U W+d @sxddlZddlZddlZddlmZGdddeZGdddeZGdddeZ Gd d d eZ Gd d d eZ dS) N)jsonc@s\eZdZdZdddZeddZeddZd d Zd d Z d dZ ddZ dddZ dS) Credentialsa' :ivar access_key: The AccessKeyID. :ivar secret_key: The SecretAccessKey. :ivar session_token: The session token that must be passed with requests to use the temporary credentials :ivar expiration: The timestamp for when the credentials will expire NcCs(||_d|_d|_d|_d|_d|_dSN)parent access_key secret_key session_token expiration request_idselfrr 8/tmp/pip-unpacked-wheel-dlxw5sjy/boto/sts/credentials.py__init__'s zCredentials.__init__cCs t|}|}|j||S)z Create and return a new Session Token based on the contents of a JSON document. :type json_doc: str :param json_doc: A string containing a JSON document with a previously saved Credentials object. )rloads__dict__update)clsjson_docdtokenr r r from_json/s  zCredentials.from_jsoncCs"t|}|}|||S)a- Create and return a new Session Token based on the contents of a previously saved JSON-format file. :type file_path: str :param file_path: The fully qualified path to the JSON-format file containing the previously saved Session Token information. )openreadcloser)r file_pathfprr r rload>s zCredentials.loadcCsdSrr r nameattrs connectionr r r startElementMszCredentials.startElementcCsT|dkr||_n@|dkr ||_n0|dkr0||_n |dkr@||_n|dkrP||_ndS)NZ AccessKeyIdZSecretAccessKeyZ SessionTokenZ Expiration RequestIdrrrr r r rvaluer!r r r endElementPszCredentials.endElementcCs|j|j|j|j|jdS)zm Return a Python dict containing the important information about this Session Token. r$r$)r r r rto_dict^s zCredentials.to_dictcCs2t|d}t|||t|ddS)a Persist a Session Token to a file in JSON format. :type path: str :param path: The fully qualified path to the file where the the Session Token data should be written. Any previous data in the file will be overwritten. To help protect the credentials contained in the file, the permissions of the file will be set to readable/writable by owner only. wiN)rrdumpr(roschmod)r rrr r rsaveis zCredentials.savercCs@tj}|r|tj|d}tj|j}||}|dkS)a Checks to see if the Session Token is expired or not. By default it will check to see if the Session Token is expired as of the moment the method is called. However, you can supply an optional parameter which is the number of seconds of offset into the future for the check. For example, if you supply a value of 5, this method will return a True if the Session Token will be expired 5 seconds from this moment. :type time_offset_seconds: int :param time_offset_seconds: The number of seconds into the future to test the Session Token for expiration. )secondsr)datetimeutcnow timedeltabotoutilsZparse_tsr total_seconds)r Ztime_offset_secondsnowtsdeltar r r is_expiredys  zCredentials.is_expired)N)r) __name__ __module__ __qualname____doc__r classmethodrrr"r'r(r-r8r r r rrs    rc@s*eZdZdZd ddZddZddZdS) FederationTokenah :ivar credentials: A Credentials object containing the credentials. :ivar federated_user_arn: ARN specifying federated user using credentials. :ivar federated_user_id: The ID of the federated user using credentials. :ivar packed_policy_size: A percentage value indicating the size of the policy in packed form NcCs(||_d|_d|_d|_d|_d|_dSr)r credentialsfederated_user_arnfederated_user_idpacked_policy_sizer r r r rrs zFederationToken.__init__cCs|dkrt|_|jSdSdS)Nr)rr?rr r rr"szFederationToken.startElementcCsH|dkr||_n4|dkr ||_n$|dkr4t||_n|dkrD||_ndS)NArnZFederatedUserIdZPackedPolicySizer#)r@rAintrBr r%r r rr's zFederationToken.endElement)Nr9r:r;r<rr"r'r r r rr>s r>c@s*eZdZdZd ddZddZddZdS) AssumedRolezt :ivar user: The assumed role user. :ivar credentials: A Credentials object containing the credentials. NcCs||_||_||_dSr) _connectionr?user)r r!r?rHr r rrszAssumedRole.__init__cCs0|dkrt|_|jS|dkr,t|_|jSdS)NrZAssumedRoleUser)rr?UserrHrr r rr"s zAssumedRole.startElementcCsdSrr r%r r rr'szAssumedRole.endElement)NNNrEr r r rrFs rFc@s*eZdZdZd ddZddZddZdS) rIzy :ivar arn: The arn of the user assuming the role. :ivar assume_role_id: The identifier of the assumed role. NcCs||_||_dSrarnassume_role_id)r rKrLr r rrsz User.__init__cCsdSrr rr r rr"szUser.startElementcCs"|dkr||_n|dkr||_dS)NrCZ AssumedRoleIdrJr%r r rr'szUser.endElement)NNrEr r r rrIs rIc@s*eZdZdZd ddZddZddZdS) DecodeAuthorizationMessagezw :ivar request_id: The request ID. :ivar decoded_message: The decoded authorization message (may be JSON). NcCs||_||_dSrr decoded_message)r r rOr r rrsz#DecodeAuthorizationMessage.__init__cCsdSrr rr r rr"sz'DecodeAuthorizationMessage.startElementcCs"|dkr||_n|dkr||_dS)NZ requestIdZDecodedMessagerNr%r r rr'sz%DecodeAuthorizationMessage.endElement)NNrEr r r rrMs rM) r+r/Z boto.utilsr2Z boto.compatrobjectrr>rFrIrMr r r rs q%