A Pyramid authentication plugin for HAWK

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for rfk from gravatar.com rfk

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Mozilla Public License 2.0 (MPL 2.0) (MPLv2.0)
  • Author: Mozilla Services
  • Tags authentication, token, hawk, request, signing
Classifiers

Project description

This is a Pyramid authenitcation plugin for Hawk Access Authentication:

https://npmjs.org/package/hawk

To access resources using Hawk Access Authentication, the client must have obtained a set of Hawk credentials including an id and secret key. They use these credentials to make signed requests to the server.

When accessing a protected resource, the server will generate a 401 challenge response with the scheme “Hawk” as follows:

> GET /protected_resource HTTP/1.1
> Host: example.com

< HTTP/1.1 401 Unauthorized
< WWW-Authenticate: Hawk

The client will use their Hawk credentials to build a request signature and include it in the Authorization header like so:

> GET /protected_resource HTTP/1.1
> Host: example.com
> Authorization: Hawk id="h480djs93hd8",
>                     ts="1336363200",
>                     nonce="dj83hs9s",
>                     mac="bhCQXTVyfj5cmA9uKkPFx1zeOXM="

< HTTP/1.1 200 OK
< Content-Type: text/plain
<
< For your eyes only:  secret data!

This plugin uses the tokenlib library for verifying Hawk credentials:

https://github.com/mozilla-services/tokenlib

If this library does not meet your needs, you can provide a custom callback function to decode the Hawk id token.

2.0.0 - 2018-01-10

  • Update use of tokenlib API for v0.3 and later.

  • Py27, Py35 compatible; thanks @return42!

v0.1.0 - 2014-13-01

  • Initial release, based on pyramid_macauth codebase.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for rfk from gravatar.com rfk

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Mozilla Public License 2.0 (MPL 2.0) (MPLv2.0)
  • Author: Mozilla Services
  • Tags authentication, token, hawk, request, signing
Classifiers

Release history Release notifications | RSS feed

This version

2.0.0

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pyramid_hawkauth-2.0.0.tar.gz (10.8 kB view details)

Uploaded Source

Built Distribution

pyramid_hawkauth-2.0.0-py2.py3-none-any.whl (21.6 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file pyramid_hawkauth-2.0.0.tar.gz.

File metadata

File hashes

Hashes for pyramid_hawkauth-2.0.0.tar.gz
Algorithm Hash digest
SHA256 d1467c3155ba96ebfd194d851f8000749239e3a57ee92e75e7f8ef7e5193b424
MD5 f150d1ab64051de33023f90586cbe90f
BLAKE2b-256 ac4fc393f0dc1f8e6c41f7588cde7bcceffcb505d1e09b39545e59db92b45504

See more details on using hashes here.

File details

Details for the file pyramid_hawkauth-2.0.0-py2.py3-none-any.whl.

File metadata

File hashes

Hashes for pyramid_hawkauth-2.0.0-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 4261029ce0246477423bfcbfad31ff84b46d2ada2d1e6cc4eed98be77e9390aa
MD5 fcc376fa254d6753758129c565fc0517
BLAKE2b-256 ac988a786fa8d2e1bdd1db4b11abd7e1b0298a7be2aa34c4a50e86cc26a06123

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page