Updating request headers according to request body (Custom Authentication)

[byildiz]

Hi everyone,

I am trying to implement a type of custom authentication by using aiohttp something like the example in this link but I also need request body. Here is an example for requests:

class CustomAuth(AuthBase):
    def __init__(self, secretkey):
        self.secretkey = secretkey

    def get_hash(self, request):
        if request.body:
            data = request.body.decode('utf-8')
        else:
            data = "{}"

        signature = hmac.new(
        	str.encode(self.secretkey),
        	msg=str.encode(data),
            digestmod=hashlib.sha256
        ).hexdigest().upper()
        return signature

    def __call__(self, request):
        request.headers["CUSTOM-AUTH"] = self.get_hash(request)
        return request

I've looked into tracing and BasicAuth but they are useless in my situation. On on_request_start request body is not ready, on on_request_chunk_sent headers have already been sent. A solution like BasicAuth don't have access the request data at all.

Do you have any idea?

Thanks in advance.

[BahmanBinary]

i have this problem too.
can anyone help?

[BahmanBinary]

hi @byildiz
is your problem solved?

[byildiz]

Hi,
I found a workaround: I create request body myself using json dump and give it to aiohttp. So I can do what ever I want with the body.

[byildiz]

I think I should write my workaround as an answer:

I solved my problem by using json.dumps since aiohttp internally uses json.dumps to convert json data to http body by default. Here it is:

aiohttp/aiohttp/client.py

Line 205 in ed19689

json_serialize: JSONEncoder = json.dumps,

You can call json.dumps on the data that you want to sent and you will get the exactly same body with the body aiohttp will create.

[BahmanBinary]

thank u for your help @byildiz