From cf77e6502297c19f4076877b378a12f1b96137b0 Mon Sep 17 00:00:00 2001 From: Michael Chin Date: Thu, 12 Aug 2021 18:09:07 -0700 Subject: [PATCH 1/2] Disable SigV4 signing of non-IAM AWS requests --- src/graph_notebook/neptune/client.py | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/src/graph_notebook/neptune/client.py b/src/graph_notebook/neptune/client.py index 191744a4..a8803b88 100644 --- a/src/graph_notebook/neptune/client.py +++ b/src/graph_notebook/neptune/client.py @@ -9,6 +9,7 @@ import requests from SPARQLWrapper import SPARQLWrapper from boto3 import Session +from botocore.session import Session as botocoreSession from botocore.auth import SigV4Auth from botocore.awsrequest import AWSRequest from gremlin_python.driver import client @@ -569,13 +570,15 @@ def _prepare_request(self, method, url, *, data=None, params=None, headers=None, return request.prepare() def _get_aws_request(self, method, url, *, data=None, params=None, headers=None, service=NEPTUNE_SERVICE_NAME): - credentials = self._session.get_credentials() - frozen_creds = credentials.get_frozen_credentials() - req = AWSRequest(method=method, url=url, data=data, params=params, headers=headers) - SigV4Auth(frozen_creds, service, self.region).add_auth(req) - prepared_iam_req = req.prepare() - return prepared_iam_req + if self.iam_enabled and self._auth is not None: + credentials = self._session.get_credentials() + frozen_creds = credentials.get_frozen_credentials() + SigV4Auth(frozen_creds, service, self.region).add_auth(req) + prepared_iam_req = req.prepare() + return prepared_iam_req + else: + return req def _ensure_http_session(self): if not self._http_session: @@ -591,7 +594,7 @@ def close(self): @property def iam_enabled(self): - return type(self._session) is Session + return type(self._session) in [Session, botocoreSession] class ClientBuilder(object): From c668ea4b5dab76074087ac656e2e7654b225086e Mon Sep 17 00:00:00 2001 From: Michael Chin Date: Thu, 12 Aug 2021 18:24:22 -0700 Subject: [PATCH 2/2] update changelog --- ChangeLog.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ChangeLog.md b/ChangeLog.md index c1df52bb..93c5a5ff 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -4,6 +4,8 @@ Starting with v1.31.6, this file will contain a record of major features and upd ## Upcoming +- Disabled SigV4 signing for non-IAM AWS requests ([Link to PR](https://github.com/aws/graph-notebook/pull/179)) + ## Release 3.0.3 (August 11, 2021) - Gremlin visualization bugfixes ([PR #1](https://github.com/aws/graph-notebook/pull/166)) ([PR #2](https://github.com/aws/graph-notebook/pull/174)) ([PR #3](https://github.com/aws/graph-notebook/pull/175))