drf-httpsig
drf-httpsig copied to clipboard
ahknight
HTTP Signature support for Django REST framework
Hello @ahknight, first of all thank for the great work at `drf-httpsig`. I'm thinking about using this package for signature authentication, but I'm wondering if there's people still maintaining it...
Following lines https://github.com/ahknight/drf-httpsig/blob/master/drf_httpsig/authentication.py#L92-L95 will turn `CONTENT_TYPE` and `CONTENT_LENGTH` keys into `nt-type` and `nt-length` headers.
I test in django==2.1, djangorestframework==3.10.1, httpsig==1.3.0 It work fine
I see code in authenticate() function on this form: ``` if (something) raise FAILED if (something_else) raise FAILED ``` This might make it possible to time where in the process...
Hi. Is this project being actively maintained? I'm considering packaging a django module for http signatures, and wonder which version would be the best choice. The request for a Debian...
The http-signature security audit recommends that server implementations validate the required Date header to be within a 5 minutes skew interval. https://web-payments.org/specs/source/http-signatures-audit/#replay-http Excerp: > As the default scheme is to...
``` "drf_httpsig/authentication.py", line 50, in authenticate_header h = " ".join(required_headers) NameError: name 'required_headers' is not defined ``` This happens only if drf-httpsig is the primary auth method for DRF. May...