ska package

Submodules

ska.base module

class ska.base.SignatureValidationResult(result, errors=[])[source]

Bases: object

Signature validation result container.

If signature validation result is True, things like this would work:

>>> res = SignatureValidationResult(result=True)
>>> print bool(res)
True
>>> res = SignatureValidationResult(result=False, reason=[error_codes.INVALID_SIGNATURE,])
>>> print bool(res)
False
property message

Human readable message of all errors.

Return string

property reason

For backwards compatibility. Returns list of text messages.

Return list

class ska.base.AbstractSignature(signature, auth_user, valid_until, extra={})[source]

Bases: object

Abstract class for signature generation and validation based on symmetric keys.

Parameters
  • signature (str) –

  • auth_user (str) –

  • valid_until (float|str) –

auth_user
static datetime_to_timestamp(dt)[source]

Human readable datetime according to the format specified in TIMESTAMP_FORMAT.

Parameters

dt (datetime.datetime) –

Return str

static datetime_to_unix_timestamp(dt)[source]

Converts datetime.datetime to Unix timestamp.

Parameters

dt (datetime.datetime) –

Return float

Unix timestamp.

extra
classmethod generate_signature(auth_user, secret_key, valid_until=None, lifetime=600, extra={})[source]

Generates the signature. If timestamp is given, the signature is created using the given timestamp. Otherwise current time is used.

Parameters
  • auth_user (str) –

  • secret_key (str) –

  • valid_until (float|str) – Unix timestamp, valid until.

  • lifetime (int) – Lifetime of the signature in seconds.

  • extra (dict) – Additional variables to be added.

Return str

Example

>>> sig = Signature.generate_signature('user', 'your-secret-key')
EBS6ipiqRLa6TY5vxIvZU30FpnM=
classmethod get_base(auth_user, timestamp, extra={})[source]

Add something here so that timestamp to signature conversion is not that obvious.

Parameters
  • auth_user (string) –

  • timestamp (int) –

  • extra (dict) –

is_expired()[source]

Checks if current signature is expired. Returns True if signature is expired and False otherwise.

Return bool

Example

>>> sig = Signature.generate_signature('user', 'your-secret-key') # Generating the signature
>>> sig.is_expired()
False
classmethod make_hash(auth_user, secret_key, valid_until=None, extra={})[source]

You should implement this method in your signature class.

Parameters
  • auth_user (str) –

  • secret_key (str) –

  • valid_until (float|str) – Unix timestamp, valid until.

  • extra (dict) – Additional variables to be added.

Return str

static make_secret_key(secret_key)[source]

The secret key how its’ supposed to be used in generate signature.

Parameters

secret_key (str) –

Return str

signature
classmethod timestamp_to_date(timestamp, fail_silently=True)[source]

Converts the given timestamp to date. If fail_silently is set to False, raises exceptions if timestamp is not valid timestamp (according to the format we have specified in the TIMESTAMP_FORMAT). Mainly used internally.

Parameters
  • timestamp (str) –

  • fail_silently (bool) –

Return str

classmethod unix_timestamp_to_date(timestamp, fail_silently=True)[source]

Converts the given Unix timestamp to date. If fail_silently is set to False, raises exceptions if timestamp is not valid timestamp.

Parameters
  • timestamp (float|str) – UNIX timestamp. Parsable to float.

  • fail_silently (bool) –

Return str

valid_until
classmethod validate_signature(signature, auth_user, secret_key, valid_until, extra={}, return_object=False)[source]

Validates the signature.

Parameters
  • signature (str) –

  • auth_user (str) –

  • secret_key (str) –

  • valid_until (float|str) – Unix timestamp.

  • extra (dict) – Extra arguments to be validated.

  • return_object (bool) – If set to True, an instance of SignatureValidationResult is returned.

