diff --git a/jupyterlab_s3_browser/__init__.py b/jupyterlab_s3_browser/__init__.py index 670303a..8fb719c 100755 --- a/jupyterlab_s3_browser/__init__.py +++ b/jupyterlab_s3_browser/__init__.py @@ -47,6 +47,12 @@ class JupyterLabS3(Configurable): config=True, help="(Optional) Token if you use STS as auth method", ) + + signature_version = Unicode( + default_value="", + config=True, + help="Signature version variable to support older S3 interfaces", + ) def _load_jupyter_server_extension(server_app): diff --git a/jupyterlab_s3_browser/handlers.py b/jupyterlab_s3_browser/handlers.py index 958e890..abfdf7e 100644 --- a/jupyterlab_s3_browser/handlers.py +++ b/jupyterlab_s3_browser/handlers.py @@ -10,6 +10,8 @@ import s3fs import tornado from botocore.exceptions import NoCredentialsError +from botocore.exceptions import ClientError +from botocore.client import Config from jupyter_server.base.handlers import APIHandler from jupyter_server.utils import url_path_join @@ -29,6 +31,7 @@ def create_s3fs(config): secret=config.client_secret, token=config.session_token, client_kwargs={"endpoint_url": config.endpoint_url}, + config_kwargs={'signature_version': config.signature_version}, ) else: @@ -45,6 +48,7 @@ def create_s3_resource(config): aws_secret_access_key=config.client_secret, aws_session_token=config.session_token, endpoint_url=config.endpoint_url, + config=Config(signature_version=config.signature_version) ) else: @@ -98,7 +102,7 @@ def has_aws_s3_role_access(): return False -def test_s3_credentials(endpoint_url, client_id, client_secret, session_token): +def test_s3_credentials(endpoint_url, client_id, client_secret, session_token, signature_version): """ Checks if we're able to list buckets with these credentials. If not, it throws an exception. @@ -109,6 +113,7 @@ def test_s3_credentials(endpoint_url, client_id, client_secret, session_token): aws_secret_access_key=client_secret, endpoint_url=endpoint_url, aws_session_token=session_token, + config=Config(signature_version=signature_version), ) all_buckets = test.buckets.all() logging.debug( @@ -148,6 +153,7 @@ def get(self, path=""): config.client_id, config.client_secret, config.session_token, + config.signature_version ) logging.debug("...successfully authenticated") @@ -176,14 +182,34 @@ def post(self, path=""): client_id = req["client_id"] client_secret = req["client_secret"] session_token = req["session_token"] + signature_version = 's3v4' - test_s3_credentials(endpoint_url, client_id, client_secret, session_token) + test_s3_credentials(endpoint_url, client_id, client_secret, session_token, signature_version) self.config.endpoint_url = endpoint_url self.config.client_id = client_id self.config.client_secret = client_secret self.config.session_token = session_token + self.config.signature_version = signature_version + self.finish(json.dumps({"success": True})) + except ClientError as pe: + req = json.loads(self.request.body) + endpoint_url = req["endpoint_url"] + client_id = req["client_id"] + client_secret = req["client_secret"] + session_token = req["session_token"] + signature_version = 's3' + + test_s3_credentials(endpoint_url, client_id, client_secret, session_token,signature_version) + + self.config.endpoint_url = endpoint_url + self.config.client_id = client_id + self.config.client_secret = client_secret + self.config.session_token = session_token + self.config.signature_version = signature_version + + logging.info("authenticated with s3 credentials signature_version") self.finish(json.dumps({"success": True})) except Exception as err: logging.info("unable to authenticate using credentials")