ska.contrib.django.ska package¶
Subpackages¶
- ska.contrib.django.ska.backends package
- ska.contrib.django.ska.integration package
- Subpackages
- ska.contrib.django.ska.integration.drf package
- Subpackages
- ska.contrib.django.ska.integration.drf.permissions package
- Submodules
- ska.contrib.django.ska.integration.drf.permissions.base module
- ska.contrib.django.ska.integration.drf.permissions.constance_permissions module
- ska.contrib.django.ska.integration.drf.permissions.default_permissions module
- Module contents
- ska.contrib.django.ska.integration.drf.urls package
- ska.contrib.django.ska.integration.drf.views package
- ska.contrib.django.ska.integration.drf.permissions package
- Module contents
- Subpackages
- ska.contrib.django.ska.integration.drf package
- Module contents
- Subpackages
- ska.contrib.django.ska.management package
- ska.contrib.django.ska.migrations package
- ska.contrib.django.ska.templatetags package
- ska.contrib.django.ska.tests package
- Submodules
- ska.contrib.django.ska.tests.helpers module
- ska.contrib.django.ska.tests.test_constance_authentication_backend_ module
- ska.contrib.django.ska.tests.test_decorators module
SkaDecoratorsTest
SkaDecoratorsTest.pytestmark
SkaDecoratorsTest.setUp()
SkaDecoratorsTest.test_01_model_decorator()
SkaDecoratorsTest.test_02_view_decorator_with_signed_url()
SkaDecoratorsTest.test_03_view_decorator_with_unsigned_url()
SkaDecoratorsTest.test_04_class_based_view_decorator_with_signed_url()
SkaDecoratorsTest.test_05_class_based_view_decorator_with_unsigned_url()
- ska.contrib.django.ska.tests.test_default_authentication_backend module
SkaAuthenticationBackendTest
SkaAuthenticationBackendTest.pytestmark
SkaAuthenticationBackendTest.setUp()
SkaAuthenticationBackendTest.test_01_login()
SkaAuthenticationBackendTest.test_02_provider_login()
SkaAuthenticationBackendTest.test_03_login_fail_wrong_secret_key()
SkaAuthenticationBackendTest.test_04_provider_login_fail_wrong_secret_key()
SkaAuthenticationBackendTest.test_05_provider_login_fail_wrong_provider()
SkaAuthenticationBackendTest.test_06_purge_stored_signatures_data()
SkaAuthenticationBackendTest.test_07_provider_login_forbidden_email()
SkaAuthenticationBackendTest.test_08_provider_login_forbidden_username()
- ska.contrib.django.ska.tests.test_drf_integration_permissions module
DRFIntegrationPermissionsConstanceTestCase
DRFIntegrationPermissionsConstanceTestCase.pytestmark
DRFIntegrationPermissionsConstanceTestCase.test_permissions_detail_request_not_signed_fail()
DRFIntegrationPermissionsConstanceTestCase.test_permissions_detail_request_signed()
DRFIntegrationPermissionsConstanceTestCase.test_permissions_detail_request_signed_wrong_secret_key_fail()
DRFIntegrationPermissionsConstanceTestCase.test_permissions_list_request_not_signed_fail()
DRFIntegrationPermissionsConstanceTestCase.test_permissions_list_request_signed()
DRFIntegrationPermissionsConstanceTestCase.test_permissions_list_request_signed_wrong_secret_key_fail()
DRFIntegrationPermissionsConstanceTestCase.test_permissions_provider_detail_request_not_signed_fail()
DRFIntegrationPermissionsConstanceTestCase.test_permissions_provider_list_request_not_signed_fail()
DRFIntegrationPermissionsConstanceTestCase.test_provider_permissions_detail_request_signed()
DRFIntegrationPermissionsConstanceTestCase.test_provider_permissions_detail_request_signed_wrong_secret_key_fail()
