\SrSSKrSSKJr SSKJr SSKrSSKJr SSKrSSKJ r Sr Sr S r S r S rS rSS jrSr\4Sjrg)z&Utility functions for signurl command.N)datetime)timezone)UTF8)urllibzN{method} {resource} {query_string} {headers} {signed_headers} {hashed_payload}zGOOG4-RSA-SHA256zA{signing_algo} {request_time} {credential_scope} {hashed_request}z;https://{host}/{path}?x-goog-signature={sig}&{query_string}zUNSIGNED-PAYLOADc`[R"[RS9R SS9$)N)tz)tzinfo)rnowrutcreplace-platform/gsutil/gslib/utils/signurl_helper.py_NowUTCr$s#  & . .d . ;;rc B[5n U RS5n U RS5n SRXS9n [US-U -U SR [ UR 555SUR5-S.nUbXS 'UbXNS 'S RU5nS R [ UR 55Vs/sH5nS RU[RRUU55PM7 sn5nSR [ UR 55Vs/sH&nSRUR5UU5PM( sn5S-nSR [ UR 555n[RUUUUU[S9n[R(aUR!["5n[$R&"5nUR)U5 [*R,"UR/55R5R1["5n[2R[U U US9nU (a/U(a(UR5SU-5 UR5SU-5 UU4$s snfs snf)aCreate a string that needs to be signed. Args: client_id: Client ID signing this URL. method: The HTTP method to be used with the signed URL. duration: timedelta for which the constructed signed URL should be valid. path: String path to the bucket of object for signing, in the form 'bucket' or 'bucket/object'. generation: If not None, specifies a version of an object for signing. logger: logging.Logger for warning and debug output. region: Geographic region in which the requested resource resides. signed_headers: Dict containing the header info like host content-type etc. billing_project: Specify a user project to be billed for the request. string_to_sign_debug: If true AND logger is enabled for debug level, print string to sign to debug. Used to differentiate user's signed URL from the probing permissions-check signed URL. Returns: A tuple where the 1st element is the string to sign. The second element is the query string. z%Y%m%dz%Y%m%dT%H%M%SZz%{date}/{region}/storage/goog4_request)dateregion/;z%d)zx-goog-algorithmzx-goog-credentialz x-goog-datezx-goog-signedheaderszx-goog-expires userProject generationz/{}&z{}={} z{}:{})methodresource query_stringheaderssigned_headershashed_payload) signing_algo request_timecredential_scopehashed_requestz=Canonical request (ignore opening/closing brackets): [[[%s]]]z:String to sign (ignore opening/closing brackets): [[[%s]]])rstrftimeformat _SIGNING_ALGOjoinsortedkeys total_secondsrparse quote_pluslower_CANONICAL_REQUEST_FORMAT_UNSIGNED_PAYLOADsixPY3encoderhashlibsha256updatebase64 b16encodedigestdecode_STRING_TO_SIGN_FORMATdebug) client_idrdurationpathrloggerrrbilling_projectstring_to_sign_debug signing_time canonical_daycanonical_timecanonical_scopesigned_query_paramscanonical_resourceparamcanonical_query_stringheadercanonical_headerscanonical_signed_headerscanonical_requestcanonical_request_hasherhashed_canonical_requeststring_to_signs r CreatePayloadrQ(s@,''1-(()9:.;BB C)/($s?_<#!hhvn.A.A.C'DEx5577 !)8 &(2 %||D)88-2245%5%nnUFLL334G4NOP5%ii>..01!1&nnV\\^^F%;<1!  !XXf^-@-@-B&CD/66 !)-& 7( WW)006$^^-!!"34#--%%')).*00 !&- 1/. f LLG  LLM ! / //O%!s sigr)r6r7r-r9_SIGNED_URL_FORMATr%) raw_signaturerSr>rI signatures r GetFinalUrlrXsI}-335<<>)  " "(,'00F # HHrcR[U[5(aU$URU5$)N) isinstancebytesr2)valueencodings rto_bytesr^s#u L h r)NF)__doc__r6rrr3gslib.utils.constantsrr0 six.movesrr.r&r:rUr/rrQrXr^r rrrbsg- & D" /'&<#'',]0@H" r