Return bool

Example

>>> Signature.validate_signature(
    'EBS6ipiqRLa6TY5vxIvZU30FpnM=',
    'user',
    'your-secret-key',
    '1377997396.0'
    )
False

ska.defaults module

Application defaults.

  • SIGNATURE_LIFETIME (int): Signature lifetime in seconds. Default value is 600 (seconds).

  • DEFAULT_SIGNATURE_PARAM (str): Default name of the REQUEST param holding the generated signature value. Default value is signature.

  • DEFAULT_AUTH_USER_PARAM (str): Default name of the REQUEST param holding the auth_user value. Default value is auth_user.

  • DEFAULT_VALID_UNTIL_PARAM (str): Default name of the REQUEST param holding the valid_until value. Default value is valid_until.

  • DEFAULT_TIME_ZONE_PARAM (str): Default name of the REQUEST param holding the time_zone value. Default value is time_zone.

  • DEFAULT_EXTRA_PARAM (str): Default name of the REQUEST param holding the extra value. Default value is extra.

  • DEFAULT_PROVIDER_PARAM (str): Default name of the REQUEST param holding the provider value. Default value is provider.

  • DEFAULT_URL_SUFFIX (str): Suffix to add after the endpoint_url and before the appended signature params.

  • DEFAULT_RESERVED_PARAMS (list): List of GET params reserved by default. Users should not be allowed to use them.

ska.error_codes module

class ska.error_codes.ErrorCode(code, message)[source]

Bases: object

Base error code. If you have ever used the following code with validation_result:

>>> human_readable_error = ' '.join(validation_result.reason)

…change it as follows:

>>> human_readable_error = validation_result.message
Property int code

Just an integer code.

Property string message

Human readable represantation of the error message.

code
message

ska.exceptions module

exception ska.exceptions.BaseException[source]

Bases: Exception

Base exception.

exception ska.exceptions.ImproperlyConfigured[source]

Bases: ska.exceptions.BaseException

Exception raised when developer didn’t configure/write the code properly.

exception ska.exceptions.InvalidData[source]

Bases: ska.exceptions.BaseException

Raised when invalid data (tumpered) is detected.

ska.generate_signed_url module

ska.generate_signed_url.main()[source]

Prints signed URL to console.

Example

$ python src/ska/generate_signature.py -au user -sk test

ska.helpers module

ska.helpers.get_callback_func(function)[source]

Takes a string and tries to extract a function from it.

Parameters

function (mixed) – If callable is given, return as is. If string is given, try to extract the function from the string given and return.

Return callable

Returns callable if what’s extracted is callable or None otherwise.

ska.helpers.dict_keys(data, return_string=False)[source]

Gets sorted keys from dictionary given. If return_string argument is set to True, returns keys joined by commas.

Parameters
  • data (dict) –

  • return_string (bool) –

ska.helpers.dict_to_ordered_list(data)[source]

Gets extra as ordered list. Actually, I’m not sure whether I should or should not be using ordereddict here.

Parameters

data (dict) –

Return list

ska.helpers.sorted_urlencode(data, quoted=True)[source]

Similar to built-in urlencode, but always puts data in a sorted constant way that stays the same between varios python versions.

ska.helpers.extract_signed_data(data, extra)[source]

Filters out non-white-listed items from the extra dictionary given.

Parameters
  • data (dict) –

  • extra (list) –

Return dict

ska.shortcuts module

ska.shortcuts.extract_signed_request_data(data, secret_key=None, signature_param='signature', auth_user_param='auth_user', valid_until_param='valid_until', extra_param='extra', validate=False, fail_silently=False, signature_cls=<class 'ska.signatures.hmac_sha1.HMACSHA1Signature'>)[source]

Validates the signed request data.

Parameters
  • data (dict) – Dictionary holding the (HTTP) request (for example GET or POST) data.

  • secret_key (str) – The shared secret key.

  • signature_param (str) – Name of the (for example GET or POST) param name which holds the signature value.

