Short, well documented utilities for interacting with webhooks.

These details have not been verified by PyPI

Project links

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Project description

Webhook Utils

A set of utilities for interacting with webhooks.

Installation

pip install webhook-utils

Usage

Crypto

Available hash algorithms for all methods are:

md5 (not recommended)
sha1
sha256 (recommended)

Learn more about HMAC signatures here.

Generating HMAC signatures

Bare usage:

from webhook_utils.crypto import generate_sha256_signature

print(generate_sha256_signature(b'secret-key', b'some-message'))

Comparing HMAC signatures

Bare usage:

from webhook_utils.crypto import compare_sha256_signature

is_valid_signature = compare_sha256_signature(
    b'secret-key',
    b'some-message',
    'expected-signature',
)
if not is_valid_signature:
    raise ValueError('Invalid signature')

Httpx

webhook-utils has a built-in httpx.Auth class that can be used to automatically sign requests made with an httpx.Client.

An X-Webhook-Signature header will be added to all POST requests. The signature will be generated using the webhook_key and the provided signature method (defaults to sha256).

The header, signature, and http methods can be customized by passing the header_name, gen_signature_method, and methods keyword arguments.

pip install webhook-utils[httpx]

import httpx
from webhook_utils.contrib.httpx_auth import WebhookAuth
from webhook_utils.crypto import generate_sha1_signature

# Basic usage
auth = WebhookAuth("secret-key")
client = httpx.Client(auth=auth)


# Customized usage
auth = WebhookAuth(
    "secret-key",
    header_name="My-Webhook-Signature",
    gen_signature_method=generate_sha1_signature,
    methods={"POST", "PUT"},
)
client = httpx.Client(auth=auth)
client.post("https://example.com/webhook", json={"foo": "bar"})

FastAPI

webhook-utils has a built-in WebhookRouter class that can be used to wrap a fastapi.APIRouter to automatically verify incoming request signatures.

pip install webhook-utils[fastapi]

from fastapi import FastAPI, APIRouter
from webhook_utils.contrib.fastapi import WebhookRouter

app = FastAPI()
webhook_router = WebhookRouter(
    APIRouter(prefix="/webhooks"),
    webhook_key="secret",
)


@webhook_router.on("/demo-webhook")
def demo_event_handler():
    return {"status": "ok"}


app.include_router(webhook_router.api_router)

Publishing to PYPI

poetry build
# Verify that everything looks correct on test.pypi.org
poetry publish -r testpypi
poetry publish

Project details

These details have not been verified by PyPI

Project links

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

This version

0.3.2

Dec 30, 2021

0.3.1

Dec 30, 2021

0.3.0

Dec 30, 2021

0.2.0

Dec 29, 2021

0.1.0

Dec 29, 2021

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

webhook-utils-0.3.2.tar.gz (6.5 kB view hashes)

Uploaded Dec 30, 2021 Source

Built Distribution

webhook_utils-0.3.2-py3-none-any.whl (7.5 kB view hashes)

Uploaded Dec 30, 2021 Python 3

Hashes for webhook-utils-0.3.2.tar.gz

Hashes for webhook-utils-0.3.2.tar.gz
Algorithm	Hash digest
SHA256	`8419d7384efd4b6c0d9e8646fc083a3b334f98290222b83cc006d5f3de72da9b`
MD5	`f10d45abeb92fb58642a5105904f50d7`
BLAKE2b-256	`8e2d52e947e31175bfaa375608d1f4a2cb0f82076cc0d76d4a348e0b55d8aa0e`

Hashes for webhook_utils-0.3.2-py3-none-any.whl

Hashes for webhook_utils-0.3.2-py3-none-any.whl
Algorithm	Hash digest
SHA256	`95852ee2d691b87967409ef1bab70eaba949c39edcddb9c6a8f8be1b0337c3db`
MD5	`dcb635b05f3d810d172817b536ba0af4`
BLAKE2b-256	`0532c855a4ac4b9cf681b78813c1a6627be489d080ca7add8a932fbea2dfcb21`