Metadata-Version: 2.0
Name: dciauth
Version: 2.0.2
Summary: DCI authentication module used by dci-control-server and python-dciclient
Home-page: https://github.com/redhat-cip/python-dciauth
Author: Distributed CI team
Author-email: distributed-ci@redhat.com
License: Apache v2.0
Description-Content-Type: UNKNOWN
Platform: UNKNOWN
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Information Technology
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Operating System :: POSIX :: Linux
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 3
Classifier: Topic :: Security :: Cryptography

# python-dciauth

DCI authentication module used by dci-control-server and python-dciclient

This section shows example programs written in python that illustrate how to work with Signature Version 4 in DCI. The algorithm used by dciauth is similar to [Signature Version 4 in AWS](http://docs.aws.amazon.com/general/latest/gr/sigv4-signed-request-examples.html).

## Signing example:

```python
import requests

from dciauth.signature import Signature
from dciauth.request import AuthRequest

auth_request = AuthRequest(endpoint='/api/v1/jobs')
headers = Signature(request=auth_request).generate_headers('remoteci', 'client_id', 'secret')
r = requests.get('http://127.0.0.1:5000/api/v1/jobs', headers=headers)
assert r.status_code == 200
```

Here we are signing the GET request with `secret` and generate headers used by `requests` module.

## Validation example


```python
    from flask import request

    from dciauth.signature import Signature
    from dciauth.request import AuthRequest

    auth_request = AuthRequest(
        method=request.method,
        endpoint=request.path,
        payload=request.get_json(silent=True),
        headers=request.headers,
        params=request.args.to_dict(flat=True)
    )
    signature = Signature(request=auth_request)
    if not signature.is_valid('secret'):
        raise Exception("Authentication failed: signature invalid")
    if signature.is_expired():
        raise Exception("Authentication failed: signature expired")
```

## License

Apache 2.0


## Author Information

Distributed-CI Team  <distributed-ci@redhat.com>