  • auth_user_param (str) – Name of the (for example GET or POST) param name which holds the auth_user value.

  • valid_until_param (str) – Name of the (foe example GET or POST) param name which holds the valid_until value.

  • extra_param (str) – Name of the (foe example GET or POST) param name which holds the extra value.

  • validate (bool) – If set to True, request data is validated before returning the result.

  • fail_silently (bool) – If set to True, exceptions are ommitted.

Return dict

Dictionary with signed request data.

ska.shortcuts.sign_url(auth_user, secret_key, valid_until=None, lifetime=600, url='', suffix='?', signature_param='signature', auth_user_param='auth_user', valid_until_param='valid_until', extra={}, extra_param='extra', signature_cls=<class 'ska.signatures.hmac_sha1.HMACSHA1Signature'>)[source]

Signs the URL.

Parameters
  • auth_user (str) – Username of the user making the request.

  • secret_key (str) – The shared secret key.

  • valid_until (float|str) – Unix timestamp. If not given, generated automatically (now + lifetime).

  • lifetime (int) – Signature lifetime in seconds.

  • url (str) – URL to be signed.

  • suffix (str) – Suffix to add after the endpoint_url and before the appended signature params.

  • signature_param (str) – Name of the GET param name which would hold the generated signature value.

  • auth_user_param (str) – Name of the GET param name which would hold the auth_user value.

  • valid_until_param (str) – Name of the GET param name which would hold the valid_until value.

  • extra (dict) – Extra variables to add to the request.

  • extra_param (str) – Name of the GET param name which would hold the extra_keys value.

Return str

Example

Required imports.

>>> from ska import sign_url

Producing a signed URL.

>>> signed_url = sign_url(
>>>     auth_user='user', secret_key='your-secret_key', lifetime=120,     >>>     url='http://e.com/api/', signature_param=DEFAULT_SIGNATURE_PARAM,
>>>     auth_user_param=DEFAULT_AUTH_USER_PARAM, valid_until_param=DEFAULT_VALID_UNTIL_PARAM,
>>>     extra = {'provider': 'service1.example.com', 'email': 'john.doe@mail.example.com'},
>>>     extra_param = DEFAULT_EXTRA_PARAM
>>> )
http://e.com/api/?valid_until=1378045287.0&auth_user=user&signature=YlZpLFsjUKBalL4x5trhkeEgqE8%3D
ska.shortcuts.signature_to_dict(auth_user, secret_key, valid_until=None, lifetime=600, signature_param='signature', auth_user_param='auth_user', valid_until_param='valid_until', extra={}, extra_param='extra', signature_cls=<class 'ska.signatures.hmac_sha1.HMACSHA1Signature'>)[source]

Returns a dictionary containing the signature data params.

Parameters
  • auth_user (str) – Username of the user making the request.

  • secret_key (str) – The shared secret key.

  • valid_until (float|str) – Unix timestamp. If not given, generated automatically (now + lifetime).

  • lifetime (int) – Signature lifetime in seconds.

  • signature_param (str) – Name of the (for example POST) param name which would hold the generated signature value.

  • auth_user_param (str) – Name of the (for example POST) param name which would hold the auth_user value.

  • valid_until_param (str) – Name of the (for example POST) param name which would hold the valid_until value.

  • extra (dict) – Additional arguments for the signature.

  • extra_param (str) – Name of the (for example POST) param name which would hold the extra keys value.

Return str

Example

Required imports.

>>> from ska import signature_to_dict

Producing a dictionary with signature data.

