gcrkrause
/
requests-http-signature
mirror of https://github.com/pyauth/requests-http-signature
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Raise informative error when unable to compute body digest

pull/21/head
Andrey Kislyuk 2020-04-24 09:11:44 -07:00
parent e3a2e2d631
commit d7770e3ae9
No known key found for this signature in database
GPG Key ID: 8AFAFCD242818A52
2 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
requests_http_signature/__init__.py
View File

@ -5,6 +5,10 @@ import email.utils
import requests
from requests.compat import urlparse
from requests.exceptions import RequestException
class RequestsHttpSignatureException(RequestException):
"""An error occurred while constructing the HTTP Signature for your request."""
class Crypto:
def __init__(self, algorithm):
@ -67,6 +71,8 @@ class HTTPSignatureAuth(requests.auth.AuthBase):
request.headers["Date"] = email.utils.formatdate(timestamp, usegmt=True)
def add_digest(self, request):
if request.body is None and "digest" in self.headers:
raise RequestsHttpSignatureException("Could not compute digest header for request without a body")
if request.body is not None and "Digest" not in request.headers:
if "digest" not in self.headers:
self.headers.append("digest")

7
test/test.py
View File

@ -9,8 +9,7 @@ from requests.adapters import HTTPAdapter
sys.path.insert(0, os.path.abspath(os.path.join(os.path.dirname(__file__), '..'))) # noqa
from requests_http_signature import HTTPSignatureAuth
from requests_http_signature import HTTPSignatureAuth, RequestsHttpSignatureException
hmac_secret = b"monorail_cat"
passphrase = b"passw0rd"
@ -46,6 +45,10 @@ class TestRequestsHTTPSignature(unittest.TestCase):
self.session.get(url, auth=HTTPSignatureAuth(key=hmac_secret, key_id="sekret"))
with self.assertRaises(AssertionError):
self.session.get(url, auth=HTTPSignatureAuth(key=hmac_secret[::-1], key_id="sekret"))
with self.assertRaisesRegex(RequestsHttpSignatureException,
"Could not compute digest header for request without a body"):
self.session.get(url,
auth=HTTPSignatureAuth(key=hmac_secret[::-1], key_id="sekret", headers=["date", "digest"]))
def test_rfc_examples(self):
# The date in the RFC is wrong (2014 instead of 2012).