Skip to main content
Help improve PyPI by participating in a 5-minute user interface survey!

WSSE Authentication for various server and client backends.

Project Description

Authors: Rushy Panchal, Naphat Sanguansin, Adam Libresco, Jérémie Lumbroso.


pywsse is an all-encompassing package to meet various needs for WSSE usage - both as an authentication backend (for various frameworks) and as a plug-and-play authentication mechanism for clients.

The motivation for this package came after dealing with various ambiguities in the WSSE protocol - some servers require specific digest algorithms and base64-encode different parts of the token. By utilizing a single library, you can be assured that there the token is generated and verified in the same way by both client and server.

Frameworks/Package Support

The following backend frameworks are currently supported:

In addition, the following client packages are supported:

Django REST Framework

To utilize the Django REST Framework plugin, install the Django plugin to settings.INSTALLED_APPS:




In addition, add the authentication backend (wsse.server.drf.authentication.WSSEAuthentication) to settings.REST_FRAMEWORK['DEFAULT_AUTHENTICATION_CLASSES']:


Alternatively, you can set it for a subset of your views.

Please refer to the Django REST Framework: Authentication Documentation for more information.

Finally, set the NONCE_STORE and NONCE_STORE_ARGS settings for the pywsse package:

import wsse
wsse.settings.NONCE_STORE = ''
wsse.settings.NONCE_STORE_ARGS = []

Make sure to run the migrations after setting the nonce store. Particularly, you must run the migrations for the wsse app:

$ python migrate wsse


The requests plugin is an authentication class that will automatically attach the appropriate header to the request.

To do so, import the wsse.client.requests.auth.WSSEAuth class and attach it to the request:

import requests
from wsse.client.requests.auth import WSSEAuth

response = requests.get('http://localhost:8000/api/',
  auth = WSSEAuth('username', 'password'))

The WSSEAuth class can be reused as it will generate a new token for each request:

import requests
from wsse.client.requests.auth import WSSEAuth

auth = WSSEAuth('username', 'password')

response = requests.get('http://localhost:8000/api/1/', auth = auth)
next_response = requests.get('http://localhost:8000/api/2/', auth = auth)


The coreapi plugin is just a pluggable transport that automatically attaches the appropriate header before sending the request.

To make use of this transport, import the wsse.client.coreapi.transport.WSSEAuthenticatedHTTPTransport class and add it to your list of transports to coreapi.Client:

import coreapi
from wsse.client.coreapi.transport import WSSEAuthenticatedHTTPTransport

wsse_transport = WSSEAuthenticatedHTTPTransport('username', 'password')
client = coreapi.Client(transports = [wsse_transport])

schema = client.get('')

You can also pass in any of the arguments or keyword arguments to coreapi.transports.HTTPTransport after the username and password.


To run the development version of wsse, clone the repository and install the testing requirements in requirements.txt. Then, run the test suite using either tox or detox:

$ git clone
$ cd pywsse
$ virtualenv env
$ source env/bin/activate
$ pip install -r requirements.txt
$ detox


detox is a parallel version of tox. It only runs with Python 2.6-2.7 (but it can and will run tests for Python 3.x versions).

Release history Release notifications

This version
History Node


History Node


History Node


History Node


History Node


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
pywsse-0.1.4.tar.gz (22.7 kB) Copy SHA256 hash SHA256 Source None Jan 4, 2017

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging CloudAMQP CloudAMQP RabbitMQ AWS AWS Cloud computing Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page