Andrey Kislyuk
198e2dae5c
Add typing information
2022-04-19 11:39:09 -07:00
Andrey Kislyuk
ab8b01c9ae
Clarify naming
2022-04-15 10:34:49 -07:00
Andrey Kislyuk
d8b7916639
Clarify naming
2022-04-14 23:54:34 -07:00
Andrey Kislyuk
adecf44d46
Use max-age=24h by default
2022-04-14 23:52:20 -07:00
Andrey Kislyuk
e3e7c0f4c7
Use a class variable to set content digest alg
2022-04-14 23:48:53 -07:00
Andrey Kislyuk
b68a6e7db4
Use max-age=36h by default
2022-04-14 23:33:05 -07:00
Andrey Kislyuk
7ed5b7a022
Use max-age, auto-cover Authorization header
2022-04-14 19:18:23 -07:00
Andrey Kislyuk
ca2b461a87
Add note on nonce parameter
2022-04-12 15:23:21 -07:00
Andrey Kislyuk
fc73c56301
Support and document verifying responses
2022-04-12 12:01:18 -07:00
Andrey Kislyuk
b0ce7c34e8
Add type hint for PreparedRequest
2022-04-11 08:51:07 -07:00
Andrey Kislyuk
a01c9a6128
Add note about reconstructing incoming requests
2022-04-11 08:46:23 -07:00
Andrey Kislyuk
349c6e1cfe
No fixed keys for verifying
2022-04-10 22:25:59 -07:00
Andrey Kislyuk
0970baaff4
Fix wording in docstring
2022-04-10 22:23:58 -07:00
Andrey Kislyuk
c1acb39a5d
Pass through verified body in VerifiedRequest
2022-04-10 22:10:03 -07:00
Andrey Kislyuk
d71b15bb07
Add require_components to verify; expand docs
2022-04-10 17:24:30 -07:00
Andrey Kislyuk
1e3cb991e7
Expand docs
2022-04-10 15:54:55 -07:00
Andrey Kislyuk
86bcd9f275
Update package to follow the latest draft
2022-04-10 14:52:41 -07:00
Jean-Hugues de Raigniac
8d615eac2a
minor PEP 8 fixes, expired signature check ( #26 )
2021-04-27 06:47:50 -07:00
Georg Krause
606fd8f891
Set correct Scheme for HTTPSignatureHeaderAuth.verify ( #25 )
2021-04-25 16:10:21 -07:00
Georg Krause
d1129fdd9a
Allow missing created field ( #23 )
...
* Do not add created field if algorithm is rsa, hmac or ecdsa
* Disable check for W504
This is mutually exclusive with W503, but it seems to check for both. So
no matter where the linebreak is, the linter says its wrong. This fixes
this behavior and allows to use at least one option.
* Allow github actions to run on pull request
* Make created field optional on verification
2021-04-25 16:10:03 -07:00
Andrey Kislyuk
c0c8fd7255
Merge branch 'master' of github.com:kislyuk/requests-http-signature
2020-04-25 14:03:39 -07:00
Andrey Kislyuk
6b415c19f2
Fix handling of readme example
...
Fixes #5
2020-04-25 14:02:36 -07:00
Arjen Brouwer
ed24c9a04c
Implemented support for (created) and (expires) special headers ( #14 )
2020-04-25 07:20:06 -07:00
Andrey Kislyuk
f1ced58164
Revert "Use one-shot signing. Fixes #16"
...
This reverts commit 053678a22e
.
2020-04-25 07:18:14 -07:00
Andrey Kislyuk
053678a22e
Use one-shot signing. Fixes #16
2020-04-25 06:58:40 -07:00
Andrey Kislyuk
2824b9b6e5
Add test for HTTPSignatureHeaderAuth
2020-04-24 12:56:20 -07:00
Andrey Kislyuk
d7770e3ae9
Raise informative error when unable to compute body digest
2020-04-24 09:11:44 -07:00
Andrey Kislyuk
92d203ce65
Fix tests
2018-11-06 02:46:30 -08:00
Kevin Gill
be44d4f19f
Support https://tools.ietf.org/html/draft-cavage-http-signatures-08#section-4 ,
...
which uses a Signature header instead of Authorization header.
2018-10-19 21:36:45 +01:00
Kevin Gill
80c9bb8c14
Added RSA512 algorithm.
2018-10-19 16:38:40 +01:00
Andrey Kislyuk
ea8d82cf0d
HTTPSignatureAuth.verify: Rely only on request.url, not path_url
...
This allows broader compatibility with request objects: in addition to
requests.PreparedRequest, we can now support requests.Request or any
object that has the method, url, and headers attributes.
2017-09-19 09:54:48 -07:00
Andrey Kislyuk
91313a6d43
Test suite update
2017-08-22 19:54:51 -07:00
Andrey Kislyuk
9c5a122925
Require key ID
2017-08-22 14:49:25 -07:00
Andrey Kislyuk
e4e19c1d3c
Encode passphrase if not bytes
2017-08-22 13:40:41 -07:00
Andrey Kislyuk
59384e29b9
Add verify example
2017-08-22 13:06:21 -07:00
Andrey Kislyuk
c474f2a888
Begin requests-http-signature
2017-08-22 12:05:04 -07:00