ska.contrib.django.ska package

Subpackages

Submodules

ska.contrib.django.ska.admin module

class ska.contrib.django.ska.admin.SignatureAdmin(model, admin_site)[source]

Bases: ModelAdmin

Signature admin.

class Meta[source]

Bases: object

Meta class.

app_label = 'Signature'
fieldsets = ((None, {'fields': ('signature', 'auth_user', 'valid_until')}), ('Additional', {'classes': ('collapse',), 'fields': ('created',)}))
list_display = ('signature', 'auth_user', 'valid_until', 'created')
list_filter = ('auth_user',)
property media
readonly_fields = ('created',)

ska.contrib.django.ska.apps module

class ska.contrib.django.ska.apps.Config(app_name, app_module)[source]

Bases: AppConfig

Config.

label = 'ska'
name = 'ska.contrib.django.ska'

ska.contrib.django.ska.conf module

ska.contrib.django.ska.conf.get_setting(setting, override=None)[source]

Get a setting from ska.contrib.django.ska conf module, falling back to the default.

If override is not None, it will be used instead of the setting.

ska.contrib.django.ska.decorators module

  • validate_signed_request: Function decorator. Validate request signature. Applies appropriate validation mechanism to the request data. Assumes SKA_SECRET_KEY to be in settings module.

    Arguments to be used with ska.validate_signed_request_data shortcut function.

    param str secret_key:

    The shared secret key.

    param str signature_param:

    Name of the (for example GET or POST) param name which holds the signature value.

    param str auth_user_param:

    Name of the (for example GET or POST) param name which holds the auth_user value.

    param str valid_until_param:

    Name of the (foe example GET or POST) param name which holds the valid_until value.

  • sign_url: Method decorator (to be used in models). Signs the URL.

    Arguments to be used with ska.sign_url shortcut function.

    param str auth_user:

    Username of the user making the request.

    param str secret_key:

    The shared secret key.

    param float|str valid_until:

    Unix timestamp. If not given, generated automatically (now + lifetime).

    param int lifetime:

    Signature lifetime in seconds.

    param str suffix:

    Suffix to add after the endpoint_url and before the appended signature params.

    param str signature_param:

    Name of the GET param name which would hold the generated signature value.

    param str auth_user_param:

    Name of the GET param name which would hold the auth_user value.

    param str valid_until_param:

    Name of the GET param name which would hold the valid_until value.

class ska.contrib.django.ska.decorators.BaseValidateSignedRequest(secret_key: str = 'secret-key', signature_param: str = 'signature', auth_user_param: str = 'auth_user', valid_until_param: str = 'valid_until', extra_param: str = 'extra')[source]

Bases: object

BaseValidateSignedRequest.

get_request_data(request: HttpRequest, *args, **kwargs) Dict[str, str][source]
class ska.contrib.django.ska.decorators.MethodValidateSignedRequest(secret_key: str = 'secret-key', signature_param: str = 'signature', auth_user_param: str = 'auth_user', valid_until_param: str = 'valid_until', extra_param: str = 'extra')[source]

Bases: BaseValidateSignedRequest

MethodValidateSignedRequest.

Method decorator. Validate request signature. Applies appropriate validation mechanism to the request data. Assumes SKA_SECRET_KEY to be in settings module.

Arguments to be used with ska.validate_signed_request_data shortcut function.

Attribute str secret_key:

The shared secret key.

Attribute str signature_param:

Name of the (for example GET or POST) param name which holds the signature value.

Attribute str auth_user_param:

Name of the (for example GET or POST) param name which holds the auth_user value.

Attribute str valid_until_param:

Name of the (foe example GET or POST) param name which holds the valid_until value.

Attribute str extra_param:

Name of the (foe example GET or POST) param name which holds the extra value.

Example:

>>> from ska.contrib.django.ska.decorators import m_validate_signed_request
>>>
>>> class FooDetailView(View):
>>>     @validate_signed_request()
>>>     def get(self, request, slug, template_name='foo/detail.html'):
>>>         # Your code
class ska.contrib.django.ska.decorators.SignAbsoluteURL(auth_user: str = 'ska-auth-user', secret_key: str = 'secret-key', valid_until: float | str | None = None, lifetime: int = 600, suffix: str = '?', signature_param: str = 'signature', auth_user_param: str = 'auth_user', valid_until_param: str = 'valid_until', extra: Dict[str, bytes | str | float | int] | None = None, extra_param: str = 'extra')[source]

Bases: object

SignAbsoluteURL.

Method decorator (to be used in models). Signs the URL.

Arguments to be used with ska.sign_url shortcut function.

Attribute str auth_user:

Username of the user making the request.

Attribute str secret_key:

The shared secret key.

Attribute float | str valid_until:

Unix timestamp. If not given, generated automatically (now + lifetime).

Attribute int lifetime:

Signature lifetime in seconds.

Attribute str suffix:

Suffix to add after the endpoint_url and before the appended signature params.

Attribute str signature_param:

Name of the GET param name which would hold the generated signature value.

Attribute str auth_user_param:

Name of the GET param name which would hold the auth_user value.

Attribute str valid_until_param:

Name of the GET param name which would hold the valid_until value.

Attribute dict extra:

Dict of extra params to append to signed URL.

