Skip to main content

Shared-Secret Requests: A simple HTTP authentication library using shared secrets.

Project description

Shared-Secret Requests (SSR)

CircleCI

codecov

A simple HTTP authentication library using shared secrets.

Overview

The ssr library exposes a simple set of interfaces that facilitate server-server authentication using a shared secret. This shared secret or secret_key is used to generate a public key, using a client id and timestamp. The combination of the client id, timestamp and public key form a signature that a host server can use to verify the identity of the client server. ssr provides 3 intefaces to support that authentication workflow:

  1. ssr.Client - to help generate a public key from a shared secret key.
  2. ssr.Session - exends the requests library Session class to expose an ssr.Client and patch requests with the appropriate headers to correcly interface with ssr.BaseAuthentication
  3. ssr.BaseAuthentication - to help hosts validate requests from clients that have the same shared secret.

Scope

The scope of this project is limited to server-server authentication e.g. to support RESTful data transfer between micro-services. Logistics around managing secrets is not included in the scope of this project. For tools to manage secrets you can look into:

Installation

pip install ssr

Usage

SSR Client

TBD

Requests Session

import ssr

session = ssr.Session(
    secret_key=os.environ.get('APP_SECRET_KEY')
)

response = session.get(
    'https://myblog.com/api/post_reports/',
    params={'q': 'auth'}
)

Base Authentication

TBD

TODO

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ssr-0.1.2.tar.gz (11.0 kB view details)

Uploaded Source

File details

Details for the file ssr-0.1.2.tar.gz.

File metadata

  • Download URL: ssr-0.1.2.tar.gz
  • Upload date:
  • Size: 11.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.11.0 pkginfo/1.4.2 requests/2.20.1 setuptools/40.6.2 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/2.7.14

File hashes

Hashes for ssr-0.1.2.tar.gz
Algorithm Hash digest
SHA256 8db13d6f964fbc37bd052eaff7bba8ec55f1e7256c2f586f0598f769f4d14a7e
MD5 8ab894cf9111cc258b6cd344c6b33033
BLAKE2b-256 5c3c6b21d3c8fdfe1b1381a03c2af44d42e9e03bb5bc4262307c9e43e5507887

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page