cubicweb-signedrequest

rest api for cubicweb

These details have not been verified by PyPI

Project links

Homepage

Project description

Summary

This cube allows a client to forge signed HTTP resquests that are then recognized as valid by the CubicWeb web server, ie. the request is handled as an authenticated user. For example, it can be used to start an operation using an authenticated user.

It’s usually used alongside with cubicweb-rqlcontroller and cwclientlib.

This cube aims at make it easy to write REST-like APIs for CW.

Long story short: cubicweb-signedrequest allows you to make authenticated HTTP requests simply by addind a properly forged HTTP header in your request.

How to use signed HTTP requests in your CubicWeb app?

This cube aims at making it possible to use tokens to authenticate to a CubicWeb application. It provides a Token entity that have a unique token_id attribute and a generated (secret) token. This Token entity is related to a CWUser (using the token_for_user relation).

It’s the possible to make authenticated HTTP requests (authenticated as this CWUser) by adding a Authorization header to the HTTP request. This header is computed as a HMAC hash with:

the secret token as key,

the concatenation os method + url + all the signed headers.

By default, the method is the Cubicweb string, and the signed headers are ‘Content-SHA512’, ‘Content-Type’ and ‘Date’.

The doc/sreq_example.py script is an simple python script showing how to forge such a HTTP GET request using urllib2.

Please read the documentation of cwclientlib for examples of how it can be used.

Project details

These details have not been verified by PyPI

Project links

Homepage

Release history Release notifications | RSS feed

This version

3.0.0

Jul 20, 2023

2.1.0

Feb 21, 2023

2.0.0

Nov 24, 2022

1.2.0

May 3, 2022

1.1.0

Mar 29, 2022

1.0.0

Oct 7, 2020

0.6.1

Jun 27, 2022

0.6.0

Mar 15, 2022

0.5.2

Sep 24, 2020

0.5.1

Sep 27, 2019

0.5.0

Mar 5, 2019

0.4.1

Dec 18, 2018

0.4.0

Jun 11, 2018

0.3.1

Feb 12, 2018

0.3.0

May 11, 2016

0.2.1

Jul 23, 2015

0.2.0

May 29, 2015

0.1.3

Nov 17, 2014

0.1.2

Jun 27, 2014

0.1.1

Mar 28, 2014

0.1.0

Mar 13, 2014

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cubicweb-signedrequest-3.0.0.tar.gz (19.2 kB view hashes)

Uploaded Jul 20, 2023 Source

Built Distribution

cubicweb_signedrequest-3.0.0-py3-none-any.whl (20.6 kB view hashes)

Uploaded Jul 20, 2023 Python 3

Hashes for cubicweb-signedrequest-3.0.0.tar.gz

Hashes for cubicweb-signedrequest-3.0.0.tar.gz
Algorithm	Hash digest
SHA256	`a4ff41fee0e58c2a11b10103f2ef0bbb60eab0300764678c0852dcd2704a2920`
MD5	`d9b9afe5d7586805ce6f2a333bfd72ef`
BLAKE2b-256	`b02c31f2c4cb326c2d35e82521e395456c7919bac1fc98f6e616fa26fdf7720e`

Hashes for cubicweb_signedrequest-3.0.0-py3-none-any.whl

Hashes for cubicweb_signedrequest-3.0.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`adb54b4981fb160d06d4543771ab64517841e2f89df5fccad693696ef3c1b563`
MD5	`6c1e4e2b13915684b6ed2709caa41798`
BLAKE2b-256	`9a7ce6f1fd47e0a45cefa7ae04557dc590b11d352980bde28834649de3ec2d03`

cubicweb-signedrequest 3.0.0

Navigation

Verified details

Maintainers

Unverified details

Project links

Meta

Classifiers

Project description

Summary

How to use signed HTTP requests in your CubicWeb app?

Project details

Verified details

Maintainers

Unverified details

Project links

Meta

Classifiers

Release history Release notifications | RSS feed

Download files

Source Distribution

Built Distribution