HTTP Message Signatures plugin for HTTPie
Project description
httpie-http-message-signatures
An authentication plugin for HTTPie, implementing the IETF HTTP Message Signatures draft specification.
This is an incompatible replacement for and not to be confused with the "Cavage" HTTP Signatures draft.
Installation
The preferred installation method is via the httpie cli plugins utility:
$ httpie cli plugins install httpie-http-message-signatures
You may also download this repository and install from a local source:
$ cd httpie-http-message-signatures
$ httpie cli plugins install .
Last but not least, you can install via pip as well:
$ pip install --upgrade httpie-http-message-signatures
Usage
Use message-signature as the auth-type:
http -A message-signature ...
The HTTP Message Signature draft allows for a whole bunch of parameters to influence the signature. Because this can get somewhat overwhelming quickly, this plugin allows the parameters to be passed in two different ways:
-
-a/--authcommand line parameterThis allows passing arguments inline, in the following format:
key_id ":" key [":" covered_component_ids]In other words, the key id, followed by a
:, followed by the private key as base 64 encoded string, optionally followed by another:and a list of comma-separated covered component ids. For example:$ http -A message-signature -a foobar:cDf/J30Q7EtXmZZ91j4OLg== example.com $ http -A message-signature -a foobar:cDf/J30Q7EtXmZZ91j4OLg==:@authority,@method example.com -
~/.httpmessagesignaturesrcfileIf no parameters are passed via
-a/--auth, the plugin will look for a file called.httpmessagesignaturesrcin the home directory. This file is a simple INI-like file format, which contains sections for different hosts, each with their own settings. A[DEFAULT]section can be used to set defaults for all hosts. For example:[DEFAULT] covered_component_ids = @method,@authority,@target-uri,content-digest [example.com] key_id = foobar key = cDf/J30Q7EtXmZZ91j4OLg== [*.example.com] key_id = uydnfpw0xnegmpx2op3rhw2qm key = nkAFfoSEN/rXWu6PrqsmntUeeSZ+aEoGD9YmxIxwjNxdlHPO4QYcSS+4aRroRHl92vEEipRCsr+j2tFVlPimfA== covered_component_ids = @method,@authority,@path,@query-params,content-digestHost names allow for wildcard patterns.
Covered component ids
Different parts of the HTTP request can be included in the signature. By default, these components are included:
@method@authority@target-uri
You can override this default list via the optional third command line argument or the covered_component_ids value
in the ~/.httpmessagesignaturesrc file. The plugin recognizes two special component ids:
-
content-digestWhen specifying
content-digestas a covered component, and the request has a request body, the plugin will add aContent-Digestheader to the request and include it in the signature. This allows easy signing of request bodies. -
@query-paramsThe default
@target-uricomponent signs the entire URI, including query parameters. Depending on your use case, you may need to sign the request path and query parameters separately. For this case the specification requires for every signed query parameter to be listed separately as its own component. E.g. a request tohttp://example.com/foo/?bar=baz&quux=42would have to look like this:$ http -A message-signature \ -a 'foobar:cDf/J30Q7EtXmZZ91j4OLg==:"@query-params";name="bar","@query-params";name="quux"' \ example.com bar==baz quux==42Since this is of course highly inconvenient, the special component id
@query-paramswill automatically be expanded to include all passed query parameters. So the above request can be shortened to:$ http -A message-signature -a foobar:cDf/J30Q7EtXmZZ91j4OLg==:@query-params example.com bar==baz quux==42
See the specification for a complete list of derived component names, but an incomplete list is presented here:
@method@target-uri@authority@scheme@request-target@path@query@query-param
Implementation
This plugin is a wrapper around http-message-signatures.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file httpie_http_message_signatures-0.0.1.tar.gz.
File metadata
- Download URL: httpie_http_message_signatures-0.0.1.tar.gz
- Upload date:
- Size: 5.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.4.2 CPython/3.11.3 Darwin/22.5.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
262d9fcf5bcb3f27d7ead5631c9b73a44c8b60b148b1788bf5f500c7a6dd1ed6
|
|
| MD5 |
783438ff24716b12ac5cca4a7f4febfc
|
|
| BLAKE2b-256 |
fa7f954c4b06a30250468af664d41c42bc2c5b3bcea3834fae7481bf03972fbe
|
File details
Details for the file httpie_http_message_signatures-0.0.1-py3-none-any.whl.
File metadata
- Download URL: httpie_http_message_signatures-0.0.1-py3-none-any.whl
- Upload date:
- Size: 6.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.4.2 CPython/3.11.3 Darwin/22.5.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0f61dd31744596cb2d51352def9ed7394eeb1a5383a74f5ae5fe1293e5ace82f
|
|
| MD5 |
f13000ad941a693aa0365fcd9535ac30
|
|
| BLAKE2b-256 |
550d65ad2dc097173ecd8cc138c30d20232c73e79dee6ccd80ae58fca87a0a70
|
