| Name | auth-aws4 JSON |
| Version |
0.1.8
JSON |
| download |
| home_page | None |
| Summary | Usecase agnostic implementation of AWS4 signing schema. |
| upload_time | 2024-09-09 16:00:25 |
| maintainer | None |
| docs_url | None |
| author | None |
| requires_python | >=3.8 |
| license | None |
| keywords |
authorization
aws
signing
|
| VCS |
|
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# Usecase agnostic implementation of AWS4 Sig v4
This implementation aims to be usecase agnostic. As such it accepts the
component pieces of a request rather than a full opinionated request object
like `httpx.Request`.
https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html
## Usage
### Validation
```python
from aws4 import generate_challenge, validate_challenge
payload = "<extract content from request>"
challenge = generate_challenge(
method=request.method,
url=request.url,
headers=request.headers,
content=payload.decode("utf-8"),
)
secret_access_key = <load secret key using the challenge.access_key_id>
validate_challenge(challenge, secret_key.secret_access_key)
```
### Signing
An example of an httpx AWS4 request signing. In this example the `Authorization` header is injected into `request.headers`
```
from datetime import datetime, timezone
import aws4
service = "s3"
region = "us-east-1"
access_key_id = "my-access-key-id"
secret_access_key = "my-secret-access-key"
def http_aws4_auth(request: httpx.Request):
dt = datetime.now(tz=timezone.utc)
request.headers["x-amz-date"] = aws4.to_amz_date(dt)
request.headers["host"] = request.url.netloc.decode("utf-8")
body = request.content.decode("utf-8")
if body:
request.headers["Content-Length"] = str(len(body))
aws4.sign_request(
service,
request.method,
request.url,
region,
request.headers,
body,
access_key_id,
secret_access_key,
dt,
)
with httpx.Client() as client:
r = client.request(
url="http://localhost",
auth=auth,
)
```
## Extra credit
Thanks to [@ozzzzz](https://www.github.com/ozzzzz) and
[@ivanmisic](https://www.github.com/ivanmisic) for work on the initial
httpx/fastapi implementations this was extracted from.
Raw data
{
"_id": null,
"home_page": null,
"name": "auth-aws4",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.8",
"maintainer_email": "Daniel Edgecombe <daniel@nrwl.co>",
"keywords": "authorization, aws, signing",
"author": null,
"author_email": "Daniel Edgecombe <daniel@nrwl.co>",
"download_url": "https://files.pythonhosted.org/packages/c1/38/00468b3a98acb3e90e4b6a403613710c07d74f2d262f21afc9686ce3a898/auth_aws4-0.1.8.tar.gz",
"platform": null,
"description": "# Usecase agnostic implementation of AWS4 Sig v4\n\nThis implementation aims to be usecase agnostic. As such it accepts the\ncomponent pieces of a request rather than a full opinionated request object\nlike `httpx.Request`.\n\nhttps://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html\n\n## Usage\n\n### Validation\n\n```python\nfrom aws4 import generate_challenge, validate_challenge\n\npayload = \"<extract content from request>\"\n\nchallenge = generate_challenge(\n method=request.method,\n url=request.url,\n headers=request.headers,\n content=payload.decode(\"utf-8\"),\n)\n\nsecret_access_key = <load secret key using the challenge.access_key_id>\n\nvalidate_challenge(challenge, secret_key.secret_access_key)\n```\n\n### Signing\n\nAn example of an httpx AWS4 request signing. In this example the `Authorization` header is injected into `request.headers`\n\n```\nfrom datetime import datetime, timezone\n\nimport aws4\n\n\nservice = \"s3\"\nregion = \"us-east-1\"\naccess_key_id = \"my-access-key-id\"\nsecret_access_key = \"my-secret-access-key\"\n\ndef http_aws4_auth(request: httpx.Request):\n dt = datetime.now(tz=timezone.utc)\n request.headers[\"x-amz-date\"] = aws4.to_amz_date(dt)\n request.headers[\"host\"] = request.url.netloc.decode(\"utf-8\")\n\n body = request.content.decode(\"utf-8\")\n if body:\n request.headers[\"Content-Length\"] = str(len(body))\n\n aws4.sign_request(\n service,\n request.method,\n request.url,\n region,\n request.headers,\n body,\n access_key_id,\n secret_access_key,\n dt,\n )\n\nwith httpx.Client() as client:\n r = client.request(\n url=\"http://localhost\",\n auth=auth,\n )\n```\n\n## Extra credit\n\nThanks to [@ozzzzz](https://www.github.com/ozzzzz) and\n[@ivanmisic](https://www.github.com/ivanmisic) for work on the initial\nhttpx/fastapi implementations this was extracted from.\n",
"bugtrack_url": null,
"license": null,
"summary": "Usecase agnostic implementation of AWS4 signing schema.",
"version": "0.1.8",
"project_urls": null,
"split_keywords": [
"authorization",
" aws",
" signing"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "f4145d7512f6dd5b6ea2a8087b70922018523214d4cca33ca51035722e8f8343",
"md5": "cb2887db31e435754799ceaaab829dea",
"sha256": "039429b8d1b64bddbf311cc733388149823036f66cbdc6db7dee921417922f3e"
},
"downloads": -1,
"filename": "auth_aws4-0.1.8-py3-none-any.whl",
"has_sig": false,
"md5_digest": "cb2887db31e435754799ceaaab829dea",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.8",
"size": 8414,
"upload_time": "2024-09-09T16:00:24",
"upload_time_iso_8601": "2024-09-09T16:00:24.044616Z",
"url": "https://files.pythonhosted.org/packages/f4/14/5d7512f6dd5b6ea2a8087b70922018523214d4cca33ca51035722e8f8343/auth_aws4-0.1.8-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "c13800468b3a98acb3e90e4b6a403613710c07d74f2d262f21afc9686ce3a898",
"md5": "fcdecbbb06e8612a09b9e072008b97ae",
"sha256": "1b5545210f9ef1da7290981e67b932b9530c50c1efbcf640fac0cf4c63976de1"
},
"downloads": -1,
"filename": "auth_aws4-0.1.8.tar.gz",
"has_sig": false,
"md5_digest": "fcdecbbb06e8612a09b9e072008b97ae",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.8",
"size": 55119,
"upload_time": "2024-09-09T16:00:25",
"upload_time_iso_8601": "2024-09-09T16:00:25.190870Z",
"url": "https://files.pythonhosted.org/packages/c1/38/00468b3a98acb3e90e4b6a403613710c07d74f2d262f21afc9686ce3a898/auth_aws4-0.1.8.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-09-09 16:00:25",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "auth-aws4"
}
