skip to navigation
skip to content

Not Logged In

pyramid_macauth 0.3.0

pyramid_macauth

This is a Pyramid authenitcation plugin for MAC Access Authentication:

http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01

To access resources using MAC Access Authentication, the client must have obtained a set of MAC credentials including an id and secret key. They use these credentials to make signed requests to the server.

When accessing a protected resource, the server will generate a 401 challenge response with the scheme "MAC" as follows:

> GET /protected_resource HTTP/1.1
> Host: example.com

< HTTP/1.1 401 Unauthorized
< WWW-Authenticate: MAC

The client will use their MAC credentials to build a request signature and include it in the Authorization header like so:

> GET /protected_resource HTTP/1.1
> Host: example.com
> Authorization: MAC id="h480djs93hd8",
>                    ts="1336363200",
>                    nonce="dj83hs9s",
>                    mac="bhCQXTVyfj5cmA9uKkPFx1zeOXM="

< HTTP/1.1 200 OK
< Content-Type: text/plain
<
< For your eyes only:  secret data!

This plugin uses the tokenlib library for verifying MAC credentials:

https://github.com/mozilla-services/tokenlib

If this library does not meet your needs, you can provide a custom callback function to decode the MAC id token.

0.3.0 - 2012-11-27

  • Support for Python3 via source-level compatibility.

0.2.0 - 2012-10-04

  • Add encode_mac_id() method as a dual of decode_mac_id().
  • Add "macauth.master_secret" setting to specify the secret used when encoding/decoding MAC Auth tokens.

0.1.1 - 2012-07-11

  • Update tests for compatability with macauthlib>=0.3.0.

0.1.0 - 2012-06-15

  • Initial release; based on repoze.who.plugins.macauth codebase.
 
File Type Py Version Uploaded on Size
pyramid_macauth-0.3.0.tar.gz (md5) Source 2012-11-27 9KB
  • Downloads (All Versions):
  • 5 downloads in the last day
  • 75 downloads in the last week
  • 354 downloads in the last month