Cross-language HMAC-SHA256 request signing with a defined canonical string format.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for hardenlabs from gravatar.com hardenlabs

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Author: HardenLabs
  • Requires: Python >=3.10
  • Provides-Extra: all , dev , dotenv , fastapi , httpx , requests
Classifiers
Report project as malware

Project description

hardenlabs-hmac

Cross-language HMAC-SHA256 request signing with a defined canonical string format. Guaranteed identical signatures across C#, Python, TypeScript, and Go.

Installation

pip install hardenlabs-hmac
pip install "hardenlabs-hmac[fastapi]"   # for FastAPI middleware
pip install "hardenlabs-hmac[requests]"  # for requests library support

Quick Start — Server (FastAPI)

from fastapi import Depends, FastAPI, Request
from hardenlabs_hmac import HmacValidate, install_hmac_exception_handler
from hardenlabs_hmac.config import HmacConfig, HmacClientIdentity, SignedHeadersConfig

config = HmacConfig(
    signed_headers=SignedHeadersConfig.default(),
    timestamp_tolerance_seconds=30,
    clients={
        "order-service": HmacClientIdentity(shared_secret="orders-base64-secret"),
    },
)

hmac_validate = HmacValidate(config)

app = FastAPI()
install_hmac_exception_handler(app)

# Protected — requires valid HMAC signature
@app.get("/api/hello")
async def hello(request: Request, _hmac: None = Depends(hmac_validate)):
    return {"message": "Authenticated!"}

# Unprotected — no dependency, no HMAC required
@app.get("/health")
async def health():
    return {"status": "healthy"}

Routes without Depends(hmac_validate) are not validated. Use the global HardenHmacMiddleware instead if you want all routes validated.

Public API — Server

Symbol Description
HmacValidate(config, secret_resolver=None) Per-route dependency for Depends()
install_hmac_exception_handler(app) Register error handler (call once per app)
HmacValidationHttpError Exception raised on validation failure
HardenHmacMiddleware Global middleware (validates all routes)

Quick Start — Client (httpx)

from hardenlabs_hmac.client import HmacClientFactory
from hardenlabs_hmac.config import HmacConfig, HmacTargetConfig

config = HmacConfig(
    targets={
        "my-service": HmacTargetConfig(
            base_url="https://api.example.com",
            shared_secret="your-base64-encoded-secret",
        ),
    },
)

factory = HmacClientFactory(config)
with factory.create_sync_client("my-service") as client:
    response = client.get("/api/hello")  # automatically signed

Quick Start — Client (requests)

from hardenlabs_hmac.client import HmacClientFactory
from hardenlabs_hmac.config import HmacConfig, HmacTargetConfig

config = HmacConfig(
    targets={
        "my-service": HmacTargetConfig(
            base_url="https://api.example.com",
            shared_secret="your-base64-encoded-secret",
        ),
    },
)

factory = HmacClientFactory(config)
with factory.create_requests_session("my-service") as client:
    response = client.get("/api/hello")  # automatically signed

Documentation

Full documentation, canonical string specification, and cross-language compatibility details: github.com/HardenLabs/HardenHMAC

License

Apache License 2.0

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for hardenlabs from gravatar.com hardenlabs

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Author: HardenLabs
  • Requires: Python >=3.10
  • Provides-Extra: all , dev , dotenv , fastapi , httpx , requests
Classifiers

Release history Release notifications | RSS feed

1.1.0

1.0.1

1.0

This version

0.1.4

0.1.4rc2 pre-release

0.1.3

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

hardenlabs_hmac-0.1.4.tar.gz (24.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

hardenlabs_hmac-0.1.4-py3-none-any.whl (18.5 kB view details)

Uploaded Python 3

File details

Details for the file hardenlabs_hmac-0.1.4.tar.gz.

File metadata

  • Download URL: hardenlabs_hmac-0.1.4.tar.gz
  • Upload date:
  • Size: 24.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.13

File hashes

Hashes for hardenlabs_hmac-0.1.4.tar.gz
Algorithm Hash digest
SHA256 5a47acea149c5b936285136696126c3383f9586cf543158db7bf452f4b03e788
MD5 ff653a8d6e23d5d483ef1739f5cf0521
BLAKE2b-256 cdc9b4038a4fd7c1a0df4441525a941396452fedc02b529a2e3432a881727c05

See more details on using hashes here.

File details

Details for the file hardenlabs_hmac-0.1.4-py3-none-any.whl.

File metadata

File hashes

Hashes for hardenlabs_hmac-0.1.4-py3-none-any.whl
Algorithm Hash digest
SHA256 fe0edf38a995073170c263322dc865b9ba0c26b5cda55dd16a70b2cbcbde8a2b
MD5 cb9b85529e63ac27ecc393b681884c9a
BLAKE2b-256 601d7087d0d8cb99ae894d19af4fcf480a49143eb6847c1a26d7b2d09385a23c

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page