Support https://tools.ietf.org/html/draft-cavage-http-signatures-08#section-4,

which uses a Signature header instead of Authorization header.
2018-10-19 21:36:45 +01:00 · 2018-10-19 21:36:45 +01:00 · be44d4f19f
parent 80c9bb8c14
commit be44d4f19f
1 changed files with 22 additions and 0 deletions
--- a/requests_http_signature/init.py
+++ b/requests_http_signature/init.py
@ -121,3 +121,25 @@ class HTTPSignatureAuth(requests.auth.AuthBase):
        sts = self.get_string_to_sign(request, headers)
        key = key_resolver(key_id=sig_struct["keyId"], algorithm=sig_struct["algorithm"])
        Crypto(sig_struct["algorithm"]).verify(sig, sts, key)
+
+class HTTPSignatureHeaderAuth(HTTPSignatureAuth):
+    """
+        https://tools.ietf.org/html/draft-cavage-http-signatures-08#section-4
+
+        Using "Signature" header instead of "Authorization" header.
+    """
+
+    def __call__(self, request):
+        self.add_date(request)
+        self.add_digest(request)
+        raw_sig = Crypto(self.algorithm).sign(string_to_sign=self.get_string_to_sign(request, self.headers),
+                                              key=self.key,
+                                              passphrase=self.passphrase)
+        sig = base64.b64encode(raw_sig).decode()
+        sig_struct = [("keyId", self.key_id),
+                      ("algorithm", self.algorithm),
+                      ("headers", " ".join(self.headers)),
+                      ("signature", sig)]
+        request.headers["Signature"] = ",".join('{}="{}"'.format(k, v) for k, v in sig_struct)
+        return request
+