Python SDK for Alteriom Webhook Connector — HMAC verification, event parsing, FastAPI integration

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for sparck75 from gravatar.com sparck75

Unverified details

These details have not been verified by PyPI
Meta
Report project as malware

Project description

alteriom-webhook-client

Python SDK for the Alteriom Webhook Connector. Provides HMAC-SHA256 signature verification, Pydantic models for delivery payloads, and a FastAPI integration helper.

Installation

pip install alteriom-webhook-client

# With FastAPI integration
pip install alteriom-webhook-client[fastapi]

Quick Start (FastAPI)

import os
from fastapi import Depends, FastAPI
from alteriom_webhook_client.fastapi import webhook_receiver
from alteriom_webhook_client.models import SubscriptionDelivery

app = FastAPI()
verify = webhook_receiver(secret=os.getenv("WEBHOOK_SECRET"))

@app.post("/webhook")
async def handle_webhook(delivery: SubscriptionDelivery = Depends(verify)):
    if delivery.aggregate:
        print(f"Got {delivery.aggregate.entity_type} for {delivery.aggregate.repository}")
    return {"status": "accepted"}

Manual Usage

from alteriom_webhook_client import WebhookReceiver, WebhookVerificationError

receiver = WebhookReceiver(secret="your-secret")

# In any framework:
try:
    delivery = receiver.receive(body=request_body_bytes, headers=request_headers_dict)
    print(delivery.subscription_id)
    print(delivery.aggregate.summary)
except WebhookVerificationError as e:
    print(f"Verification failed: {e.message} (HTTP {e.status_code})")

Low-Level Signature Functions

from alteriom_webhook_client import verify_signature, sign_payload

# Verify a signature
is_valid = verify_signature(
    body=raw_bytes,
    signature=headers["x-connector-signature-256"],
    timestamp=headers["x-connector-timestamp"],
    secret="your-secret",
)

# Generate a signature (for testing)
sig = sign_payload(body=raw_bytes, timestamp="1711700000000", secret="your-secret")

Configuration

receiver = WebhookReceiver(
    secret="your-secret",
    max_age_ms=300_000,          # Reject timestamps older than 5 minutes (default)
    max_payload_bytes=10_485_760, # Reject payloads larger than 10 MB (default)
)

Models

  • SubscriptionDelivery — top-level delivery payload
  • Aggregate — event aggregate (PR lifecycle, issue, workflow, etc.)
  • Enrichment — AI enrichment data
  • WebhookEvent — individual webhook event

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for sparck75 from gravatar.com sparck75

Unverified details

These details have not been verified by PyPI
Meta

Release history Release notifications | RSS feed

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

alteriom_webhook_client-0.1.0.tar.gz (6.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

alteriom_webhook_client-0.1.0-py3-none-any.whl (6.1 kB view details)

Uploaded Python 3

File details

Details for the file alteriom_webhook_client-0.1.0.tar.gz.

File metadata

  • Download URL: alteriom_webhook_client-0.1.0.tar.gz
  • Upload date:
  • Size: 6.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for alteriom_webhook_client-0.1.0.tar.gz
Algorithm Hash digest
SHA256 07a88adae6695bf28cd3c25a7d7a5cd15cfa2a2e508066de06bbe4ba04453dce
MD5 7d521cc09b2b4422d17002f2e7201786
BLAKE2b-256 f987300f5b419b29a2de7c696b99bb60b269972e94910f33b297196d3a6be93f

See more details on using hashes here.

Provenance

The following attestation bundles were made for alteriom_webhook_client-0.1.0.tar.gz:

Publisher: publish.yml on Alteriom/alteriom-webhook-client-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file alteriom_webhook_client-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for alteriom_webhook_client-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 98ecd14fc022fc4ac35fb71f3c772fb4c858eabe9a52330ba767f1ddb70ca0fd
MD5 f0b13de8e8b90bf4467fe8f96d1fc09f
BLAKE2b-256 4ad74a5e9d8edc475ba49e45bb63a5bf608c0e9fb93760a9096804704f79e983

See more details on using hashes here.

Provenance

The following attestation bundles were made for alteriom_webhook_client-0.1.0-py3-none-any.whl:

Publisher: publish.yml on Alteriom/alteriom-webhook-client-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page