Open jd185367 opened 3 years ago
I've actually written a library that does this very thing and is currently published in artifactory (not public). See here:
https://github.com/ncr-bsp/pypi-nep-hmac
I can move that here and publish it publicly if we have the okay to do so.
Example Usage:
#!/usr/bin/env python3
import requests
from bsp_nep_hmac import HmacKey, sign
shared_key = '...'
secret_key = '...'
body = {
...
}
headers = {
"nep-organization": "..."
}
key = HmacKey(secret_key, shared_key);
request = sign(requests.Request('POST', 'https://api.ncr.com/...', json=body, headers=heades).prepare(), key)
with requests.Session() as s:
response = s.send(request)
data = response.json()
...
Feature request
Is your feature request related to a problem? Please describe.
Rather than re-implementing my own HMAC algorithm, it would be convenient to have a simple, official NCR HMAC module I could import into my code and use to authenticate and make a BSP API request.
Describe the solution you'd like
A minimal Python 3 pip package that could be installed with one line, something like:
And that I could then use to quickly get the headers I need to make a call to a BSP API:
Describe alternatives you've considered
Additional context
Obviously modules in other languages might be nice to have as well, but my team primarily works in Python - hence the initial request just for a pip library.
There may be some debate about if an HMAC module should be its own, independent pip package or part of some larger "NCR BSP" library. As far as I know HMAC authentication is the only hard custom requirement to use BSP APIs (at least on the client side), so I think packaging it as a lightweight module on its own is justified.