>>> signature_dict = signature_to_dict(
>>>     auth_user='user', secret_key='your-secret_key', lifetime=120,     >>>     signature_param=DEFAULT_SIGNATURE_PARAM, auth_user_param=DEFAULT_AUTH_USER_PARAM,     >>>     valid_until_param=DEFAULT_VALID_UNTIL_PARAM
>>> )
{
    'signature': 'YlZpLFsjUKBalL4x5trhkeEgqE8=',
    'auth_user': 'user',
    'valid_until': '1378045287.0'
}
ska.shortcuts.validate_signed_request_data(data, secret_key, signature_param='signature', auth_user_param='auth_user', valid_until_param='valid_until', extra_param='extra', signature_cls=<class 'ska.signatures.hmac_sha1.HMACSHA1Signature'>)[source]

Validates the signed request data.

Parameters
  • data (dict) – Dictionary holding the (HTTP) request (for example GET or POST) data.

  • secret_key (str) – The shared secret key.

  • signature_param (str) – Name of the (for example GET or POST) param name which holds the signature value.

  • auth_user_param (str) – Name of the (for example GET or POST) param name which holds the auth_user value.

  • valid_until_param (str) – Name of the (foe example GET or POST) param name which holds the valid_until value.

  • extra_param (str) – Name of the (foe example GET or POST) param name which holds the extra keys value.

Return ska.SignatureValidationResult

A ska.SignatureValidationResult object with the following properties:

  • result (bool): True if data is valid. False otherwise.

  • reason (list): List of strings, indicating validation errors. Empty list in case if result is True.

ska.tests module

class ska.tests.ExtraTest(methodName='runTest')[source]

Bases: unittest.case.TestCase

Test for extra data.

setUp()[source]

Hook method for setting up the test fixture before exercising it.

test_01_sign_url_and_validate_signed_request_data()[source]

Tests for sign_url and validate_signed_request_data shortcut functions.

test_02_sign_url_and_validate_signed_request_data_tumper_extra_keys_remove()[source]

Fail tests for sign_url and validate_signed_request_data shortcut functions, as well as providing the additional data extra and data tumpering extra keys (remove).

test_03_sign_url_and_validate_signed_request_data_tumper_extra_keys_add()[source]

Fail tests for sign_url and validate_signed_request_data shortcut functions, as well as providing the additional data extra and data tumpering extra keys (add).

test_04_sign_url_and_validate_signed_request_data_tumper_extra_keys_add()[source]

Tests for sign_url and validate_signed_request_data shortcut functions, as well as providing the additional data extra and data tumpering extra keys (add) repeated params.

class ska.tests.ShortcutsTest(methodName='runTest')[source]

Bases: unittest.case.TestCase

Tests for sign_url, signature_to_dict and validate_signed_request_data shortcut functions.

setUp()[source]

Hook method for setting up the test fixture before exercising it.

test_01_sign_url_and_validate_signed_request_data()[source]

Tests for sign_url and validate_signed_request_data shortcut functions.

test_02_sign_url_and_validate_signed_request_data_fail()[source]

Fail tests for sign_url and validate_signed_request_data shortcut functions.

test_03_signature_to_dict_and_validate_signed_request_data()[source]

Tests for signature_to_dict and validate_signed_request_data shortcut functions.

class ska.tests.SignatureTest(methodName='runTest')[source]

Bases: unittest.case.TestCase

Tests of ska.Signature class.

setUp()[source]

Hook method for setting up the test fixture before exercising it.

test_01_signature_test()[source]

Signature test.

test_02_signature_test_with_positive_timelap()[source]

Signature test with positive timelap, when signature is made on a host that has a positive (greater) time difference with server. In this particular example, the host time is 5 minutes ahead the server time.

test_03_signature_test_with_negative_timelap()[source]

Fail test. Signature test with negative timelap, when signature is made on a host that has a negative (less) time difference with server. In this particular example, the host time is 5 minutes behind the server time, which exceeds the signature lifetime.

test_04_fail_signature_test()[source]

Fail signature tests.

Fail signature tests related to tiny changes in the ValidationResult class.

class ska.tests.URLHelperTest(methodName='runTest')[source]

Bases: unittest.case.TestCase

Tests of ska.URLHelper class.

setUp()[source]

Hook method for setting up the test fixture before exercising it.

test_01_signature_to_url()[source]

Signature test.

test_02_signature_to_url_fail()[source]

Signature test. Fail test.

ska.tests.parse_url_params(url)[source]

Parses URL params.