DRFIntegrationPermissionsConstanceTestCase.test_provider_permissions_list_request_signed()
DRFIntegrationPermissionsConstanceTestCase.test_provider_permissions_list_request_signed_wrong_secret_key_fail()
DRFIntegrationPermissionsTestCase
DRFIntegrationPermissionsTestCase.pytestmark
DRFIntegrationPermissionsTestCase.test_permissions_detail_request_not_signed_fail()
DRFIntegrationPermissionsTestCase.test_permissions_detail_request_signed()
DRFIntegrationPermissionsTestCase.test_permissions_detail_request_signed_wrong_secret_key_fail()
DRFIntegrationPermissionsTestCase.test_permissions_list_request_not_signed_fail()
DRFIntegrationPermissionsTestCase.test_permissions_list_request_signed()
DRFIntegrationPermissionsTestCase.test_permissions_list_request_signed_wrong_secret_key_fail()
DRFIntegrationPermissionsTestCase.test_permissions_provider_detail_request_not_signed_fail()
DRFIntegrationPermissionsTestCase.test_permissions_provider_list_request_not_signed_fail()
DRFIntegrationPermissionsTestCase.test_provider_permissions_detail_request_signed()
DRFIntegrationPermissionsTestCase.test_provider_permissions_detail_request_signed_wrong_secret_key_fail()
DRFIntegrationPermissionsTestCase.test_provider_permissions_list_request_signed()
DRFIntegrationPermissionsTestCase.test_provider_permissions_list_request_signed_wrong_secret_key_fail()
- ska.contrib.django.ska.tests.test_drf_integration_view_jwt_token module
DRFIntegrationViewJwtTokenConstanceTestCase
DRFIntegrationViewJwtTokenConstanceTestCase.pytestmark
DRFIntegrationViewJwtTokenConstanceTestCase.test_obtain_jwt_token_provider_request_signed()
DRFIntegrationViewJwtTokenConstanceTestCase.test_obtain_jwt_token_provider_request_signed_wrong_secret_key_fail()
DRFIntegrationViewJwtTokenConstanceTestCase.test_obtain_jwt_token_request_not_signed_fail()
DRFIntegrationViewJwtTokenConstanceTestCase.test_obtain_jwt_token_request_signed()
DRFIntegrationViewJwtTokenConstanceTestCase.test_obtain_jwt_token_request_signed_wrong_secret_key_fail()
DRFIntegrationViewJwtTokenTestCase
DRFIntegrationViewJwtTokenTestCase.pytestmark
DRFIntegrationViewJwtTokenTestCase.test_obtain_jwt_token_provider_request_signed()
DRFIntegrationViewJwtTokenTestCase.test_obtain_jwt_token_provider_request_signed_wrong_secret_key_fail()
DRFIntegrationViewJwtTokenTestCase.test_obtain_jwt_token_request_not_signed_fail()
DRFIntegrationViewJwtTokenTestCase.test_obtain_jwt_token_request_signed()
DRFIntegrationViewJwtTokenTestCase.test_obtain_jwt_token_request_signed_wrong_secret_key_fail()
- Module contents
- ska.contrib.django.ska.urls package
- ska.contrib.django.ska.views package
Submodules¶
ska.contrib.django.ska.admin module¶
- class ska.contrib.django.ska.admin.SignatureAdmin(model, admin_site)[source]¶
Bases:
ModelAdmin
Signature admin.
- fieldsets = ((None, {'fields': ('signature', 'auth_user', 'valid_until')}), ('Additional', {'classes': ('collapse',), 'fields': ('created',)}))¶
- list_display = ('signature', 'auth_user', 'valid_until', 'created')¶
- list_filter = ('auth_user',)¶
- property media¶
- readonly_fields = ('created',)¶
ska.contrib.django.ska.apps module¶
ska.contrib.django.ska.conf module¶
ska.contrib.django.ska.decorators module¶
validate_signed_request
: Function decorator. Validate request signature. Applies appropriate validation mechanism to the request data. AssumesSKA_SECRET_KEY
to be insettings
module.Arguments to be used with ska.validate_signed_request_data shortcut function.
