toolbelt icon indicating copy to clipboard operation
toolbelt copied to clipboard
verified publisher icon requests

Add support for http-signatures (IETF draft for signing HTTP requests)

Open labeneator opened this issue 8 years ago • 1 comments

http-signatures is a draft ietf standard that allows for tamper proofing of HTTP headers and optionally the request payload.

There are libraries allowing one to use http-signatures however, I think that adding it to the requests toolbelt would be beneficial to the large user base of requests.

The suggested patch would be a subclass of AuthBase as done by SignedRequestAuth in the oracle example implementation here.

Is this acceptable? If so, I can make a PR for it

Cheers, Laban

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

labeneator avatar May 04 '17 14:05 labeneator

I would absolutely accept an implementation of that draft standard but you must implement it yourself and not use Oracle's implementation. I cannot find copyright information about that code so I assume that it is copyright Oracle and I will not violate their copyright.

Cheers,

sigmavirus24 avatar May 05 '17 12:05 sigmavirus24