Parameters

url (str) –

Return dict

ska.tests.print_info(func)[source]

Prints some useful info.

ska.tests.timestap_to_human_readable(timestamp)[source]

Converts Unix timestamp to human readable string.

Parameters

float

Return str

ska.utils module

class ska.utils.RequestHelper(signature_param='signature', auth_user_param='auth_user', valid_until_param='valid_until', extra_param='extra', signature_cls=<class 'ska.signatures.hmac_sha1.HMACSHA1Signature'>)[source]

Bases: object

Request helper for easy put/extract of signature params from URLs.

Parameters
  • signature_param (str) –

  • auth_user_param (str) –

  • valid_until_param (str) –

  • extra_param (str) –

extract_signed_data(data, secret_key=None, validate=False, fail_silently=False)[source]

Extracts signed data from the request.

signature_to_dict(signature)[source]

Puts signature into a dictionary, which can later on be used to send when sending (POST) requests to the server.

Parameters

signature (ska.Signature) –

Return dict

Example

Required imports.

>>> from ska import Signature, RequestHelper

Generate signature.

>>> signature = Signature.generate_signature(
>>>     auth_user = 'user',
>>>     secret_key = 'your-secret-key'
>>>     )

Create a request helper.

>>> request_helper = RequestHelper(
>>>     signature_param = 'signature',
>>>     auth_user_param = 'auth_user',
>>>     valid_until_param = 'valid_until'
>>> )

Appending signature params to the endpoint URL.

>>> signed_dict = request_helper.signature_to_dict(
>>>     signature = signature
>>> )
{
    'signature': 'YlZpLFsjUKBalL4x5trhkeEgqE8=',
    'auth_user': 'user',
    'valid_until': '1378045287.0'
}
signature_to_url(signature, endpoint_url='', suffix='?')[source]

URL encodes the signature params.

Parameters
  • signature (ska.Signature) –

  • endpoint_url (str) –

  • suffix (str) – Suffix to add after the endpoint_url and before the appended signature params.

Return str

Example

Required imports.

>>> from ska import Signature, RequestHelper

Generate signature.

>>> signature = Signature.generate_signature(
>>>     auth_user = 'user',
>>>     secret_key = 'your-secret-key'
>>>     )

Create a request helper.

>>> request_helper = RequestHelper(
>>>     signature_param = 'signature',
>>>     auth_user_param = 'auth_user',
>>>     valid_until_param = 'valid_until'
>>> )

Appending signature params to the endpoint URL.

>>> url = request_helper.signature_to_url(
>>>     signature = signature,
>>>     endpoint_url = 'http://e.com/api/'
>>> )
http://e.com/api/?valid_until=1378045287.0&auth_user=user&signature=YlZpLFsjUKBalL4x5trhkeEgqE8%3D
validate_request_data(data, secret_key)[source]

Validates the request data.

Parameters
  • data (dict) –

  • secret_key (str) –

Return ska.SignatureValidationResult

Example

If your imaginary HttpRequest object has GET property (dict), then you would validate the request data as follows.

Create a RequestHelper object with param names expected.

Required imports.

>>> from ska import RequestHelper

Create a request helper.

>>> request_helper = RequestHelper(
>>>     signature_param = 'signature',
>>>     auth_user_param = 'auth_user',
>>>     valid_until_param = 'valid_until'
>>> )

Validate the request data.

>>> validation_result = request_helper.validate_request_data(
>>>     data = request.GET,
>>>     secret_key = 'your-secret-key'
>>> )

Module contents

ska.sign_url(auth_user, secret_key, valid_until=None, lifetime=600, url='', suffix='?', signature_param='signature', auth_user_param='auth_user', valid_until_param='valid_until', extra={}, extra_param='extra', signature_cls=<class 'ska.signatures.hmac_sha1.HMACSHA1Signature'>)[source]

Signs the URL.

