From 14679e62b7bf48e4a5b8a86d339d5a614ff43502 Mon Sep 17 00:00:00 2001 From: ibuler Date: Wed, 24 Jul 2019 19:24:29 +0800 Subject: [PATCH] =?UTF-8?q?[Update]=20=E4=BF=AE=E6=94=B9=E4=BE=9D=E8=B5=96?= =?UTF-8?q?=E7=89=88=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- drf_httpsig/authentication.py | 18 +++++++++--------- requirements.txt | 6 +++--- setup.py | 6 +++--- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/drf_httpsig/authentication.py b/drf_httpsig/authentication.py index caf604a..0021617 100644 --- a/drf_httpsig/authentication.py +++ b/drf_httpsig/authentication.py @@ -18,6 +18,7 @@ """ FAILED = exceptions.AuthenticationFailed('Invalid signature.') + class SignatureAuthentication(authentication.BaseAuthentication): """ DRF authentication class for HTTP Signature support. @@ -38,7 +39,7 @@ class SignatureAuthentication(authentication.BaseAuthentication): www_authenticate_realm = "api" required_headers = ["(request-target)", "date"] - def fetch_user_data(self, keyId, algorithm=None): + def fetch_user_data(self, key_id, algorithm=None): """Retuns a tuple (User, secret) or (None, None).""" raise NotImplementedError() @@ -47,7 +48,7 @@ def authenticate_header(self, request): DRF sends this for unauthenticated responses if we're the primary authenticator. """ - h = " ".join(required_headers) + h = " ".join(self.required_headers) return 'Signature realm="%s",headers="%s"' % (self.www_authenticate_realm, h) def authenticate(self, request): @@ -73,14 +74,14 @@ def authenticate(self, request): raise FAILED # Ensure all required fields were included. - if len(set(("keyid","algorithm","signature")) - set(fields.keys())) > 0: + if len({"keyid", "algorithm", "signature"} - set(fields.keys())) > 0: raise FAILED # Fetch the secret associated with the keyid user, secret = self.fetch_user_data( fields["keyid"], algorithm=fields["algorithm"] - ) + ) if not (user and secret): raise FAILED @@ -90,11 +91,10 @@ def authenticate(self, request): headers = {} for key in request.META.keys(): if key.startswith("HTTP_") or \ - key in ("CONTENT_TYPE", "CONTENT_LENGTH"): - + key in ("CONTENT_TYPE", "CONTENT_LENGTH"): header = key[5:].lower().replace('_', '-') headers[header] = request.META[key] - + # Verify headers hs = HeaderVerifier( headers, @@ -102,10 +102,10 @@ def authenticate(self, request): required_headers=self.required_headers, method=request.method.lower(), path=request.get_full_path() - ) + ) # All of that just to get to this. if not hs.verify(): raise FAILED - return (user, fields["keyid"]) + return user, fields["keyid"] diff --git a/requirements.txt b/requirements.txt index 4bc92ea..34181d0 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ # Known to work with these versions. Versions bracketed for safety. -httpsig<2 -djangorestframework<3 -django<=1.7 +djangorestframework>3 +django>=1.7 +httpsig>=1.3.0 diff --git a/setup.py b/setup.py index 9889c03..4d5428c 100755 --- a/setup.py +++ b/setup.py @@ -39,8 +39,8 @@ setup_requires=['pytest-runner', 'setuptools_scm'], tests_require=['pytest', 'pytest-django'], install_requires=[ - 'djangorestframework<3', - 'django<=1.7', - 'httpsig<2' + 'djangorestframework>3', + 'django>=1.7', + 'httpsig>=1.3.0' ] )