- param str secret_key:
The shared secret key.
- param str signature_param:
Name of the (for example GET or POST) param name which holds the
signature
value.- param str auth_user_param:
Name of the (for example GET or POST) param name which holds the
auth_user
value.- param str valid_until_param:
Name of the (foe example GET or POST) param name which holds the
valid_until
value.
sign_url
: Method decorator (to be used in models). Signs the URL.Arguments to be used with ska.sign_url shortcut function.
- param str auth_user:
Username of the user making the request.
- param str secret_key:
The shared secret key.
- param float|str valid_until:
Unix timestamp. If not given, generated automatically (now + lifetime).
- param int lifetime:
Signature lifetime in seconds.
- param str suffix:
Suffix to add after the
endpoint_url
and before the appended signature params.- param str signature_param:
Name of the GET param name which would hold the generated signature value.
- param str auth_user_param:
Name of the GET param name which would hold the
auth_user
value.- param str valid_until_param:
Name of the GET param name which would hold the
valid_until
value.
- class ska.contrib.django.ska.decorators.BaseValidateSignedRequest(secret_key: str = 'secret-key', signature_param: str = 'signature', auth_user_param: str = 'auth_user', valid_until_param: str = 'valid_until', extra_param: str = 'extra')[source]¶
Bases:
object
BaseValidateSignedRequest.
- class ska.contrib.django.ska.decorators.MethodValidateSignedRequest(secret_key: str = 'secret-key', signature_param: str = 'signature', auth_user_param: str = 'auth_user', valid_until_param: str = 'valid_until', extra_param: str = 'extra')[source]¶
Bases:
BaseValidateSignedRequest
MethodValidateSignedRequest.
Method decorator. Validate request signature. Applies appropriate validation mechanism to the request data. Assumes
SKA_SECRET_KEY
to be insettings
module.Arguments to be used with ska.validate_signed_request_data shortcut function.
- Attribute str secret_key:
The shared secret key.
- Attribute str signature_param:
Name of the (for example GET or POST) param name which holds the
signature
value.- Attribute str auth_user_param:
Name of the (for example GET or POST) param name which holds the
auth_user
value.- Attribute str valid_until_param:
Name of the (foe example GET or POST) param name which holds the
valid_until
value.- Attribute str extra_param:
Name of the (foe example GET or POST) param name which holds the
extra
value.- Example:
>>> from ska.contrib.django.ska.decorators import m_validate_signed_request >>> >>> class FooDetailView(View): >>> @validate_signed_request() >>> def get(self, request, slug, template_name='foo/detail.html'): >>> # Your code
- class ska.contrib.django.ska.decorators.SignAbsoluteURL(auth_user: str = 'ska-auth-user', secret_key: str = 'secret-key', valid_until: float | str | None = None, lifetime: int = 600, suffix: str = '?', signature_param: str = 'signature', auth_user_param: str = 'auth_user', valid_until_param: str = 'valid_until', extra: Dict[str, bytes | str | float | int] | None = None, extra_param: str = 'extra')[source]¶
Bases:
object
SignAbsoluteURL.
Method decorator (to be used in models). Signs the URL.
Arguments to be used with ska.sign_url shortcut function.
- Attribute str auth_user:
Username of the user making the request.
- Attribute str secret_key:
The shared secret key.
- Attribute float | str valid_until:
Unix timestamp. If not given, generated automatically (now + lifetime).
- Attribute int lifetime:
Signature lifetime in seconds.
- Attribute str suffix:
Suffix to add after the
endpoint_url
and before the appended signature params.- Attribute str signature_param:
Name of the GET param name which would hold the generated signature value.
- Attribute str auth_user_param:
Name of the GET param name which would hold the
auth_user
value.- Attribute str valid_until_param:
Name of the GET param name which would hold the
valid_until
value.- Attribute dict extra:
Dict of extra params to append to signed URL.