Parameters
  • auth_user (str) – Username of the user making the request.

  • secret_key (str) – The shared secret key.

  • valid_until (float|str) – Unix timestamp. If not given, generated automatically (now + lifetime).

  • lifetime (int) – Signature lifetime in seconds.

  • url (str) – URL to be signed.

  • suffix (str) – Suffix to add after the endpoint_url and before the appended signature params.

  • signature_param (str) – Name of the GET param name which would hold the generated signature value.

  • auth_user_param (str) – Name of the GET param name which would hold the auth_user value.

  • valid_until_param (str) – Name of the GET param name which would hold the valid_until value.

  • extra (dict) – Extra variables to add to the request.

  • extra_param (str) – Name of the GET param name which would hold the extra_keys value.

Return str

Example

Required imports.

>>> from ska import sign_url

Producing a signed URL.

>>> signed_url = sign_url(
>>>     auth_user='user', secret_key='your-secret_key', lifetime=120,     >>>     url='http://e.com/api/', signature_param=DEFAULT_SIGNATURE_PARAM,
>>>     auth_user_param=DEFAULT_AUTH_USER_PARAM, valid_until_param=DEFAULT_VALID_UNTIL_PARAM,
>>>     extra = {'provider': 'service1.example.com', 'email': 'john.doe@mail.example.com'},
>>>     extra_param = DEFAULT_EXTRA_PARAM
>>> )
http://e.com/api/?valid_until=1378045287.0&auth_user=user&signature=YlZpLFsjUKBalL4x5trhkeEgqE8%3D
ska.signature_to_dict(auth_user, secret_key, valid_until=None, lifetime=600, signature_param='signature', auth_user_param='auth_user', valid_until_param='valid_until', extra={}, extra_param='extra', signature_cls=<class 'ska.signatures.hmac_sha1.HMACSHA1Signature'>)[source]

Returns a dictionary containing the signature data params.

Parameters
  • auth_user (str) – Username of the user making the request.

  • secret_key (str) – The shared secret key.

  • valid_until (float|str) – Unix timestamp. If not given, generated automatically (now + lifetime).

  • lifetime (int) – Signature lifetime in seconds.

  • signature_param (str) – Name of the (for example POST) param name which would hold the generated signature value.

  • auth_user_param (str) – Name of the (for example POST) param name which would hold the auth_user value.

  • valid_until_param (str) – Name of the (for example POST) param name which would hold the valid_until value.

  • extra (dict) – Additional arguments for the signature.

  • extra_param (str) – Name of the (for example POST) param name which would hold the extra keys value.

Return str

Example

Required imports.

>>> from ska import signature_to_dict

Producing a dictionary with signature data.

>>> signature_dict = signature_to_dict(
>>>     auth_user='user', secret_key='your-secret_key', lifetime=120,     >>>     signature_param=DEFAULT_SIGNATURE_PARAM, auth_user_param=DEFAULT_AUTH_USER_PARAM,     >>>     valid_until_param=DEFAULT_VALID_UNTIL_PARAM
>>> )
{
    'signature': 'YlZpLFsjUKBalL4x5trhkeEgqE8=',
    'auth_user': 'user',
    'valid_until': '1378045287.0'
}
ska.validate_signed_request_data(data, secret_key, signature_param='signature', auth_user_param='auth_user', valid_until_param='valid_until', extra_param='extra', signature_cls=<class 'ska.signatures.hmac_sha1.HMACSHA1Signature'>)[source]

Validates the signed request data.

Parameters
  • data (dict) – Dictionary holding the (HTTP) request (for example GET or POST) data.

  • secret_key (str) – The shared secret key.

  • signature_param (str) – Name of the (for example GET or POST) param name which holds the signature value.

