-
Notifications
You must be signed in to change notification settings - Fork 0
/
python_doc_auth_partial.mustache
108 lines (100 loc) · 4.6 KB
/
python_doc_auth_partial.mustache
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
# Defining the host is optional and defaults to {{{basePath}}}
# See configuration.py for a list of all supported configuration parameters.
configuration = {{{packageName}}}.Configuration(
host = "{{{basePath}}}"
)
{{#hasAuthMethods}}
# The client must configure the authentication and authorization parameters
# in accordance with the API server security policy.
# Examples for each auth method are provided below, use the example that
# satisfies your auth use case.
{{#authMethods}}
{{#isBasic}}
{{#isBasicBasic}}
# Configure HTTP basic authorization: {{{name}}}
configuration = {{{packageName}}}.Configuration(
username = os.environ["USERNAME"],
password = os.environ["PASSWORD"]
)
{{/isBasicBasic}}
{{#isBasicBearer}}
# Configure Bearer authorization{{#bearerFormat}} ({{{.}}}){{/bearerFormat}}: {{{name}}}
configuration = {{{packageName}}}.Configuration(
access_token = os.environ["BEARER_TOKEN"]
)
{{/isBasicBearer}}
{{#isHttpSignature}}
# Configure HTTP message signature: {{{name}}}
# The HTTP Signature Header mechanism that can be used by a client to
# authenticate the sender of a message and ensure that particular headers
# have not been modified in transit.
#
# You can specify the signing key-id, private key path, signing scheme,
# signing algorithm, list of signed headers and signature max validity.
# The 'key_id' parameter is an opaque string that the API server can use
# to lookup the client and validate the signature.
# The 'private_key_path' parameter should be the path to a file that
# contains a DER or base-64 encoded private key.
# The 'private_key_passphrase' parameter is optional. Set the passphrase
# if the private key is encrypted.
# The 'signed_headers' parameter is used to specify the list of
# HTTP headers included when generating the signature for the message.
# You can specify HTTP headers that you want to protect with a cryptographic
# signature. Note that proxies may add, modify or remove HTTP headers
# for legitimate reasons, so you should only add headers that you know
# will not be modified. For example, if you want to protect the HTTP request
# body, you can specify the Digest header. In that case, the client calculates
# the digest of the HTTP request body and includes the digest in the message
# signature.
# The 'signature_max_validity' parameter is optional. It is configured as a
# duration to express when the signature ceases to be valid. The client calculates
# the expiration date every time it generates the cryptographic signature
# of an HTTP request. The API server may have its own security policy
# that controls the maximum validity of the signature. The client max validity
# must be lower than the server max validity.
# The time on the client and server must be synchronized, otherwise the
# server may reject the client signature.
#
# The client must use a combination of private key, signing scheme,
# signing algorithm and hash algorithm that matches the security policy of
# the API server.
#
# See {{{packageName}}}.signing for a list of all supported parameters.
from {{{packageName}}} import signing
import datetime
configuration = {{{packageName}}}.Configuration(
host = "{{{basePath}}}",
signing_info = {{{packageName}}}.HttpSigningConfiguration(
key_id = 'my-key-id',
private_key_path = 'private_key.pem',
private_key_passphrase = 'YOUR_PASSPHRASE',
signing_scheme = {{{packageName}}}.signing.SCHEME_HS2019,
signing_algorithm = {{{packageName}}}.signing.ALGORITHM_ECDSA_MODE_FIPS_186_3,
hash_algorithm = {{{packageName}}}.signing.SCHEME_RSA_SHA256,
signed_headers = [
{{{packageName}}}.signing.HEADER_REQUEST_TARGET,
{{{packageName}}}.signing.HEADER_CREATED,
{{{packageName}}}.signing.HEADER_EXPIRES,
{{{packageName}}}.signing.HEADER_HOST,
{{{packageName}}}.signing.HEADER_DATE,
{{{packageName}}}.signing.HEADER_DIGEST,
'Content-Type',
'Content-Length',
'User-Agent'
],
signature_max_validity = datetime.timedelta(minutes=5)
)
)
{{/isHttpSignature}}
{{/isBasic}}
{{#isApiKey}}
# Configure API key authorization: {{{name}}}
configuration.api_key['{{{name}}}'] = os.environ["API_KEY"]
# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
# configuration.api_key_prefix['{{name}}'] = 'Bearer'
{{/isApiKey}}
{{#isOAuth}}
configuration.access_token = os.environ["ACCESS_TOKEN"]
{{/isOAuth}}
{{/authMethods}}
{{/hasAuthMethods}}