{ "info": { "author": "Mozilla Services", "author_email": "services-dev@mozilla.org", "bugtrack_url": null, "classifiers": [ "License :: OSI Approved :: Mozilla Public License 2.0 (MPL 2.0)", "Programming Language :: Python" ], "description": "=================================================================\nhawkauthlib: library for implementing Hawk Access Authentication\n=================================================================\n\nThis is a low-level library for implementing Hawk Access Authentication, a\nsimple HTTP request-signing scheme described in:\n\n https://npmjs.org/package/hawk\n\nTo access resources using Hawk Access Authentication, the client must have\nobtained a set of Hawk credentials including an id and a secret key. They use\nthese credentials to make signed requests to the server.\n\nWhen accessing a protected resource, the server will generate a 401 challenge\nresponse with the scheme \"Hawk\" as follows::\n\n > GET /protected_resource HTTP/1.1\n > Host: example.com\n\n < HTTP/1.1 401 Unauthorized\n < WWW-Authenticate: Hawk\n\nThe client will use their Hawk credentials to build a request signature and\ninclude it in the Authorization header like so::\n\n > GET /protected_resource HTTP/1.1\n > Host: example.com\n > Authorization: Hawk id=\"h480djs93hd8\",\n > ts=\"1336363200\",\n > nonce=\"dj83hs9s\",\n > mac=\"bhCQXTVyfj5cmA9uKkPFx1zeOXM=\"\n\n < HTTP/1.1 200 OK\n < Content-Type: text/plain\n <\n < For your eyes only: secret data!\n\n\nThis library provices the low-level functions necessary to implement such\nan authentication scheme. For Hawk Auth clients, it provides the following\nfunction:\n\n * sign_request(req, id, key, algorithm=\"sha256\"): sign a request using\n Hawk Access Auth.\n\nFor Hawk Auth servers, it provides the following functions:\n\n * get_id(req): get the claimed Hawk Auth id from the request.\n\n * check_signature(req, key, algorithm=\"sha256\"): check that the request\n was signed with the given key.\n\nThe request objects passed to these functions can be any of a variety of\ncommon object types:\n\n * a WSGI environment dict\n * a webob.Request object\n * a requests.Request object\n * a string or file-like object of request data\n\nA typical use for a client program might be to install the sign_request\nfunction as an authentication hook when using the requests library, like this::\n\n import requests\n import functools\n import hawkauthlib\n\n # Hook up sign_request() to be called on every request.\n def auth_hook(req):\n hawkauthlib.sign_request(req, id=\"\", key=\"\")\n return req\n session = requests.session(hooks={\"pre_request\": auth_hook})\n\n # Then use the session as normal, and the auth is applied transparently.\n session.get(\"http://www.secret-data.com/get-my-data\")\n\n\nA typical use for a server program might be to verify requests using a WSGI\nmiddleware component, like this::\n\n class HawkAuthMiddleware(object):\n\n # ...setup code goes here...\n\n def __call__(self, environ, start_response):\n\n # Find the identity claimed by the request.\n id = hawkauthlib.get_id(environ)\n\n # Look up their secret key.\n key = self.SECRET_KEYS[id]\n\n # If the signature is invalid, error out.\n if not hawkauthlib.check_signature(environ, key):\n start_response(\"401 Unauthorized\",\n [(\"WWW-Authenticate\", \"Hawk\")])\n return [\"\"]\n\n # Otherwise continue to the main application.\n return self.application(environ, start_response)\n\n\nThe following features of the Hawk protocol are not yet supported:\n\n * Bewits.\n * Timestamp adjustment.\n * Calculating or verifying the server's response signature.\n * Calculating or verifying payload hashes.\n\n\n2.0.0 - 2016-01-16\n==================\n\n * Py27, Py35 compatible\n\n0.1.1 - 2013-11-12\n==================\n\n * Let key be any binary string; id must still be ascii.\n\n\n0.1.0 - 2013-08-19\n==================\n\n * Initial release; this is essentially the macauthlib codebase, ported\n over to the new Hawk auth specification.