Colin-b / httpx_auth

Authentication classes to be used with httpx
MIT License
117 stars 26 forks source link

Add Documentation and fix latent bug in amz_cano_path method #10

Closed martinka closed 4 years ago

martinka commented 4 years ago

This adds a file documenting the new auth class. It also fixed a bug, which was introduced because of a difference in empty path handling between requests and httpx. requests will add a trailing / to the URL if the path is empty, httpx does not. the amz_cano_path function failed to set and empty path to /. Which is required. This resulted in a number of the live test to fail. These have been reenabled. Let me know if you have questions or want to handle the documentation differently.

Colin-b commented 4 years ago

Thanks, can you tell me more about the use case where you would not want to regenerate a signature for every API call ? I get the use case from within the documentation of Amazon but I feel like the added value is not worth the complexity ? Do you use it yourself ? Same thing for the ability to provide a date , why would you want to send a query using a date not set to the exact time of the query ?

Thanks a lot for your input and the hard work on this feature !

martinka commented 4 years ago

I have never used the date feature. I am not sure why it was included. I did try to keep the changes to the signature to a minimum so folks using requests_aws4auth would be able to basically change the import and references to requests and it should work.

I am assuming you mean retaining the signing key? If not then I don't really understand what you are getting at the with the same signature across multiple requests. I have not personally had to do this, although I can think of some cases where folks might not want to leave the AWS creds in memory... I think that was the reason for allowing people to provide a pre computed signing key.

My use case tends to be long running data ingestion type work loads, so key regeneration is important. I am not too concerned about multi threading since we tend to do multiprocess, with multipe async tasks running ( but no real threads).

but my main argument for leaving the data and signing key stuff in is backward compatibility with requests-aws4auth. I think the 90% use case is the one where someone creates an AWS4Auth object with creds, and no date. Probably its ok to simplify, however, I am not sure I am representative of everyone that uses this.

martinka commented 4 years ago

A little movement on the test suite side. I talked to our AWS rep yesterday and he seems to get why I need it. He is going to reach out internally and see if he can get me access. I am not sure if it will go anywhere but maybe.

martinka commented 4 years ago

I managed to get a copy of the test suite from my amazon rep. They are no longer supporting it. I will run it and ensure everything is working, but if we hit errors they are not providing support. Not sure what we want to do regarding that. Since the suite will be increasingly out of date. We might want to remove it from the test cases. I am still hoping to talk to someone on their dev team. but not sure when.