HMAC auth plugin for HTTPie
Switch branches/tags
Clone or download
satterly Merge pull request #4 from guardian/fix-get-auth
Fix a bug with get_auth() function signature
Latest commit c9dbb45 Jan 3, 2017
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore First commit Jan 15, 2016
LICENSE First commit Jan 15, 2016
README.rst Add support for access key for lookup of shared secrets Jan 16, 2016
httpie_hmac_auth.py Fix a bug with get_auth() function signature Jan 3, 2017
setup.py Fix a bug with get_auth() function signature Jan 3, 2017

README.rst

httpie-hmac-auth

HMAC auth plugin for HTTPie.

HTTP requests will be signed with a shared secret key using HMAC. The string to sign format is:

<Method>\n
<Content-MD5>\n
<Content-Type>\n
<Date>\n
<URL>

Example String-to-sign

POST
vVqHE1k/uBRCoWe0FAh95g==
application/json
Tue, 12 Jan 2016 14:57:28 GMT
/api/v1/avatars

Example Authorization Header with HMAC signature

Authorization: HMAC XH+v0qhV4i/89y/DT2OOJx9Kjf3f/0j+w2aGZk625nU=

Installation

$ pip install httpie-hmac-auth

You should now see hmac under --auth-type in $ http --help output.

Usage

$ http --auth-type=hmac --auth='client:secret' example.org

Examples

To authenticate a client request when an access key is required by the server to lookup the shared secret:

$ http --auth-type=hmac --auth="client:secret" example.org

To authenticate a client request when there is no requirement for a client to supply an access key:

$ http --auth-type=hmac --auth=":secret" example.org

License

Copyright (c) 2016 The Guardian. Available under the MIT License.