requests-http-signature-jaywink

A Requests auth module for HTTP Signature

These details have not been verified by PyPI

Project links

Homepage

Project description

requests-http-signature is a Requests authentication plugin (requests.auth.AuthBase subclass) implementing the IETF HTTP Signatures draft RFC. It has no required dependencies outside the standard library. If you wish to use algorithms other than HMAC (namely, RSA and ECDSA algorithms specified in the RFC), there is an optional dependency on cryptography.

Installation

$ pip install requests-http-signature

Usage

import requests
from requests_http_signature import HTTPSignatureAuth

preshared_key_id = 'squirrel'
preshared_secret = 'monorail_cat'
url = 'http://example.com/path'

requests.get(url, auth=HTTPSignatureAuth(key=preshared_secret, key_id=preshared_key_id))

By default, only the Date header is signed (as per the RFC) for body-less requests such as GET. The Date header is set if it is absent. In addition, for requests with bodies (such as POST), the Digest header is set to the SHA256 of the request body and signed (an example of this appears in the RFC). To add other headers to the signature, pass an array of header names in the header keyword argument.

In addition to signing messages in the client, the class method HTTPSignatureAuth.verify() can be used to verify incoming requests:

def key_resolver(key_id, algorithm):
    return 'monorail_cat'

HTTPSignatureAuth.verify(request, key_resolver=key_resolver)

Asymmetric key algorithms (RSA and ECDSA)

For asymmetric key algorithms, you should supply the private key as the key parameter to the HTTPSignatureAuth() constructor as bytes in the PEM format:

with open('key.pem', 'rb') as fh:
    requests.get(url, auth=HTTPSignatureAuth(algorithm="rsa-sha256", key=fh.read(), key_id=preshared_key_id))

When verifying, the key_resolver() callback should provide the public key as bytes in the PEM format as well:

License

Licensed under the terms of the Apache License, Version 2.0.

https://travis-ci.org/kislyuk/requests-http-signature.png

https://codecov.io/github/kislyuk/requests-http-signature/coverage.svg?branch=master

https://img.shields.io/pypi/v/requests-http-signature.svg

https://img.shields.io/pypi/l/requests-http-signature.svg

https://readthedocs.org/projects/requests-http-signature/badge/?version=latest

Project details

These details have not been verified by PyPI

Project links

Homepage

Release history Release notifications | RSS feed

This version

0.1.0.dev0 pre-release

Mar 2, 2019

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

requests_http_signature_jaywink-0.1.0.dev0-py2.py3-none-any.whl (9.1 kB view details)

Uploaded Mar 2, 2019 Python 2 Python 3

File details

Details for the file requests_http_signature_jaywink-0.1.0.dev0-py2.py3-none-any.whl.

File metadata

Download URL: requests_http_signature_jaywink-0.1.0.dev0-py2.py3-none-any.whl
Upload date: Mar 2, 2019
Size: 9.1 kB
Tags: Python 2, Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/40.8.0 requests-toolbelt/0.9.1 tqdm/4.31.1 CPython/3.6.7

File hashes

Hashes for requests_http_signature_jaywink-0.1.0.dev0-py2.py3-none-any.whl
Algorithm	Hash digest
SHA256	`b13786579bf94e02fcaf8bfe2089bbb5885ae857973dbfa1fb4e641c7e0f6243`
MD5	`05eef6a8ef3873c8d312cbb13c78316a`
BLAKE2b-256	`60aab4fb18b1204927b3c18a5d96b0343c929ed013392b19a56d416c60ed8f61`