Implements RFC 7804 Salted Challenge Response (SCRAM) HTTP Authentication Mechanism for the Requests library.
See flask-scram for a server-side implementation.
Took much inspiration from requests-ntlm2 and requests-gssapi.
Initialize HTTPSCRAMAuth
and pass as the auth
parameter to your request or session:
import requests
from requests_scram import HTTPSCRAMAuth
# specify ``mechanisms`` for supported mechanisms (defaults to all non-PLUS)
auth = HTTPSCRAMAuth("user", "pass")
resp = requests.get("http://localhost:5000", auth=auth)
resp.raise_for_status()
print(resp.text)
- Handle multiple
WWW-Authenticate
headers (server would typically advertise multiple SCRAM authentication mechanisms) - Do something with
Authentication-Info
? - Implement One Round-Trip Reauthentication
Licensed under the MIT License.