search

requests / toolbelt

A toolbelt of useful classes and functions to be used with python-requests
https://toolbelt.readthedocs.org
Other
997 stars 185 forks source link

Add support for http-signatures (IETF draft for signing HTTP requests) #183

Open labeneator opened 7 years ago

labeneator commented 7 years ago

http-signatures is a draft ietf standard that allows for tamper proofing of HTTP headers and optionally the request payload.

There are libraries allowing one to use http-signatures however, I think that adding it to the requests toolbelt would be beneficial to the large user base of requests.

The suggested patch would be a subclass of AuthBase as done by SignedRequestAuth in the oracle example implementation here.

Is this acceptable? If so, I can make a PR for it

Cheers, Laban

--- Want to back this issue? **[Post a bounty on it!](https://www.bountysource.com/issues/44839652-add-support-for-http-signatures-ietf-draft-for-signing-http-requests?utm_campaign=plugin&utm_content=tracker%2F418367&utm_medium=issues&utm_source=github)** We accept bounties via [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F418367&utm_medium=issues&utm_source=github).
sigmavirus24 commented 7 years ago

I would absolutely accept an implementation of that draft standard but you must implement it yourself and not use Oracle's implementation. I cannot find copyright information about that code so I assume that it is copyright Oracle and I will not violate their copyright.

Cheers,