gcrkrause
/
requests-http-signature
mirror of https://github.com/pyauth/requests-http-signature
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
51 Commits
2 Branches
11 Tags
3.2 MiB
Commit Graph

21 Commits (1e3cb991e7cef1b4bb0740fd35d8d044775b863a)

Author SHA1 Message Date
Andrey Kislyuk 1e3cb991e7
Expand docs 2022-04-10 15:54:55 -07:00
Andrey Kislyuk 86bcd9f275
Update package to follow the latest draft 2022-04-10 14:52:41 -07:00
Jean-Hugues de Raigniac 8d615eac2a
minor PEP 8 fixes, expired signature check (#26) 2021-04-27 06:47:50 -07:00
Georg Krause 606fd8f891
Set correct Scheme for HTTPSignatureHeaderAuth.verify (#25) 2021-04-25 16:10:21 -07:00
Georg Krause d1129fdd9a
Allow missing created field (#23) 
* Do not add created field if algorithm is rsa, hmac or ecdsa

* Disable check for W504

This is mutually exclusive with W503, but it seems to check for both. So
no matter where the linebreak is, the linter says its wrong. This fixes
this behavior and allows to use at least one option.

* Allow github actions to run on pull request

* Make created field optional on verification
 2021-04-25 16:10:03 -07:00
Andrey Kislyuk c0c8fd7255
Merge branch 'master' of github.com:kislyuk/requests-http-signature 2020-04-25 14:03:39 -07:00
Andrey Kislyuk 6b415c19f2
Fix handling of readme example 
Fixes #5
 2020-04-25 14:02:36 -07:00
Arjen Brouwer ed24c9a04c
Implemented support for (created) and (expires) special headers (#14) 2020-04-25 07:20:06 -07:00
Andrey Kislyuk f1ced58164
Revert "Use one-shot signing. Fixes #16" 
This reverts commit 053678a22e.
 2020-04-25 07:18:14 -07:00
Andrey Kislyuk 053678a22e
Use one-shot signing. Fixes #16 2020-04-25 06:58:40 -07:00
Andrey Kislyuk 2824b9b6e5
Add test for HTTPSignatureHeaderAuth 2020-04-24 12:56:20 -07:00
Andrey Kislyuk d7770e3ae9
Raise informative error when unable to compute body digest 2020-04-24 09:11:44 -07:00
Andrey Kislyuk 92d203ce65
Fix tests 2018-11-06 02:46:30 -08:00
Kevin Gill be44d4f19f Support https://tools.ietf.org/html/draft-cavage-http-signatures-08#section-4, 
which uses a Signature header instead of Authorization header.
 2018-10-19 21:36:45 +01:00
Kevin Gill 80c9bb8c14 Added RSA512 algorithm. 2018-10-19 16:38:40 +01:00
Andrey Kislyuk ea8d82cf0d HTTPSignatureAuth.verify: Rely only on request.url, not path_url 
This allows broader compatibility with request objects: in addition to
requests.PreparedRequest, we can now support requests.Request or any
object that has the method, url, and headers attributes.
 2017-09-19 09:54:48 -07:00
Andrey Kislyuk 91313a6d43 Test suite update 2017-08-22 19:54:51 -07:00
Andrey Kislyuk 9c5a122925 Require key ID 2017-08-22 14:49:25 -07:00
Andrey Kislyuk e4e19c1d3c Encode passphrase if not bytes 2017-08-22 13:40:41 -07:00
Andrey Kislyuk 59384e29b9 Add verify example 2017-08-22 13:06:21 -07:00
Andrey Kislyuk c474f2a888 Begin requests-http-signature 2017-08-22 12:05:04 -07:00