diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 9306c9e..c1fec43 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -24,7 +24,7 @@ jobs: - name: Download a file from S3 using httpie-hmac env: HTTPIE_HMAC_SECRET: '${{ secrets.AWS_S3_TEST_SECRET }}' - HTTPIE_HMAC_ACCESS: '${{ secrets.AWS_S3_TEST_ACCESS }}' + HTTPIE_HMAC_ACCESS_ID: '${{ secrets.AWS_S3_TEST_ACCESS }}' run: | python3 -m venv venv source venv/bin/activate diff --git a/README.md b/README.md index f688a02..bf18a1a 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ This plugin extends the functionality to allow different HMAC patterns to be def The httpie auth should be set to ``hmac`` and the ``--auth`` field contains key-value pairs to configure the plugin, the keys are: * ``secret`` - base64 encoded secret to be used in the HMAC -* ``access`` - (Optional) String access token / id used to identify the user depending on the schema +* ``access_id`` - (Optional) String access token / id used to identify the user depending on the schema * ``format`` - (Optional) Sets a pre-defined format or a python file to process the headers Key-value pairs can also be set using environment variables starting with `HTTPIE_HMAC_`. @@ -16,10 +16,10 @@ For example: ``` bash http --auth-type=hmac --auth="secret:some_secret" GET http://localhost:8000 -http --auth-type=hmac --auth="secret:7Ez...wVA,access:AK...6R,format:aws4" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt +http --auth-type=hmac --auth="secret:7Ez...wVA,access_id:AK...6R,format:aws4" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt export HTTPIE_HMAC_SECRET=7Ez...wVA -export HTTPIE_HMAC_ACCESS=AK...6R +export HTTPIE_HMAC_ACCESS_ID=AK...6R export HTTPIE_HMAC_FORMAT=aws4 httpie --auth-type=hmac --auth="" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt ``` @@ -31,7 +31,7 @@ httpie --auth-type=hmac --auth="" GET https://my_bucket.s3.eu-west-2.amazonaws.c AWS4 uses the `AWSRequestsAuth` library to generate the required AWS auth header. It will attempt to get the required information from the provided URL, however the host, region and service fields can be set manually: ``` -http --auth-type=hmac --auth="secret:7Ez...wVA,access:AK...6R,host:my_bucket.s3.eu-west-2.amazonaws.com,service:s3,region:eu-west-2:format:aws4" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt +http --auth-type=hmac --auth="secret:7Ez...wVA,access_id:AK...6R,host:my_bucket.s3.eu-west-2.amazonaws.com,service:s3,region:eu-west-2:format:aws4" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt ``` ### Simple (simple) @@ -50,7 +50,7 @@ This string is signed using the sha256 HMAC. The resulting signature is placed i ``` Authorization: HMAC [signature] -Authorization: HMAC [access]:[signature] +Authorization: HMAC [access_id]:[signature] ``` ## Custom Format @@ -75,11 +75,11 @@ class HmacAuthCustom(HmacGenerate): hashlib.sha256).digest() signature = base64.b64encode(digest).rstrip().decode('utf-8') - if request.access_key is None or request.access_key == '': + if request.access_id is None or request.access_id == '': request.inner.headers['Authorization'] = f"HMAC {signature}" else: request.inner.headers['Authorization'] = \ - f"HMAC {request.access_key}:{signature}" + f"HMAC {request.access_id}:{signature}" return request.inner ``` diff --git a/httpie_hmac/httpie_hmac.py b/httpie_hmac/httpie_hmac.py index 426d150..a50977e 100644 --- a/httpie_hmac/httpie_hmac.py +++ b/httpie_hmac/httpie_hmac.py @@ -23,7 +23,7 @@ @dataclass class RequestData: - access_key: str + access_id: str secret_key: str method: str content_type: str @@ -49,11 +49,11 @@ def generate(request): hashlib.sha256).digest() signature = base64.b64encode(digest).rstrip().decode('utf-8') - if request.access_key is None or request.access_key == '': + if request.access_id is None or request.access_id == '': request.inner.headers['Authorization'] = f"HMAC {signature}" else: request.inner.headers['Authorization'] = \ - f"HMAC {request.access_key}:{signature}" + f"HMAC {request.access_id}:{signature}" return request.inner @@ -91,7 +91,7 @@ def generate(request): service = request.raw_settings["service"] auth = AWSRequestsAuth( - aws_access_key=request.access_key, + aws_access_key=request.access_id, aws_secret_access_key=request.secret_key, aws_host=host, aws_region=region, @@ -108,8 +108,8 @@ def generate(request): class HmacAuth: - def __init__(self, access_key, secret_key, format, raw_settings): - self.access_key = access_key + def __init__(self, access_id, secret_key, format, raw_settings): + self.access_id = access_id self.secret_key = secret_key self.use_custom = False self.formatter = None @@ -170,7 +170,7 @@ def __call__(self, r): # Call the formatter to add the required headers and return r return self.formatter.generate( - RequestData(self.access_key, self.secret_key, + RequestData(self.access_id, self.secret_key, method, content_type, content_md5, http_date, path, self.raw_settings, r) ) @@ -198,7 +198,7 @@ def get_auth(self, username=None, password=None): key = setting[0].split("HTTPIE_HMAC_")[1].lower() settings[key] = setting[1] - access = settings.get("access", None) + access_id = settings.get("access_id", None) secret = settings.get("secret", None) format = settings.get("format", None) @@ -208,8 +208,8 @@ def get_auth(self, username=None, password=None): key, value = entry.strip().split(":") key = key.strip() value = value.strip() - if key == "access": - access = value + if key == "access_id": + access_id = value elif key == "secret": secret = value elif key == "format": @@ -219,4 +219,4 @@ def get_auth(self, username=None, password=None): if secret is None or secret == '': raise ValueError('HMAC secret key cannot be empty.') - return HmacAuth(access, secret, format, settings) + return HmacAuth(access_id, secret, format, settings) diff --git a/pyproject.toml b/pyproject.toml index 3360b79..af5de4a 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta" [project] name = "httpie-hmac" -version = "1.0.0" +version = "1.1.0" authors = [ {name = "Martyn Pittuck-Schols", email = "12006448+martynp@users.noreply.github.com"}, ]