- Attribute str extra_param:
Name of the GET param name which would hold the
extra
value.- Example:
>>> from ska.contrib.django.ska.decorators import sign_url >>> >>> class FooItem(models.Model): >>> title = models.CharField(_("Title"), max_length=100) >>> slug = models.SlugField(unique=True, verbose_name=_("Slug")) >>> body = models.TextField(_("Body")) >>> >>> @sign_url() >>> def get_signed_absolute_url(self): >>> return reverse('foo.detail', kwargs={'slug': self.slug})
- class ska.contrib.django.ska.decorators.ValidateSignedRequest(secret_key: str = 'secret-key', signature_param: str = 'signature', auth_user_param: str = 'auth_user', valid_until_param: str = 'valid_until', extra_param: str = 'extra')[source]¶
Bases:
BaseValidateSignedRequest
ValidateSignedRequest.
Function decorator. Validate request signature. Applies appropriate validation mechanism to the request data. Assumes
SKA_SECRET_KEY
to be insettings
module.Arguments to be used with ska.validate_signed_request_data shortcut function.
- Attribute str secret_key:
The shared secret key.
- Attribute str signature_param:
Name of the (for example GET or POST) param name which holds the
signature
value.- Attribute str auth_user_param:
Name of the (for example GET or POST) param name which holds the
auth_user
value.- Attribute str valid_until_param:
Name of the (foe example GET or POST) param name which holds the
valid_until
value.- Attribute str extra_param:
Name of the (foe example GET or POST) param name which holds the
extra
value.- Example:
>>> from ska.contrib.django.ska.decorators import validate_signed_request >>> >>> @validate_signed_request() >>> def detail(request, slug, template_name='foo/detail.html'): >>> # Your code
- ska.contrib.django.ska.decorators.m_validate_signed_request¶
alias of
MethodValidateSignedRequest
- ska.contrib.django.ska.decorators.sign_url¶
alias of
SignAbsoluteURL
- ska.contrib.django.ska.decorators.validate_signed_request¶
alias of
ValidateSignedRequest
ska.contrib.django.ska.defaults module¶
UNAUTHORISED_REQUEST_ERROR_MESSAGE (str): Plain text error message. Defaults to “Unauthorised request. {0}”.
UNAUTHORISED_REQUEST_ERROR_TEMPLATE (str): Path to 401 template that should be rendered in case of 401 responses. Defaults to empty string (not provided).
AUTH_USER (str): Default
auth_user
forska.sign_url
function. Defaults to “ska-auth-user”.USER_GET_CALLBACK (str): User get callback (when user is fetched in auth backend).
USER_VALIDATE_CALLBACK (str): User validate callback (fired before user is created; created to allow custom logic to the user authentication before user object is even created).
USER_CREATE_CALLBACK (str): User create callback (when user is created in auth backend).
USER_INFO_CALLBACK (str): User info callback.
REDIRECT_AFTER_LOGIN (str): Redirect after login.
DB_STORE_SIGNATURES (bool): If set to True, signatures are stored in the database.
DB_PERFORM_SIGNATURE_CHECK (bool): If set to True, an extra check is fired on whether the token has already been used or not.
PROVIDERS (dict): A dictionary where key is the provider UID and the key is another dictionary holding the following provider specific keys: ‘SECRET_KEY’, ‘USER_GET_CALLBACK’, ‘USER_CREATE_CALLBACK’, ‘USER_INFO_CALLBACK’, ‘REDIRECT_AFTER_LOGIN’. Note, that the ‘SECRET_KEY’ is a required key. The rest are optional, and if given, override respectively the values of
ska.contrib.django.ska.settings
.
ska.contrib.django.ska.http module¶
- class ska.contrib.django.ska.http.HttpResponseUnauthorized(content=b'', *args, **kwargs)[source]¶
Bases:
HttpResponseForbidden
HttpResponseUnauthorized.
https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#4xx_Client_Error
- status_code = 401¶
ska.contrib.django.ska.models module¶
- class ska.contrib.django.ska.models.Signature(*args, **kwargs)[source]¶
Bases:
Model
Signature.
