A request authentication plugin implementing IETF HTTP Message Signatures
Project description
requests-http-message-signatures: A Requests auth module for HTTP Signature
requests-http-message-signatures is a Requests
authentication plugin
(requests.auth.AuthBase subclass) implementing the
IETF HTTP Signatures draft RFC. It has no
required dependencies outside the standard library. If you wish to use algorithms other than HMAC (namely, RSA and
ECDSA algorithms specified in the RFC), there is an optional dependency on
cryptography.
Installation
$ pip install requests-http-message-signatures
Usage
import requests
from requests_http_signature import HTTPSignatureAuth
preshared_key_id = 'squirrel'
preshared_secret = 'monorail_cat'
url = 'http://example.com/path'
requests.get(url, auth=HTTPSignatureAuth(key=preshared_secret, key_id=preshared_key_id))
By default, only the Date header is signed (as per the RFC) for body-less requests such as GET. The Date header
is set if it is absent. In addition, for requests with bodies (such as POST), the Digest header is set to the SHA256
of the request body and signed (an example of this appears in the RFC). To add other headers to the signature, pass an
array of header names in the headers keyword argument.
In addition to signing messages in the client, the class method HTTPSignatureAuth.verify() can be used to verify
incoming requests:
def key_resolver(key_id, algorithm):
return 'monorail_cat'
HTTPSignatureAuth.verify(request, key_resolver=key_resolver)
Asymmetric key algorithms (RSA and ECDSA)
For asymmetric key algorithms, you should supply the private key as the key parameter to the HTTPSignatureAuth()
constructor as bytes in the PEM format:
with open('key.pem', 'rb') as fh:
requests.get(url, auth=HTTPSignatureAuth(algorithm="rsa-sha256", key=fh.read(), key_id=preshared_key_id))
When verifying, the key_resolver() callback should provide the public key as bytes in the PEM format as well.
Links
- IETF HTTP Signatures draft
- Project home page
- Package distribution (PyPI)
- Based on requests-http-signature
Bugs
Please report bugs, issues, feature requests, etc. on our issue tracker.
License
Licensed under the terms of the Apache License, Version 2.0.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file requests-http-message-signatures-0.3.1.tar.gz.
File metadata
- Download URL: requests-http-message-signatures-0.3.1.tar.gz
- Upload date:
- Size: 9.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.1.13 CPython/3.10.4 Linux/5.4.114-1-pve
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 0235bb5cd3f4a7d659645e2ac937da72791321434e77570f7e21042e510820da |
|
| MD5 | 1648ce43965af1e8388535f0f34b44a7 |
|
| BLAKE2b-256 | 906a6034d8d25d70af20b7079481c5aeb0236ca7484856edea83c3169e1641ed |
File details
Details for the file requests_http_message_signatures-0.3.1-py3-none-any.whl.
File metadata
- Download URL: requests_http_message_signatures-0.3.1-py3-none-any.whl
- Upload date:
- Size: 9.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.1.13 CPython/3.10.4 Linux/5.4.114-1-pve
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | c20d49adecbebdccfa98676b0760c12a8c2753d262dcb3a8f54cd672794bfb85 |
|
| MD5 | aab552a3a2dfe9f061803b5686614838 |
|
| BLAKE2b-256 | 60a0990cce88b29aad83077d6bad3001dba0095b4f244de9ce239f1878d488c2 |
