Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

For EC2 requests, AuthFailure should be raised instead of SignatureDoesNotMatch.

Browse Source
This commit is contained in:
acsbendi 2019-07-24 19:47:39 +02:00
parent e22e8b5a67
commit d471eb69c0
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
moto/core/authentication.py
View File

@ -146,7 +146,7 @@ class IAMRequestBase(object):
original_signature = self._get_string_between('Signature=', ',', self._headers['Authorization']) original_signature = self._get_string_between('Signature=', ',', self._headers['Authorization'])
calculated_signature = self._calculate_signature() calculated_signature = self._calculate_signature()
if original_signature != calculated_signature: if original_signature != calculated_signature:
raise SignatureDoesNotMatchError() self._raise_signature_does_not_match()
def check_action_permitted(self): def check_action_permitted(self):
policies = self._access_key.collect_policies() policies = self._access_key.collect_policies()
@ -163,6 +163,12 @@ class IAMRequestBase(object):
if not permitted: if not permitted:
self._raise_access_denied() self._raise_access_denied()
def _raise_signature_does_not_match(self):
if self._service == "ec2":
raise AuthFailureError()
else:
raise SignatureDoesNotMatchError()
@abstractmethod @abstractmethod
def _raise_access_denied(self): def _raise_access_denied(self):
raise NotImplementedError() raise NotImplementedError()