Cross-language HMAC-SHA256 request signing with a defined canonical string format.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for hardenlabs from gravatar.com hardenlabs

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Author: HardenLabs
  • Requires: Python >=3.10
  • Provides-Extra: all , dev , dotenv , fastapi , httpx , requests
Classifiers
Report project as malware

Project description

hardenlabs-hmac

Cross-language HMAC-SHA256 request signing with a defined canonical string format. Guaranteed identical signatures across C#, Python, TypeScript, and Go.

Installation

pip install hardenlabs-hmac
pip install "hardenlabs-hmac[fastapi]"   # for FastAPI middleware
pip install "hardenlabs-hmac[requests]"  # for requests library support

Quick Start — Server (FastAPI)

from fastapi import Depends, FastAPI, Request
from hardenlabs_hmac import HmacValidate, install_hmac_exception_handler
from hardenlabs_hmac.config import HmacConfig, HmacClientIdentity, SignedHeadersConfig

config = HmacConfig(
    signed_headers=SignedHeadersConfig.default(),
    timestamp_tolerance_seconds=30,
    clients={
        "order-service": HmacClientIdentity(shared_secret="orders-base64-secret"),
    },
)

hmac_validate = HmacValidate(config)

app = FastAPI()
install_hmac_exception_handler(app)

# Protected — requires valid HMAC signature
@app.get("/api/hello")
async def hello(request: Request, _hmac: None = Depends(hmac_validate)):
    return {"message": "Authenticated!"}

# Unprotected — no dependency, no HMAC required
@app.get("/health")
async def health():
    return {"status": "healthy"}

Routes without Depends(hmac_validate) are not validated. Use the global HardenHmacMiddleware instead if you want all routes validated.

Public API — Server

Symbol Description
HmacValidate(config, secret_resolver=None) Per-route dependency for Depends()
install_hmac_exception_handler(app) Register error handler (call once per app)
HmacValidationHttpError Exception raised on validation failure
HardenHmacMiddleware Global middleware (validates all routes)

Quick Start — Client (httpx)

from hardenlabs_hmac.client import HmacClientFactory
from hardenlabs_hmac.config import HmacConfig, HmacTargetConfig

config = HmacConfig(
    targets={
        "my-service": HmacTargetConfig(
            base_url="https://api.example.com",
            shared_secret="your-base64-encoded-secret",
        ),
    },
)

factory = HmacClientFactory(config)
with factory.create_sync_client("my-service") as client:
    response = client.get("/api/hello")  # automatically signed

Quick Start — Client (requests)

from hardenlabs_hmac.client import HmacClientFactory
from hardenlabs_hmac.config import HmacConfig, HmacTargetConfig

config = HmacConfig(
    targets={
        "my-service": HmacTargetConfig(
            base_url="https://api.example.com",
            shared_secret="your-base64-encoded-secret",
        ),
    },
)

factory = HmacClientFactory(config)
with factory.create_requests_session("my-service") as client:
    response = client.get("/api/hello")  # automatically signed

Documentation

Full documentation, canonical string specification, and cross-language compatibility details: github.com/HardenLabs/HardenHMAC

License

Apache License 2.0

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for hardenlabs from gravatar.com hardenlabs

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Author: HardenLabs
  • Requires: Python >=3.10
  • Provides-Extra: all , dev , dotenv , fastapi , httpx , requests
Classifiers

Release history Release notifications | RSS feed

1.1.0

1.0.1

1.0

0.1.4

This version

0.1.4rc2 pre-release

0.1.3

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

hardenlabs_hmac-0.1.4rc2.tar.gz (24.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

hardenlabs_hmac-0.1.4rc2-py3-none-any.whl (18.5 kB view details)

Uploaded Python 3

File details

Details for the file hardenlabs_hmac-0.1.4rc2.tar.gz.

File metadata

  • Download URL: hardenlabs_hmac-0.1.4rc2.tar.gz
  • Upload date:
  • Size: 24.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.13

File hashes

Hashes for hardenlabs_hmac-0.1.4rc2.tar.gz
Algorithm Hash digest
SHA256 d2afa33a053e538a8563c3fb596acc39dc051fbd67deb0ea2bcd06615c999d49
MD5 baa5c9ffdc2f975e0cfb6e3ebbe2012d
BLAKE2b-256 c271b3a04ffcae3b5c0208ddd8bb253e67d520dc0faea5b76795be80bac92d1d

See more details on using hashes here.

File details

Details for the file hardenlabs_hmac-0.1.4rc2-py3-none-any.whl.

File metadata

File hashes

Hashes for hardenlabs_hmac-0.1.4rc2-py3-none-any.whl
Algorithm Hash digest
SHA256 75f3e5d00f72faa1b329ba1d1406d67c81427947698634c2122e94fc4edf0c71
MD5 3488505afd8134c686b9187f3aded2a5
BLAKE2b-256 1d0914919b0176eb2944adebcbf1e2e677c74699959c8429752a3d16c24793d9

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page