| Name | httpie-hmac JSON |
| Version |
1.2.0
JSON |
| download |
| home_page | |
| Summary | HMAC Auth Plugin for Httpie |
| upload_time | 2023-07-09 20:02:55 |
| maintainer | |
| docs_url | None |
| author | |
| requires_python | >=3.7 |
| license | MIT |
| keywords |
httpie
auth
hmac
aws4
|
| VCS |
 |
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# HTTPIE HMAC
This plugin is borrows heavily from the original work by Nick Statterly (https://github.com/guardian/httpie-hmac-auth) - that project was archived in May 2022.
This plugin extends the functionality to allow different HMAC patterns to be defined in the library and by a user provided script - thereby avoiding any requirement to create a new plugin to support a different pattern.
The httpie auth should be set to ``hmac`` and the ``--auth`` field contains key-value pairs to configure the plugin, the keys are:
* ``secret`` - base64 encoded secret to be used in the HMAC
* ``access_id`` - (Optional) String access token / id used to identify the user depending on the schema
* ``format`` - (Optional) Sets a pre-defined format or a python file to process the headers
Key-value pairs can also be set using environment variables starting with `HTTPIE_HMAC_`.
For example:
``` bash
http --auth-type=hmac --auth="secret:some_secret" GET http://localhost:8000
http --auth-type=hmac --auth="secret:7Ez...wVA,access_id:AK...6R,format:aws4" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt
export HTTPIE_HMAC_SECRET=7Ez...wVA
export HTTPIE_HMAC_ACCESS_ID=AK...6R
export HTTPIE_HMAC_FORMAT=aws4
httpie --auth-type=hmac --auth="" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt
```
## Supported Formats
### AWS4 (aws4)
AWS4 uses the `AWSRequestsAuth` library to generate the required AWS auth header. It will attempt to get the required information from the provided URL, however the host, region and service fields can be set manually:
```
http --auth-type=hmac --auth="secret:7Ez...wVA,access_id:AK...6R,host:my_bucket.s3.eu-west-2.amazonaws.com,service:s3,region:eu-west-2:format:aws4" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt
```
### Simple (simple)
The string_to_sign consists of the HTTP method, content_md5, content_type, http_date and path:
```
[method]\n
[content_md5]\n
[content_type]\n
[http_date]\n
[path]
```
This string is signed using the sha256 HMAC. The resulting signature is placed in the "Authorization" header in the format:
```
Authorization: HMAC [signature]
Authorization: HMAC [access_id]:[signature]
```
## Custom Format
A custom python file can be passed to the plug and used to generate bespoke formats, the following example implements the Simple formatter using a custom file:
```
import hmac
import hashlib
import base64
from httpie_hmac import HmacGenerate
class HmacAuthCustom(HmacGenerate):
def generate(request):
string_to_sign = '\n'.join(
[request.method, request.content_md5, request.content_type,
request.http_date, request.path]).encode()
digest = hmac.new(bytes(request.secret_key, 'UTF-8'), string_to_sign,
hashlib.sha256).digest()
signature = base64.b64encode(digest).rstrip().decode('utf-8')
if request.access_id is None or request.access_id == '':
request.inner.headers['Authorization'] = f"HMAC {signature}"
else:
request.inner.headers['Authorization'] = \
f"HMAC {request.access_id}:{signature}"
return request.inner
```
Note that the ``request.inner.headers`` dictionary will contain `content_type`, `content_md5` and `date` fields if they were not previously set. If they are not required they need to be removed from the list.
Additional data could be passed to the custom formatter using environment variables if needed.
