Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Changes access keyword to access_id #4

Merged
merged 2 commits into from
Mar 28, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:
- name: Download a file from S3 using httpie-hmac
env:
HTTPIE_HMAC_SECRET: '${{ secrets.AWS_S3_TEST_SECRET }}'
HTTPIE_HMAC_ACCESS: '${{ secrets.AWS_S3_TEST_ACCESS }}'
HTTPIE_HMAC_ACCESS_ID: '${{ secrets.AWS_S3_TEST_ACCESS }}'
run: |
python3 -m venv venv
source venv/bin/activate
Expand Down
14 changes: 7 additions & 7 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ This plugin extends the functionality to allow different HMAC patterns to be def
The httpie auth should be set to ``hmac`` and the ``--auth`` field contains key-value pairs to configure the plugin, the keys are:

* ``secret`` - base64 encoded secret to be used in the HMAC
* ``access`` - (Optional) String access token / id used to identify the user depending on the schema
* ``access_id`` - (Optional) String access token / id used to identify the user depending on the schema
* ``format`` - (Optional) Sets a pre-defined format or a python file to process the headers

Key-value pairs can also be set using environment variables starting with `HTTPIE_HMAC_`.
Expand All @@ -16,10 +16,10 @@ For example:

``` bash
http --auth-type=hmac --auth="secret:some_secret" GET http://localhost:8000
http --auth-type=hmac --auth="secret:7Ez...wVA,access:AK...6R,format:aws4" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt
http --auth-type=hmac --auth="secret:7Ez...wVA,access_id:AK...6R,format:aws4" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt

export HTTPIE_HMAC_SECRET=7Ez...wVA
export HTTPIE_HMAC_ACCESS=AK...6R
export HTTPIE_HMAC_ACCESS_ID=AK...6R
export HTTPIE_HMAC_FORMAT=aws4
httpie --auth-type=hmac --auth="" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt
```
Expand All @@ -31,7 +31,7 @@ httpie --auth-type=hmac --auth="" GET https://my_bucket.s3.eu-west-2.amazonaws.c
AWS4 uses the `AWSRequestsAuth` library to generate the required AWS auth header. It will attempt to get the required information from the provided URL, however the host, region and service fields can be set manually:

```
http --auth-type=hmac --auth="secret:7Ez...wVA,access:AK...6R,host:my_bucket.s3.eu-west-2.amazonaws.com,service:s3,region:eu-west-2:format:aws4" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt
http --auth-type=hmac --auth="secret:7Ez...wVA,access_id:AK...6R,host:my_bucket.s3.eu-west-2.amazonaws.com,service:s3,region:eu-west-2:format:aws4" GET https://my_bucket.s3.eu-west-2.amazonaws.com/file.txt
```

### Simple (simple)
Expand All @@ -50,7 +50,7 @@ This string is signed using the sha256 HMAC. The resulting signature is placed i

```
Authorization: HMAC [signature]
Authorization: HMAC [access]:[signature]
Authorization: HMAC [access_id]:[signature]
```

## Custom Format
Expand All @@ -75,11 +75,11 @@ class HmacAuthCustom(HmacGenerate):
hashlib.sha256).digest()
signature = base64.b64encode(digest).rstrip().decode('utf-8')

if request.access_key is None or request.access_key == '':
if request.access_id is None or request.access_id == '':
request.inner.headers['Authorization'] = f"HMAC {signature}"
else:
request.inner.headers['Authorization'] = \
f"HMAC {request.access_key}:{signature}"
f"HMAC {request.access_id}:{signature}"

return request.inner
```
Expand Down
22 changes: 11 additions & 11 deletions httpie_hmac/httpie_hmac.py
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@

@dataclass
class RequestData:
access_key: str
access_id: str
secret_key: str
method: str
content_type: str
Expand All @@ -49,11 +49,11 @@ def generate(request):
hashlib.sha256).digest()
signature = base64.b64encode(digest).rstrip().decode('utf-8')

if request.access_key is None or request.access_key == '':
if request.access_id is None or request.access_id == '':
request.inner.headers['Authorization'] = f"HMAC {signature}"
else:
request.inner.headers['Authorization'] = \
f"HMAC {request.access_key}:{signature}"
f"HMAC {request.access_id}:{signature}"

return request.inner

Expand Down Expand Up @@ -91,7 +91,7 @@ def generate(request):
service = request.raw_settings["service"]

auth = AWSRequestsAuth(
aws_access_key=request.access_key,
aws_access_key=request.access_id,
aws_secret_access_key=request.secret_key,
aws_host=host,
aws_region=region,
Expand All @@ -108,8 +108,8 @@ def generate(request):


class HmacAuth:
def __init__(self, access_key, secret_key, format, raw_settings):
self.access_key = access_key
def __init__(self, access_id, secret_key, format, raw_settings):
self.access_id = access_id
self.secret_key = secret_key
self.use_custom = False
self.formatter = None
Expand Down Expand Up @@ -170,7 +170,7 @@ def __call__(self, r):

# Call the formatter to add the required headers and return r
return self.formatter.generate(
RequestData(self.access_key, self.secret_key,
RequestData(self.access_id, self.secret_key,
method, content_type, content_md5, http_date, path,
self.raw_settings, r)
)
Expand Down Expand Up @@ -198,7 +198,7 @@ def get_auth(self, username=None, password=None):
key = setting[0].split("HTTPIE_HMAC_")[1].lower()
settings[key] = setting[1]

access = settings.get("access", None)
access_id = settings.get("access_id", None)
secret = settings.get("secret", None)
format = settings.get("format", None)

Expand All @@ -208,8 +208,8 @@ def get_auth(self, username=None, password=None):
key, value = entry.strip().split(":")
key = key.strip()
value = value.strip()
if key == "access":
access = value
if key == "access_id":
access_id = value
elif key == "secret":
secret = value
elif key == "format":
Expand All @@ -219,4 +219,4 @@ def get_auth(self, username=None, password=None):
if secret is None or secret == '':
raise ValueError('HMAC secret key cannot be empty.')

return HmacAuth(access, secret, format, settings)
return HmacAuth(access_id, secret, format, settings)
2 changes: 1 addition & 1 deletion pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"

[project]
name = "httpie-hmac"
version = "1.0.0"
version = "1.1.0"
authors = [
{name = "Martyn Pittuck-Schols", email = "[email protected]"},
]
Expand Down