\n\n\n", "description_content_type": null, "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/mozilla-services/hawkauthlib", "keywords": "authentication Hawk HTTP request signing", "license": "MPLv2.0", "maintainer": "", "maintainer_email": "", "name": "hawkauthlib", "package_url": "https://pypi.org/project/hawkauthlib/", "platform": "", "project_url": "https://pypi.org/project/hawkauthlib/", "project_urls": { "Homepage": "https://github.com/mozilla-services/hawkauthlib" }, "release_url": "https://pypi.org/project/hawkauthlib/2.0.0/", "requires_dist": [ "webob", "requests; extra == 'test'" ], "requires_python": "", "summary": "Hawk Access Authentication protocol", "version": "2.0.0" }, "last_serial": 3366578, "releases": { "0.1.0": [ { "comment_text": "", "digests": { "md5": "2623f78e3a5be8e848880528bdcd94e3", "sha256": "78643888266ea0998bf8015d450ca95ed2dc1fac7491d0c190f46e18670d205b" }, "downloads": -1, "filename": "hawkauthlib-0.1.0.tar.gz", "has_sig": false, "md5_digest": "2623f78e3a5be8e848880528bdcd94e3", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 13469, "upload_time": "2013-08-19T04:44:47", "url": "https://files.pythonhosted.org/packages/ce/36/785fa762059ca4974a3302642d99e69c5f9eda1153100545384a153351fd/hawkauthlib-0.1.0.tar.gz" } ], "0.1.1": [ { "comment_text": "", "digests": { "md5": "86cd5e4577397fbb75975dd8b6fb939e", "sha256": "7ac93c892e7629721dde196193c9af3bde1f20540945569f7c7d34d3ea92680a" }, "downloads": -1, "filename": "hawkauthlib-0.1.1.tar.gz", "has_sig": false, "md5_digest": "86cd5e4577397fbb75975dd8b6fb939e", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12620, "upload_time": "2013-11-12T00:37:38", "url": "https://files.pythonhosted.org/packages/46/62/54729cbfc8d115f07f41f74a43a8e3711be358541295ff76fcec5bfd81d2/hawkauthlib-0.1.1.tar.gz" } ], "2.0.0": [ { "comment_text": "", "digests": { "md5": "efe71dcc5c5fdeca2c59881cd64faac9", "sha256": "935878d3a75832aa76f78ddee13491f1466cbd69a8e7e4248902763cf9953ba9" }, "downloads": -1, "filename": "hawkauthlib-2.0.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "efe71dcc5c5fdeca2c59881cd64faac9", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 32440, "upload_time": "2017-11-27T03:17:21", "url": "https://files.pythonhosted.org/packages/53/ec/23dd5cbd5e950543fdd30d91ddac4f56e395d14316677aa4cb78a029f8e2/hawkauthlib-2.0.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "bb2257a488c9971ba226bc6ade06c11f", "sha256": "effd64a2572e3c0d9090b55ad2180b36ad50e7760bea225cb6ce2248f421510d" }, "downloads": -1, "filename": "hawkauthlib-2.0.0.tar.gz", "has_sig": false, "md5_digest": "bb2257a488c9971ba226bc6ade06c11f", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 14886, "upload_time": "2017-11-27T03:17:22", "url": "https://files.pythonhosted.org/packages/26/b7/0ec2846e5e2b3591ca867d7b06b67b5242f73bfe6da164b7232b8bffc657/hawkauthlib-2.0.0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "efe71dcc5c5fdeca2c59881cd64faac9", "sha256": "935878d3a75832aa76f78ddee13491f1466cbd69a8e7e4248902763cf9953ba9" }, "downloads": -1, "filename": "hawkauthlib-2.0.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "efe71dcc5c5fdeca2c59881cd64faac9", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 32440, "upload_time": "2017-11-27T03:17:21", "url": "https://files.pythonhosted.org/packages/53/ec/23dd5cbd5e950543fdd30d91ddac4f56e395d14316677aa4cb78a029f8e2/hawkauthlib-2.0.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "bb2257a488c9971ba226bc6ade06c11f", "sha256": "effd64a2572e3c0d9090b55ad2180b36ad50e7760bea225cb6ce2248f421510d" }, "downloads": -1, "filename": "hawkauthlib-2.0.0.tar.gz", "has_sig": false, "md5_digest": "bb2257a488c9971ba226bc6ade06c11f", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 14886, "upload_time": "2017-11-27T03:17:22", "url": "https://files.pythonhosted.org/packages/26/b7/0ec2846e5e2b3591ca867d7b06b67b5242f73bfe6da164b7232b8bffc657/hawkauthlib-2.0.0.tar.gz" } ] }