Raw data
{
"_id": null,
"home_page": "",
"name": "httpie-hmac",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": "",
"keywords": "httpie,auth,hmac,aws4",
"author": "",
"author_email": "Martyn Pittuck-Schols <martyn@rustfoo.com>",
"download_url": "https://files.pythonhosted.org/packages/60/d8/f59b79d722df4a42170ab6b2fafbd43a8c9371a3612d63555de37e7c1950/httpie-hmac-1.2.0.tar.gz",
"platform": null,
"description": "# HTTPIE HMAC\n\nThis plugin is borrows heavily from the original work by Nick Statterly (https://github.com/guardian/httpie-hmac-auth) - that project was archived in May 2022.\n\nThis plugin extends the functionality to allow different HMAC patterns to be defined in the library and by a user provided script - thereby avoiding any requirement to create a new plugin to support a different pattern.\n\nThe httpie auth should be set to ``hmac`` and the ``--auth`` field contains key-value pairs to configure the plugin, the keys are:\n\n* ``secret`` - base64 encoded secret to be used in the HMAC\n* ``access_id`` - (Optional) String access token / id used to identify the user depending on the schema\n* ``format`` - (Optional) Sets a pre-defined format or a python file to process the headers\n\nKey-value pairs can also be set using environment variables starting with `HTTPIE_HMAC_`.\n\nFor example:\n\n``` bash\nhttp --auth-type=hmac --auth=\"secret:some_secret\" GET http://localhost:8000\nhttp --auth-type=hmac --auth=\"secret:7Ez...wVA,access_id:AK...6R,format:aws4\" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt\n\nexport HTTPIE_HMAC_SECRET=7Ez...wVA\nexport HTTPIE_HMAC_ACCESS_ID=AK...6R\nexport HTTPIE_HMAC_FORMAT=aws4\nhttpie --auth-type=hmac --auth=\"\" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt\n```\n\n## Supported Formats\n\n### AWS4 (aws4)\n\nAWS4 uses the `AWSRequestsAuth` library to generate the required AWS auth header. It will attempt to get the required information from the provided URL, however the host, region and service fields can be set manually:\n\n```\nhttp --auth-type=hmac --auth=\"secret:7Ez...wVA,access_id:AK...6R,host:my_bucket.s3.eu-west-2.amazonaws.com,service:s3,region:eu-west-2:format:aws4\" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt\n```\n\n### Simple (simple)\n\nThe string_to_sign consists of the HTTP method, content_md5, content_type, http_date and path:\n\n```\n[method]\\n\n[content_md5]\\n\n[content_type]\\n\n[http_date]\\n\n[path]\n```\n\nThis string is signed using the sha256 HMAC. The resulting signature is placed in the \"Authorization\" header in the format:\n\n```\nAuthorization: HMAC [signature]\nAuthorization: HMAC [access_id]:[signature]\n```\n\n## Custom Format\n\nA custom python file can be passed to the plug and used to generate bespoke formats, the following example implements the Simple formatter using a custom file:\n\n```\nimport hmac\nimport hashlib\nimport base64\n\nfrom httpie_hmac import HmacGenerate\n\nclass HmacAuthCustom(HmacGenerate):\n\n def generate(request):\n\n string_to_sign = '\\n'.join(\n [request.method, request.content_md5, request.content_type,\n request.http_date, request.path]).encode()\n digest = hmac.new(bytes(request.secret_key, 'UTF-8'), string_to_sign,\n hashlib.sha256).digest()\n signature = base64.b64encode(digest).rstrip().decode('utf-8')\n\n if request.access_id is None or request.access_id == '':\n request.inner.headers['Authorization'] = f\"HMAC {signature}\"\n else:\n request.inner.headers['Authorization'] = \\\n f\"HMAC {request.access_id}:{signature}\"\n\n return request.inner\n```\n\nNote that the ``request.inner.headers`` dictionary will contain `content_type`, `content_md5` and `date` fields if they were not previously set. If they are not required they need to be removed from the list.\n\nAdditional data could be passed to the custom formatter using environment variables if needed.\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "HMAC Auth Plugin for Httpie",
"version": "1.2.0",
"project_urls": {
"homepage": "https://github.com/martynp/httpie-hmac/",
"repository": "https://github.com/martynp/httpie-hmac.git"
},
"split_keywords": [
"httpie",
"auth",
"hmac",
"aws4"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "7c2f2e812e4297e2adf171f0cc8c03af967d8c128e666251ef67ba4c78574bdb",
"md5": "97f6ae5490515f9addac45f4dfd0c8ef",
"sha256": "aa1de7c21112787769e5879143c0ba7577faa1a12986c278f3379b689e4497c2"
},
"downloads": -1,
"filename": "httpie_hmac-1.2.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "97f6ae5490515f9addac45f4dfd0c8ef",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 6580,
"upload_time": "2023-07-09T20:02:53",
"upload_time_iso_8601": "2023-07-09T20:02:53.995112Z",
"url": "https://files.pythonhosted.org/packages/7c/2f/2e812e4297e2adf171f0cc8c03af967d8c128e666251ef67ba4c78574bdb/httpie_hmac-1.2.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "60d8f59b79d722df4a42170ab6b2fafbd43a8c9371a3612d63555de37e7c1950",
"md5": "55b664c93934dfff755de66947c65576",
"sha256": "1d6fb9c434adf21874d1c51d4d525d5c79969ab1601caa892af4d8903f0b56db"
},
"downloads": -1,
"filename": "httpie-hmac-1.2.0.tar.gz",
"has_sig": false,
"md5_digest": "55b664c93934dfff755de66947c65576",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 5637,
"upload_time": "2023-07-09T20:02:55",
"upload_time_iso_8601": "2023-07-09T20:02:55.015845Z",
"url": "https://files.pythonhosted.org/packages/60/d8/f59b79d722df4a42170ab6b2fafbd43a8c9371a3612d63555de37e7c1950/httpie-hmac-1.2.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-07-09 20:02:55",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "martynp",
"github_project": "httpie-hmac",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "httpie-hmac"
}
