gcrkrause
/
requests-http-signature
mirror of https://github.com/pyauth/requests-http-signature
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add note on nonce parameter

pull/34/head
Andrey Kislyuk 2022-04-12 15:23:21 -07:00
parent 7324cb2f03
commit ca2b461a87
No known key found for this signature in database
GPG Key ID: 8AFAFCD242818A52
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
requests_http_signature/__init__.py
View File

@ -209,7 +209,9 @@ class HTTPSignatureAuth(requests.auth.AuthBase):
* ``label`` (str): The label for the signature
* ``algorithm``: (same as ``signature_algorithm`` above)
* ``covered_components``: A mapping of component names to their values, as covered by the signature
* ``parameters``: A mapping of signature parameters to their values, as covered by the signature
* ``parameters``: A mapping of signature parameters to their values, as covered by the signature, including
"alg", "created", "expires", "keyid", and "nonce". To protect against replay attacks, retrieve the "nonce"
parameter here and check that it has not been seen before.
* ``body``: The message body for messages that have a body and pass validation of the covered
content-digest; ``None`` otherwise.