pull request Jun 24, 2015
Adding ability to sign URL from GAE.
@dhermes dhermes merged commit b975d9c into googleapis:master Jun 24, 2015
@dhermes dhermes deleted the fix-607 branch June 24, 2015 21:18
@dhermes dhermes mentioned this pull request Jul 10, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
cla: yes This human has signed the Contributor License Agreement.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants