Google Git
Sign in
apache / libcloud / 4c2ee783ec1a955ef323bd3288efd74c9863dbed / . / libcloud / common / ovh.py
blob: 08d82e30a42f5dc376892bad61f12910f6fdaa6a [file] [log] [blame]
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import time
import hashlib
from typing import List
from libcloud.http import LibcloudConnection
from libcloud.utils.py3 import httplib
from libcloud.common.base import JsonResponse, ConnectionUserAndKey
from libcloud.common.types import InvalidCredsError
from libcloud.utils.connection import get_response_object
try:
import simplejson as json
except ImportError:
import json # type: ignore
__all__ = ["OvhResponse", "OvhConnection"]
API_HOST = "api.ovh.com"
API_ROOT = "/1.0"
# From https://us.ovhcloud.com/about/company/data-centers
LOCATIONS = {
"BHS1": {"id": "BHS1", "name": "Beauharnois, Quebec 1", "country": "CA"},
"BHS2": {"id": "BHS2", "name": "Beauharnois, Quebec 2", "country": "CA"},
"BHS3": {"id": "BHS3", "name": "Beauharnois, Quebec 3", "country": "CA"},
"BHS4": {"id": "BHS4", "name": "Beauharnois, Quebec 4", "country": "CA"},
"BHS5": {"id": "BHS5", "name": "Beauharnois, Quebec 5", "country": "CA"},
"BHS6": {"id": "BHS6", "name": "Beauharnois, Quebec 6", "country": "CA"},
"DC1": {"id": "DC1", "name": "Paris DC1", "country": "FR"},
"FRA1": {"id": "FRA1", "name": "Frankfurt 1", "country": "DE"},
"GRA1": {"id": "GRA1", "name": "Gravelines 1", "country": "FR"},
"GRA2": {"id": "GRA2", "name": "Gravelines 2", "country": "FR"},
"GSW": {"id": "GSW", "name": "Paris GSW", "country": "FR"},
"HIL1": {"id": "HIL1", "name": "Hillsboro, Oregon 1", "country": "US"},
"LON1": {"id": "LON1", "name": "London 1", "country": "UK"},
"P19": {"id": "P19", "name": "Paris P19", "country": "FR"},
"RBX1": {"id": "RBX1", "name": "Roubaix 1", "country": "FR"},
"RBX2": {"id": "RBX2", "name": "Roubaix 2", "country": "FR"},
"RBX3": {"id": "RBX3", "name": "Roubaix 3", "country": "FR"},
"RBX4": {"id": "RBX4", "name": "Roubaix 4", "country": "FR"},
"RBX5": {"id": "RBX5", "name": "Roubaix 5", "country": "FR"},
"RBX6": {"id": "RBX6", "name": "Roubaix 6", "country": "FR"},
"RBX7": {"id": "RBX7", "name": "Roubaix 7", "country": "FR"},
"SBG1": {"id": "SBG1", "name": "Strasbourg 1", "country": "FR"},
"SBG2": {"id": "SBG2", "name": "Strasbourg 2", "country": "FR"},
"SBG3": {"id": "SBG3", "name": "Strasbourg 3", "country": "FR"},
"SGP1": {"id": "SGP1", "name": "Singapore 1", "country": "SG"},
"SYD1": {"id": "SYD1", "name": "Sydney 1", "country": "AU"},
"VIN1": {"id": "VIN1", "name": "Vint Hill, Virginia 1", "country": "US"},
"WAW1": {"id": "WAW1", "name": "Warsaw 1", "country": "PL"},
}
DEFAULT_ACCESS_RULES = [
{"method": "GET", "path": "/*"},
{"method": "POST", "path": "/*"},
{"method": "PUT", "path": "/*"},
{"method": "DELETE", "path": "/*"},
]
class OvhException(Exception):
pass
class OvhResponse(JsonResponse):
def parse_error(self):
response = super().parse_body()
response = response or {}
if response.get("errorCode", None) == "INVALID_SIGNATURE":
raise InvalidCredsError(
"Signature validation failed, probably " "using invalid credentials"
)
return self.body
class OvhConnection(ConnectionUserAndKey):
"""
A connection to the Ovh API
Wraps SSL connections to the Ovh API, automagically injecting the
parameters that the API needs for each request.
"""
host = API_HOST
request_path = API_ROOT
responseCls = OvhResponse
timestamp = None
ua = [] # type: List[str]
LOCATIONS = LOCATIONS
_timedelta = None
allow_insecure = True
def __init__(self, user_id, *args, **kwargs):
region = kwargs.pop("region", "")
if region:
self.host = ("{}.{}".format(region, API_HOST)).lstrip(".")
else:
self.host = API_HOST
self.consumer_key = kwargs.pop("ex_consumer_key", None)
if self.consumer_key is None:
consumer_key_json = self.request_consumer_key(user_id)
msg = (
"Your consumer key isn't validated, "
"go to '%(validationUrl)s' for valid it. After instantiate "
"your driver with \"ex_consumer_key='%(consumerKey)s'\"." % consumer_key_json
)
raise OvhException(msg)
super().__init__(user_id, *args, **kwargs)
def request_consumer_key(self, user_id):
action = self.request_path + "/auth/credential"
data = json.dumps({"accessRules": DEFAULT_ACCESS_RULES, "redirection": "http://ovh.com"})
headers = {
"Content-Type": "application/json",
"X-Ovh-Application": user_id,
}
httpcon = LibcloudConnection(host=self.host, port=443)
try:
httpcon.request(method="POST", url=action, body=data, headers=headers)
except Exception as e:
handle_and_rethrow_user_friendly_invalid_region_error(host=self.host, e=e)
response = OvhResponse(httpcon.getresponse(), httpcon)
if response.status == httplib.UNAUTHORIZED:
raise InvalidCredsError()
json_response = response.parse_body()
httpcon.close()
return json_response
def get_timestamp(self):
if not self._timedelta:
url = "https://{}{}/auth/time".format(self.host, API_ROOT)
response = get_response_object(url=url, method="GET", headers={})
if not response or not response.body:
raise Exception("Failed to get current time from Ovh API")
timestamp = int(response.body)
self._timedelta = timestamp - int(time.time())
return int(time.time()) + self._timedelta
def make_signature(self, method, action, params, data, timestamp):
full_url = "https://{}{}".format(self.host, action)
if params:
full_url += "?"
for key, value in params.items():
full_url += "{}={}&".format(key, value)
full_url = full_url[:-1]
sha1 = hashlib.sha1()
base_signature = "+".join(
[
self.key,
self.consumer_key,
method.upper(),
full_url,
data if data else "",
str(timestamp),
]
)
sha1.update(base_signature.encode())
signature = "$1$" + sha1.hexdigest()
return signature
def add_default_params(self, params):
return params
def add_default_headers(self, headers):
headers.update(
{
"X-Ovh-Application": self.user_id,
"X-Ovh-Consumer": self.consumer_key,
"Content-type": "application/json",
}
)
return headers
def request(self, action, params=None, data=None, headers=None, method="GET", raw=False):
data = json.dumps(data) if data else None
timestamp = self.get_timestamp()
signature = self.make_signature(method, action, params, data, timestamp)
headers = headers or {}
headers.update({"X-Ovh-Timestamp": timestamp, "X-Ovh-Signature": signature})
try:
return super().request(
action,
params=params,
data=data,
headers=headers,
method=method,
raw=raw,
)
except Exception as e:
handle_and_rethrow_user_friendly_invalid_region_error(host=self.host, e=e)
def handle_and_rethrow_user_friendly_invalid_region_error(host, e):
"""
Utility method which throws a more user-friendly error in case "name or
service not known" error is received when sending a request.
In most cases this error indicates user passed invalid ``region`` argument
to the driver constructor.
"""
msg = str(e).lower()
error_messages_to_throw = [
"name or service not known",
"nodename nor servname provided, or not known",
"getaddrinfo failed",
]
if any([value for value in error_messages_to_throw if value in msg]):
raise ValueError(
'Received "name or service not known" error '
"when sending a request. This likely "
"indicates invalid region argument was "
"passed to the driver constructor."
"Used host: %s. Original error: %s" % (host, str(e))
)
raise e