skip to navigation
skip to content

pyramid_hawkauth 2.0.0

A Pyramid authentication plugin for HAWK

This is a Pyramid authenitcation plugin for Hawk Access Authentication:

To access resources using Hawk Access Authentication, the client must have obtained a set of Hawk credentials including an id and secret key. They use these credentials to make signed requests to the server.

When accessing a protected resource, the server will generate a 401 challenge response with the scheme “Hawk” as follows:

> GET /protected_resource HTTP/1.1
> Host:

< HTTP/1.1 401 Unauthorized
< WWW-Authenticate: Hawk

The client will use their Hawk credentials to build a request signature and include it in the Authorization header like so:

> GET /protected_resource HTTP/1.1
> Host:
> Authorization: Hawk id="h480djs93hd8",
>                     ts="1336363200",
>                     nonce="dj83hs9s",
>                     mac="bhCQXTVyfj5cmA9uKkPFx1zeOXM="

< HTTP/1.1 200 OK
< Content-Type: text/plain
< For your eyes only:  secret data!

This plugin uses the tokenlib library for verifying Hawk credentials:

If this library does not meet your needs, you can provide a custom callback function to decode the Hawk id token.

2.0.0 - 2018-01-10

  • Update use of tokenlib API for v0.3 and later.
  • Py27, Py35 compatible; thanks @return42!

v0.1.0 - 2014-13-01

  • Initial release, based on pyramid_macauth codebase.
File Type Py Version Uploaded on Size
pyramid_hawkauth-2.0.0-py2.py3-none-any.whl (md5) Python Wheel py2.py3 2018-01-10 21KB
pyramid_hawkauth-2.0.0.tar.gz (md5) Source 2018-01-10 10KB