  • auth_user_param (str) – Name of the (for example GET or POST) param name which holds the auth_user value.

  • valid_until_param (str) – Name of the (foe example GET or POST) param name which holds the valid_until value.

  • extra_param (str) – Name of the (foe example GET or POST) param name which holds the extra keys value.

Return ska.SignatureValidationResult

A ska.SignatureValidationResult object with the following properties:

  • result (bool): True if data is valid. False otherwise.

  • reason (list): List of strings, indicating validation errors. Empty list in case if result is True.

ska.extract_signed_request_data(data, secret_key=None, signature_param='signature', auth_user_param='auth_user', valid_until_param='valid_until', extra_param='extra', validate=False, fail_silently=False, signature_cls=<class 'ska.signatures.hmac_sha1.HMACSHA1Signature'>)[source]

Validates the signed request data.

Parameters
  • data (dict) – Dictionary holding the (HTTP) request (for example GET or POST) data.

  • secret_key (str) – The shared secret key.

  • signature_param (str) – Name of the (for example GET or POST) param name which holds the signature value.

  • auth_user_param (str) – Name of the (for example GET or POST) param name which holds the auth_user value.

  • valid_until_param (str) – Name of the (foe example GET or POST) param name which holds the valid_until value.

  • extra_param (str) – Name of the (foe example GET or POST) param name which holds the extra value.

  • validate (bool) – If set to True, request data is validated before returning the result.

  • fail_silently (bool) – If set to True, exceptions are ommitted.

Return dict

Dictionary with signed request data.

ska.Signature

alias of ska.signatures.hmac_sha1.HMACSHA1Signature

class ska.RequestHelper(signature_param='signature', auth_user_param='auth_user', valid_until_param='valid_until', extra_param='extra', signature_cls=<class 'ska.signatures.hmac_sha1.HMACSHA1Signature'>)[source]

Bases: object

Request helper for easy put/extract of signature params from URLs.

Parameters
  • signature_param (str) –

  • auth_user_param (str) –

  • valid_until_param (str) –

  • extra_param (str) –

extract_signed_data(data, secret_key=None, validate=False, fail_silently=False)[source]

Extracts signed data from the request.

signature_to_dict(signature)[source]

Puts signature into a dictionary, which can later on be used to send when sending (POST) requests to the server.

Parameters

signature (ska.Signature) –

Return dict

Example

Required imports.

>>> from ska import Signature, RequestHelper

Generate signature.

>>> signature = Signature.generate_signature(
>>>     auth_user = 'user',
>>>     secret_key = 'your-secret-key'
>>>     )

Create a request helper.

>>> request_helper = RequestHelper(
>>>     signature_param = 'signature',
>>>     auth_user_param = 'auth_user',
>>>     valid_until_param = 'valid_until'
>>> )

Appending signature params to the endpoint URL.

>>> signed_dict = request_helper.signature_to_dict(
>>>     signature = signature
>>> )
{
    'signature': 'YlZpLFsjUKBalL4x5trhkeEgqE8=',
    'auth_user': 'user',
    'valid_until': '1378045287.0'
}
signature_to_url(signature, endpoint_url='', suffix='?')[source]

URL encodes the signature params.

Parameters
  • signature (ska.Signature) –

  • endpoint_url (str) –

  • suffix (str) – Suffix to add after the endpoint_url and before the appended signature params.

Return str

Example

Required imports.

>>> from ska import Signature, RequestHelper

Generate signature.

>>> signature = Signature.generate_signature(
>>>     auth_user = 'user',
>>>     secret_key = 'your-secret-key'
>>>     )

Create a request helper.

>>> request_helper = RequestHelper(
>>>     signature_param = 'signature',
>>>     auth_user_param = 'auth_user',
>>>     valid_until_param = 'valid_until'
>>> )

Appending signature params to the endpoint URL.

