Open labeneator opened 7 years ago
I would absolutely accept an implementation of that draft standard but you must implement it yourself and not use Oracle's implementation. I cannot find copyright information about that code so I assume that it is copyright Oracle and I will not violate their copyright.
Cheers,
http-signatures is a draft ietf standard that allows for tamper proofing of HTTP headers and optionally the request payload.
There are libraries allowing one to use http-signatures however, I think that adding it to the requests toolbelt would be beneficial to the large user base of requests.
The suggested patch would be a subclass of AuthBase as done by SignedRequestAuth in the oracle example implementation here.
Is this acceptable? If so, I can make a PR for it
Cheers, Laban