This is a pre-production deployment of Warehouse, however changes made here WILL affect the production instance of PyPI.
Latest Version Dependencies status unknown Test status unknown Test coverage unknown
Project Description

This project allows you to use the python requests library with the hawk authentication mechanism.

Hawk itself does not provide any mechanism for obtaining or transmitting the set of shared credentials required, but this project proposes a scheme we use across mozilla services projects.

Great, how can I use it?

First, you’ll need to install it:

.. code-block:: bash

  pip install requests-hawk

Then, in your project, if you know the id and key, you can use:

.. code-block:: python

  import requests
  from requests_hawk import HawkAuth

  hawk_auth = HawkAuth(id='my-hawk-id', key='my-hawk-secret-key')
  requests.post("https://example.com/url", auth=hawk_auth)

Or if you need to derive them from the hawk session token, instead use:

.. code-block:: python

  import requests
  from requests_hawk import HawkAuth

  hawk_auth = HawkAuth(
      hawk_session=resp.headers['hawk-session-token'],
      server_url=self.server_url
  )
  requests.post("/url", auth=hawk_auth)

In the second example, the server_url parameter to HawkAuth was used to provide a default host name, to avoid having to repeat it for each request.

If you wish to override the default algorithm of sha256, pass the desired algorithm name using the optional algorithm parameter.

Note: The credentials parameter has been removed. Instead pass id and key separately (as above), or pass the existing dict as **credentials.

Integration with httpie

Httpie is a tool which lets you do requests to a distant server in a nice and easy way. Under the hood, httpie uses the requests library. We’ve made it simple for you to plug hawk with it.

If you know the id and key, use it like that:

.. code-block:: bash

 http POST localhost:5000/registration\
 --auth-type=hawk --auth='id:key'

Or, if you want to use the hawk session token, you can do as follows:

.. code-block:: bash

 http POST localhost:5000/registration\
 --auth-type=hawk --auth='c0d8cd2ec579a3599bef60f060412f01f5dc46f90465f42b5c47467481315f51:'

Take care, don’t forget to add the extra : at the end of the hawk session token for it to be considered like so.

How are the shared credentials shared?

Okay, on to the actual details.

The server gives you a session token, that you’ll need to derive to get the hawk credentials.

Do an HKDF derivation on the given session token. You’ll need to use the following parameters:

.. code-block:: python

  key_material = HKDF(hawk_session, '', 'identity.mozilla.com/picl/v1/sessionToken', 32*2)

The key material you’ll get out of the HKDF needs to be separated into two parts, the first 32 hex characters are the hawk id, and the next 32 ones are the hawk key:

.. code-block:: python

  credentials = {
      'id': keyMaterial[0:32]
      'key': keyMaterial[32:64]
      'algorithm': 'sha256'
  }

Run tests

To run test, you can use tox:

.. code-block:: bash

  tox

CHANGELOG

1.0.0 (2015-12-15)

  • Simplified API for using HawkAuth when the id and key are known. (#8)
  • Added support for overriding the default algorithm (sha256) when deriving credentials from the hawk session token, via a new algorithm parameter.

See the README for migration advice if you use the credentials parameter.

0.2.1 (2015-10-14)

  • Make sure the requests json parameter is handled properly. (#7)

0.2.0 (2015-05-19)

  • Fix encoding error in setup.py with Python 3.4
  • Add a configuration parameter in order to be able to set the timestamp to use.

0.1.2 (2014-08-13)

  • Add Python3 support

0.1.1 (2014-07-21)

  • First version
Release History

Release History

1.0.0

This version

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.2.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.2.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.1.2

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.1.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.1.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.0.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

Download Files

Download Files

TODO: Brief introduction on what you do with files - including link to relevant help section.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
requests_hawk-1.0.0-py2.py3-none-any.whl (9.0 kB) Copy SHA256 Checksum SHA256 py2.py3 Wheel Dec 15, 2015
requests-hawk-1.0.0.tar.gz (6.3 kB) Copy SHA256 Checksum SHA256 Source Dec 15, 2015

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS HPE HPE Development Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting