Initial commit

Author: radeklos

.gitignore

@@ -0,0 +1,62 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+env/
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+*.egg-info/
+.installed.cfg
+*.egg
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*,cover
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+target/
+
+# Mr Developer
+.tmuxp.yaml
+.env
+fugu.yml

.isort.cfg

@@ -0,0 +1,9 @@
+[settings]
+line_length=80
+multi_line_output=3
+known_first_party=djangohmac
+default_section=THIRDPARTY
+import_heading_stdlib=Standard Libs
+import_heading_thirdparty=Third Party Libs
+import_heading_firstparty=First Party Libs
+lines_after_imports=2

.pypirc.template

@@ -0,0 +1,7 @@
+[distutils]
+index-servers =
+    pypi
+
+[pypi]
+username:<PYPI_USER>
+password:<PYPI_PASS>

CHANGELOG.rst

@@ -0,0 +1,6 @@
+Change Log
+----------
+
+0.0.1
+~~~~~~~~~
+- Initial release including the core feature set

LICENSE

@@ -0,0 +1,25 @@
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <http://unlicense.org>
+

MANIFEST.in

@@ -0,0 +1,2 @@
+include setup.py README.rst MANIFEST.in CHANGELOG.rst CONTRIBUTORS.rst VERSION.txt
+global-exclude *~

README.rst

@@ -0,0 +1,63 @@
+Flask-HMAC
+==========
+
+|circle| |downloads| |version| |license|
+
+This module provides a middleware for HMAC signature Django views. It's simply designed to check that a client is entitled to access routes, based on the fact
+that it must possess a copy of the secret key.
+
+
+Usage
+-----
+
+settings.py
+~~~~~~~~~~~
+
+.. sourcecode:: python
+
+    INSTALLED_APPS = (
+        # ...
+        'djangohmac',
+    )
+
+    MIDDLEWARE_CLASSES = (
+        # ...
+        'djangohmac.middleware.HmacMiddleware',
+    )
+
+
+Client
+~~~~~~
+
+.. sourcecode:: python
+
+    from djangohmac.sign import shmac
+
+    sig = shmac.make_hmac()  # generate signature
+    response = requests.get(
+        '/hmac_auth_view',
+        headers={hmac.header: sig}
+    )
+
+
+Dev
+---
+
+To run all tests
+
+.. sourcecode::
+
+    docker run -it -v $PWD:/src -w /src ikalnitsky/pythonista tox
+
+
+.. |circle| image:: https://img.shields.io/circleci/project/thisissoon/django-hmac.svg
+    :target: https://circleci.com/gh/thisissoon/django-hmac
+
+.. |downloads| image:: http://img.shields.io/pypi/dm/djangohmac.svg
+    :target: https://pypi.python.org/pypi/djangohmac
+
+.. |version| image:: http://img.shields.io/pypi/v/djangohmac.svg
+    :target: https://pypi.python.org/pypi/djangohmac
+
+.. |license| image:: http://img.shields.io/pypi/l/djangohmac.svg
+    :target: https://pypi.python.org/pypi/djangohmac

VERSION.txt

@@ -0,0 +1 @@
+0.0.1

circle.yml

@@ -0,0 +1,20 @@
+machine:
+  services:
+    - docker
+  environment:
+    REPO: soon/django-hmac
+
+dependencies:
+  override:
+    - docker pull ikalnitsky/pythonista
+
+test:
+  override:
+    - docker run -v $PWD:/src -w /src ikalnitsky/pythonista tox
+
+deployment:
+  pypi:
+    branch: master
+    commands:
+      - sed -e "s/<PYPI_USER>/$PYPI_USER/" -e "s/<PYPI_PASS>/$PYPI_PASS/"< .pypirc.template > ~/.pypirc
+      - sudo python setup.py sdist upload -r pypi

djangohmac/__init__.py

@@ -0,0 +1,14 @@
+# Third Party Libs
+from django.core.exceptions import PermissionDenied
+
+# First Party Libs
+from .sign import HmacException, shmac
+
+
+class HmacMiddleware(object):
+
+    def process_request(self, request):
+        try:
+            shmac.validate_signature(request)
+        except HmacException:
+            raise PermissionDenied()

djangohmac/middleware.py

@@ -0,0 +1,61 @@
+# Standard Libs
+import base64
+import hashlib
+import hmac
+
+# Third Party Libs
+import six
+from django.conf import settings
+
+
+class HmacException(Exception):
+    pass
+
+
+class SecretKeyIsNotSet(HmacException):
+    pass
+
+
+class InvalidSignature(HmacException):
+    pass
+
+
+def encode_string(value):
+    return value.encode('utf-8') if isinstance(value, six.text_type) else value
+
+
+class Hmac(object):
+
+    def __init__(self):
+        self.hmac_key = six.b(settings.HMAC_SECRET)
+        self.header = getattr(settings, 'HMAC_HEADER', 'Signature')
+        self.digestmod = getattr(settings, 'HMAC_DIGESTMOD', hashlib.sha256)
+        self.hmac_disarm = getattr(settings, 'HMAC_DISABLE', False)
+
+    def get_signature(self, request):
+        try:
+            return six.b(request.META[self.header])
+        except KeyError:
+            raise SecretKeyIsNotSet()
+
+    def _hmac_factory(self, data, digestmod=None):
+        return hmac.new(self.hmac_key, data, digestmod=self.digestmod)
+
+    def make_hmac(self, data=''):
+        hmac_token_server = self._hmac_factory(encode_string(data)).digest()
+        hmac_token_server = base64.urlsafe_b64encode(hmac_token_server)
+        return hmac_token_server
+
+    def validate_signature(self, request):
+        if self.hmac_disarm:
+            return True
+        hmac_token_client = self.get_signature(request)
+        hmac_token_server = self.make_hmac(request.body)
+        if hmac_token_client != hmac_token_server:
+            raise InvalidSignature('Signatures are different: {0} {1}'.format(
+                hmac_token_client, hmac_token_server
+            ))
+        return True
+
+
+shmac = Hmac()

djangohmac/sign.py

@@ -0,0 +1,36 @@
+'''
+Dummy django settings
+'''
+
+import os
+
+SECRET_KEY = 'hailthesunshine'
+
+MEDIA_ROOT = os.path.normcase(os.path.dirname(os.path.abspath(__file__)))
+MEDIA_URL = '/media/'
+
+INSTALLED_APPS = (
+    'django.contrib.auth',
+    'django.contrib.sessions',
+    'django.contrib.contenttypes',
+)
+
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.sqlite3',
+        'NAME': ':memory:'
+    }
+}
+
+MIDDLEWARE_CLASSES = (
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.middleware.common.CommonMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'djangohmac.middleware.HmacMiddleware',
+)
+
+HMAC_SECRET = 'HMAC_SECRET'
+# HMAC_HEADER = HMAC_HEADER
+# HMAC_DIGESTMOD = HMAC_DIGESTMOD
+# HMAC_DISABLE = HMAC_DISABLE

settings.py

@@ -0,0 +1,57 @@
+#!/usr/bin/env python
+# encoding: utf-8
+
+# Third Party Libs
+from setuptools import setup
+
+
+# Generate a Long Decription for the PyPi page which is the README.rst
+# Plus the CHANGELOG.rst
+long_description = open('./README.rst').read()
+changelog = open('./CHANGELOG.rst').read()
+long_description += '\n' + changelog
+
+# Get Version
+version = open('./VERSION.txt').read().strip()
+
+
+setup(
+    name='djangohmac',
+    url='https://github.com/thisissoon/django-hmac',
+    version=version,
+    author='SOON_',
+    author_email='[email protected]',
+    description='Provides easy integration of the HMAC signatures for '
+                'your REST Django Applications.',
+    long_description=long_description,
+    packages=[
+        'djangohmac',
+    ],
+    install_requires=[
+        'django',
+        'six',
+        'ipdb'
+    ],
+    classifiers=[
+        'Framework :: Djanog',
+        'Environment :: Web Environment',
+        'Intended Audience :: Developers',
+        'License :: OSI Approved :: MIT License',
+        'Development Status :: 5 - Production/Stable',
+        'Operating System :: OS Independent',
+        'Programming Language :: Python',
+        'Programming Language :: Python :: 2',
+        'Programming Language :: Python :: 2.6',
+        'Programming Language :: Python :: 2.7',
+        'Programming Language :: Python :: 3',
+        'Programming Language :: Python :: 3.3',
+        'Programming Language :: Python :: 3.4',
+        'Topic :: Software Development',
+        'Topic :: Software Development :: Libraries :: Python Modules',
+        'Topic :: Internet :: WWW/HTTP :: Dynamic Content',
+        'License :: Public Domain'
+    ],
+    license='Public Domain',
+    keywords=['Django', 'HMAC', 'REST', 'Views', 'middleware'],
+    test_suite='tests',
+)