>>> url = request_helper.signature_to_url(
>>>     signature = signature,
>>>     endpoint_url = 'http://e.com/api/'
>>> )
http://e.com/api/?valid_until=1378045287.0&auth_user=user&signature=YlZpLFsjUKBalL4x5trhkeEgqE8%3D
validate_request_data(data, secret_key)[source]

Validates the request data.

Parameters
  • data (dict) –

  • secret_key (str) –

Return ska.SignatureValidationResult

Example

If your imaginary HttpRequest object has GET property (dict), then you would validate the request data as follows.

Create a RequestHelper object with param names expected.

Required imports.

>>> from ska import RequestHelper

Create a request helper.

>>> request_helper = RequestHelper(
>>>     signature_param = 'signature',
>>>     auth_user_param = 'auth_user',
>>>     valid_until_param = 'valid_until'
>>> )

Validate the request data.

>>> validation_result = request_helper.validate_request_data(
>>>     data = request.GET,
>>>     secret_key = 'your-secret-key'
>>> )
class ska.SignatureValidationResult(result, errors=[])[source]

Bases: object

Signature validation result container.

If signature validation result is True, things like this would work:

>>> res = SignatureValidationResult(result=True)
>>> print bool(res)
True
>>> res = SignatureValidationResult(result=False, reason=[error_codes.INVALID_SIGNATURE,])
>>> print bool(res)
False
property message

Human readable message of all errors.

Return string

property reason

For backwards compatibility. Returns list of text messages.

Return list

class ska.HMACMD5Signature(signature, auth_user, valid_until, extra={})[source]

Bases: ska.base.AbstractSignature

HMAC MD5 signature.

auth_user
extra
classmethod make_hash(auth_user, secret_key, valid_until=None, extra={})[source]
Parameters
  • auth_user (str) –

  • secret_key (str) –

  • valid_until (float|str) – Unix timestamp, valid until.

  • extra (dict) – Additional variables to be added.

Return str

signature
valid_until
class ska.HMACSHA224Signature(signature, auth_user, valid_until, extra={})[source]

Bases: ska.base.AbstractSignature

HMAC SHA-224 signature.

auth_user
extra
classmethod make_hash(auth_user, secret_key, valid_until=None, extra={})[source]
Parameters
  • auth_user (str) –

  • secret_key (str) –

  • valid_until (float|str) – Unix timestamp, valid until.

  • extra (dict) – Additional variables to be added.

Return str

signature
valid_until
class ska.HMACSHA256Signature(signature, auth_user, valid_until, extra={})[source]

Bases: ska.base.AbstractSignature

HMAC SHA-256 signature.

auth_user
extra
classmethod make_hash(auth_user, secret_key, valid_until=None, extra={})[source]
Parameters
  • auth_user (str) –

  • secret_key (str) –

  • valid_until (float|str) – Unix timestamp, valid until.

  • extra (dict) – Additional variables to be added.

Return str

signature
valid_until
class ska.HMACSHA384Signature(signature, auth_user, valid_until, extra={})[source]

Bases: ska.base.AbstractSignature

HMAC SHA-384 signature.

auth_user
extra
classmethod make_hash(auth_user, secret_key, valid_until=None, extra={})[source]
Parameters
  • auth_user (str) –

  • secret_key (str) –

  • valid_until (float|str) – Unix timestamp, valid until.

  • extra (dict) – Additional variables to be added.

Return str

signature
valid_until
class ska.HMACSHA512Signature(signature, auth_user, valid_until, extra={})[source]

Bases: ska.base.AbstractSignature

HMAC SHA-512 signature.

auth_user
extra
classmethod make_hash(auth_user, secret_key, valid_until=None, extra={})[source]
Parameters
  • auth_user (str) –

  • secret_key (str) –

  • valid_until (float|str) – Unix timestamp, valid until.

  • extra (dict) – Additional variables to be added.

Return str

signature
valid_until