Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
85 lines (60 sloc) 2.98 KB

EscherPython

Installation

Use Python 3.6 or above. Create a local envirioment. Use pip to install escher lib of python. This is a wrapper for the go implementation. This packages requires glibc which makes it unusable with musl libc (e.g.: in alpine linux)

pip install escherauth-go

Usage

After install the package it is ready to be use. See below the examples. The request and response type come from Flask package.

Signing a Request

You can validate a request signed by the methods described above. For that you will need a database of the access keys and secrets of your clients. Escher accepts any kind of object as a key database that implements the ArrayAccess interface.

from flask import Flask, request
from escherauth_go.escher_validator import EscherValidator
from escherauth_go.escher_signer import EscherSignerError

validator = EscherValidator('eu/suite/ems_request',
                            [{'keyId':'EscherExample', 'secret':'Secret', 'acceptOnly':0}],
                            authHeaderName='X-Ems-Auth',
                            dateHeaderName='X-Ems-Date')

def escher_validate(web_request):
    parsed_url = urlparse(web_request.url)
    url = (parsed_url.path + '?' + parsed_url.query).rstrip('?')
    validator.validateRequest(
        web_request.method,
        url,
        web_request.data.decode('utf-8'),
        web_request.headers
    )

 def validate_request(request):
     try:
         escher_validate(request)
     except EscherValidatorError as e:
         return Response('Authorization required {}'.format(e), HTTPStatus.UNAUTHORIZED)

Signing a Request

You can validate a request signed by the methods described above. For that you will need a database of the access keys and secrets of your clients. Escher accepts any kind of object as a key database that implements the ArrayAccess interface. (It also accepts plain arrays, however it is not recommended to use a php array for a database of API secrets - it's just there to ease testing)

import requests
from escherauth_go.escher_signer import EscherSigner,

signer = EscherSigner('EscherExample', 'TheBeginningOfABeautifulFriendship', 'eu/suite/ems_request')

def sign_and_send(body):
    try:
        signed_headers = signer.signRequest(
            'POST',
            '/validate_request',
            body,
            {
                'host': 'localhost:5000'
            })
        signed_headers.update({'Content-Type':'application/json'})
        return requests.post('http://docker.for.mac.localhost:5001/validate_request', data=body, headers= signed_headers)
    except EscherSignerError as e:
        # Handle sign error
You can’t perform that action at this time.