- Properties:
signature (str): Signature generated.
auth_user (str): Auth user.
valid_until (datetime.datetime): Valid until.
created (datetime.datetime): Time added.
- exception DoesNotExist¶
Bases:
ObjectDoesNotExist
- exception MultipleObjectsReturned¶
Bases:
MultipleObjectsReturned
- auth_user¶
A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.
- created¶
A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.
- get_next_by_created(*, field=<django.db.models.fields.DateTimeField: created>, is_next=True, **kwargs)¶
- get_next_by_valid_until(*, field=<django.db.models.fields.DateTimeField: valid_until>, is_next=True, **kwargs)¶
- get_previous_by_created(*, field=<django.db.models.fields.DateTimeField: created>, is_next=False, **kwargs)¶
- get_previous_by_valid_until(*, field=<django.db.models.fields.DateTimeField: valid_until>, is_next=False, **kwargs)¶
- id¶
A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.
- objects = <django.db.models.manager.Manager object>¶
- signature¶
A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.
- valid_until¶
A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.
ska.contrib.django.ska.settings module¶
UNAUTHORISED_REQUEST_ERROR_MESSAGE (str): Plain text error message. Defaults to “Unauthorised request. {0}”.
UNAUTHORISED_REQUEST_ERROR_TEMPLATE (str): Path to 401 template that should be rendered in case of 401 responses. Defaults to empty string (not provided).
AUTH_USER (str): Default
auth_user
forska.sign_url
function. Defaults to “ska-auth-user”.SECRET_KEY (str): The shared secret key. Should be defined in settings module as
SKA_SECRET_KEY
.USER_GET_CALLBACK (str): User get callback (when user is fetched in auth backend).
USER_VALIDATE_CALLBACK (str): User validate callback (fired before user is created; created to allow custom logic to the user authentication before user object is even created).
USER_CREATE_CALLBACK (str): User create callback (when user is created in auth backend).
USER_INFO_CALLBACK (str): User info callback.
REDIRECT_AFTER_LOGIN (str): Redirect after login.
DB_STORE_SIGNATURES (bool): If set to True, signatures are stored in the database.
DB_PERFORM_SIGNATURE_CHECK (bool): If set to True, an extra check is fired on whether the token has already been used or not.
PROVIDERS (dict): A dictionary where key is the provider UID and the key is another dictionary holding the following provider specific keys: ‘SECRET_KEY’, ‘USER_GET_CALLBACK’, ‘USER_CREATE_CALLBACK’, ‘USER_INFO_CALLBACK’, ‘REDIRECT_AFTER_LOGIN’. Note, that the ‘SECRET_KEY’ is a required key. The rest are optional, and if given, override respectively the values of
ska.contrib.django.ska.settings
.
ska.contrib.django.ska.utils module¶
- ska.contrib.django.ska.utils.get_provider_data(data: Dict[str, bytes | str | float | int], settings: Dict[str, Dict[str, str]] | None = None) Dict[str, str] | None [source]¶
Obtain the secret key from request data given.
This happens by looking up the secret key by provider param from the request data in the dictionary of
PROVIDERS
defined in settings module. If not found, fall back to thedefault
value given, which is by default the globally set secret key.- Parameters:
data (dict) –
settings (dict) – Settings dict.
- ska.contrib.django.ska.utils.get_secret_key(data: Dict[str, bytes | str | float | int] | None, default: str = 'secret-key') str [source]¶
Obtain the secret key from request data given.
This happens by looking up the secret key by provider param from the request data in the dictionary of
PROVIDERS
defined in settings module. If not found, fall back to thedefault
value given, which is by default the globally set secret key.- Parameters:
data (dict) –
default (string) – Secret key value to be used as default. By default, the globally set secret key is used.