Middleware and decorator for processing TLSv1.3 early data requests in Starlette

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for igor_ne from gravatar.com igor_ne

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Public Domain (Unlicense)
  • Author: Igor Nehoroshev
  • Requires: Python >=3.6
Classifiers
Report project as malware

Project description

starlette-early-data

Middleware and decorator for processing TLSv1.3 early data requests in Starlette

PyPI: starlette-early-data Code Style: Black

Installation

pip install starlette-early-data

What this package can do:

  • Detect if request is early data and mark it (request.state.early_data = True)
  • Deny all early data requests (pass deny_all=True to add_middleware)
  • Deny early data requests to specific endpoints (use decorator @deny_early_data)

Usage example with Starlette

import uvicorn

from starlette.applications import Starlette
from starlette.requests import Request
from starlette.responses import PlainTextResponse

from starlette_early_data import EarlyDataMiddleware, deny_early_data

app = Starlette()
app.add_middleware(EarlyDataMiddleware, deny_all=False)


@app.route("/")
async def home(request: Request) -> PlainTextResponse:
    return PlainTextResponse("Always OK if deny_all=False")


@app.route("/security_risk")
@deny_early_data
async def security_risk(request: Request) -> PlainTextResponse:
    return PlainTextResponse("Security action done after handshake")


if __name__ == "__main__":
    uvicorn.run(app, host="0.0.0.0", port=8080)

Send request to http://127.0.0.1:8080/security_risk with header Early-Data=1 and you will get 425 Early Data.

Request to http://127.0.0.1:8080/ with the same header will only return 425 Early Data if you pass deny_all=True to app.add_middleware(...)

Usage example with FastAPI

The only thing you need to do for it to work with FastAPI - write request: Request as first argument for endpoints

(maybe there is a way to inject it on decorator level, but I haven't found it, I welcome your PR though!)

import uvicorn

from fastapi import FastAPI, Request, Query
from fastapi.responses import PlainTextResponse

from starlette_early_data import EarlyDataMiddleware, deny_early_data

app = FastAPI()
app.add_middleware(EarlyDataMiddleware, deny_all=False)


@app.route("/")
async def home(request: Request, q: Optional[int] = Query(None)) -> PlainTextResponse:
    return PlainTextResponse("Always OK if deny_all=False")


@app.route("/security_risk")
@deny_early_data
async def security_risk(request: Request, q: Optional[int] = Query(None)) -> PlainTextResponse:
    return PlainTextResponse("Security action done after handshake")


if __name__ == "__main__":
    uvicorn.run(app, host="0.0.0.0", port=8080)

Send request to http://127.0.0.1:8080/security_risk with header Early-Data=1 and you will get 425 Early Data.

Request to http://127.0.0.1:8080/ with the same header will only return 425 Early Data if you pass deny_all=True to app.add_middleware(...)

Testing

  • Run ./scripts/install to set up virtualenv
  • Run ./scripts/test to run tests
  • Run ./scripts/lint to lint code

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for igor_ne from gravatar.com igor_ne

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Public Domain (Unlicense)
  • Author: Igor Nehoroshev
  • Requires: Python >=3.6
Classifiers

Release history Release notifications | RSS feed

This version

1.1.0

1.0.0

0.2.2

0.2.1

0.2.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

starlette-early-data-1.1.0.tar.gz (3.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

starlette_early_data-1.1.0-py3-none-any.whl (4.8 kB view details)

Uploaded Python 3

File details

Details for the file starlette-early-data-1.1.0.tar.gz.

File metadata

  • Download URL: starlette-early-data-1.1.0.tar.gz
  • Upload date:
  • Size: 3.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/2.0.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/49.2.0 requests-toolbelt/0.9.1 tqdm/4.38.0 CPython/3.6.9

File hashes

Hashes for starlette-early-data-1.1.0.tar.gz
Algorithm Hash digest
SHA256 8a34fe0e4f489f8bc89b324152424d91474406f3f6e420b8d64ff8fa5bd90176
MD5 7e4afaa93ebc87e0d889207a68fd0534
BLAKE2b-256 96de2e6c2c8b75397e9b15c0f8a1ea7018f25117167c79be773aeb0e24d4ad99

See more details on using hashes here.

File details

Details for the file starlette_early_data-1.1.0-py3-none-any.whl.

File metadata

  • Download URL: starlette_early_data-1.1.0-py3-none-any.whl
  • Upload date:
  • Size: 4.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/2.0.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/49.2.0 requests-toolbelt/0.9.1 tqdm/4.38.0 CPython/3.6.9

File hashes

Hashes for starlette_early_data-1.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 48e37e1f0e4c08631497d2fd77284f2b0cdfd69ad6f3b14706249c92d852a8c6
MD5 7725e0cc5e9873981e3018164ffe6a56
BLAKE2b-256 7958e56a1da3c90f719946a623bc25fe01a69768a4003d9b7b0bd4c8ba9beff4

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page