Skip to content

add arg for refreshing creds when needed instead of per-request #75

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

add arg for refreshing creds when needed instead of per-request #75

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 11 additions & 1 deletion requests_aws4auth/aws4auth.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -255,10 +255,16 @@ def __init__(self, *args, **kwargs):
If refreshable_credentials is set, the following arguments
are ignored: access_id, secret_key, signing_key,
session_token.
refresh_credentials_when_needed
-- Must be supplied as keyword argument. If refreshable_credentials
is provided and refresh_credentials_when_needed is set to True,
then credentials will only be refreshed if needed instead of
on each request. Defaults to False.

"""
self.signing_key = None
self.refreshable_credentials = kwargs.get('refreshable_credentials', None)
self.refresh_credentials_when_needed = kwargs.get('refresh_credentials_when_needed', False)
if self.refreshable_credentials:
# instantiate from refreshable_credentials
self.service = kwargs.get('service', None)
Expand All @@ -269,6 +275,8 @@ def __init__(self, *args, **kwargs):
raise TypeError('region must be provided as keyword argument when using refreshable_credentials')
self.date = kwargs.get('date', None)
self.default_include_headers.add('x-amz-security-token')
if self.refresh_credentials_when_needed and not callable(getattr(self.refreshable_credentials, 'refresh_needed', None)):
raise TypeError(f'credentials acquired via {self.refreshable_credentials.method} which does not support refresh when needed')
else:
l = len(args)
if l not in [2, 4, 5]:
Expand Down Expand Up @@ -372,8 +380,10 @@ def __call__(self, req):

"""
if self.refreshable_credentials:
if not self.refresh_credentials_when_needed or self.refreshable_credentials.refresh_needed():
# generate per-request static credentials
self.refresh_credentials()
# alternatively generate only when needed if self.refresh_credentials_when_needed is True
self.refresh_credentials()
# check request date matches scope date
req_date = self.get_request_date(req)
if req_date is None:
Expand Down