Attribute str extra_param:

Name of the GET param name which would hold the extra value.

Example:

>>> from ska.contrib.django.ska.decorators import sign_url
>>>
>>> class FooItem(models.Model):
>>>     title = models.CharField(_("Title"), max_length=100)
>>>     slug = models.SlugField(unique=True, verbose_name=_("Slug"))
>>>     body = models.TextField(_("Body"))
>>>
>>>     @sign_url()
>>>     def get_signed_absolute_url(self):
>>>         return reverse('foo.detail', kwargs={'slug': self.slug})
class ska.contrib.django.ska.decorators.ValidateSignedRequest(secret_key: str = 'secret-key', signature_param: str = 'signature', auth_user_param: str = 'auth_user', valid_until_param: str = 'valid_until', extra_param: str = 'extra')[source]

Bases: BaseValidateSignedRequest

ValidateSignedRequest.

Function decorator. Validate request signature. Applies appropriate validation mechanism to the request data. Assumes SKA_SECRET_KEY to be in settings module.

Arguments to be used with ska.validate_signed_request_data shortcut function.

Attribute str secret_key:

The shared secret key.

Attribute str signature_param:

Name of the (for example GET or POST) param name which holds the signature value.

Attribute str auth_user_param:

Name of the (for example GET or POST) param name which holds the auth_user value.

Attribute str valid_until_param:

Name of the (foe example GET or POST) param name which holds the valid_until value.

Attribute str extra_param:

Name of the (foe example GET or POST) param name which holds the extra value.

Example:

>>> from ska.contrib.django.ska.decorators import validate_signed_request
>>>
>>> @validate_signed_request()
>>> def detail(request, slug, template_name='foo/detail.html'):
>>>     # Your code
ska.contrib.django.ska.decorators.m_validate_signed_request

alias of MethodValidateSignedRequest

ska.contrib.django.ska.decorators.sign_url

alias of SignAbsoluteURL

ska.contrib.django.ska.decorators.validate_signed_request

alias of ValidateSignedRequest

ska.contrib.django.ska.defaults module

  • UNAUTHORISED_REQUEST_ERROR_MESSAGE (str): Plain text error message. Defaults to “Unauthorised request. {0}”.

  • UNAUTHORISED_REQUEST_ERROR_TEMPLATE (str): Path to 401 template that should be rendered in case of 401 responses. Defaults to empty string (not provided).

  • AUTH_USER (str): Default auth_user for ska.sign_url function. Defaults to “ska-auth-user”.

  • USER_GET_CALLBACK (str): User get callback (when user is fetched in auth backend).

  • USER_VALIDATE_CALLBACK (str): User validate callback (fired before user is created; created to allow custom logic to the user authentication before user object is even created).

  • USER_CREATE_CALLBACK (str): User create callback (when user is created in auth backend).

  • USER_INFO_CALLBACK (str): User info callback.

  • REDIRECT_AFTER_LOGIN (str): Redirect after login.

  • DB_STORE_SIGNATURES (bool): If set to True, signatures are stored in the database.

  • DB_PERFORM_SIGNATURE_CHECK (bool): If set to True, an extra check is fired on whether the token has already been used or not.

  • PROVIDERS (dict): A dictionary where key is the provider UID and the key is another dictionary holding the following provider specific keys: ‘SECRET_KEY’, ‘USER_GET_CALLBACK’, ‘USER_CREATE_CALLBACK’, ‘USER_INFO_CALLBACK’, ‘REDIRECT_AFTER_LOGIN’. Note, that the ‘SECRET_KEY’ is a required key. The rest are optional, and if given, override respectively the values of ska.contrib.django.ska.settings.

ska.contrib.django.ska.http module

class ska.contrib.django.ska.http.HttpResponseUnauthorized(content=b'', *args, **kwargs)[source]

Bases: HttpResponseForbidden

HttpResponseUnauthorized.

https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#4xx_Client_Error

status_code = 401

ska.contrib.django.ska.models module

class ska.contrib.django.ska.models.Signature(*args, **kwargs)[source]

Bases: Model

Signature.

Properties:
  • signature (str): Signature generated.

  • auth_user (str): Auth user.

  • valid_until (datetime.datetime): Valid until.

  • created (datetime.datetime): Time added.

exception DoesNotExist

Bases: ObjectDoesNotExist

exception MultipleObjectsReturned

Bases: MultipleObjectsReturned

auth_user

A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.

created

A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.

get_next_by_created(*, field=<django.db.models.fields.DateTimeField: created>, is_next=True, **kwargs)
get_next_by_valid_until(*, field=<django.db.models.fields.DateTimeField: valid_until>, is_next=True, **kwargs)
get_previous_by_created(*, field=<django.db.models.fields.DateTimeField: created>, is_next=False, **kwargs)
get_previous_by_valid_until(*, field=<django.db.models.fields.DateTimeField: valid_until>, is_next=False, **kwargs)
id

A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.

objects = <django.db.models.manager.Manager object>
signature

A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.

valid_until

A wrapper for a deferred-loading field. When the value is read from this object the first time, the query is executed.

ska.contrib.django.ska.settings module

  • UNAUTHORISED_REQUEST_ERROR_MESSAGE (str): Plain text error message. Defaults to “Unauthorised request. {0}”.

  • UNAUTHORISED_REQUEST_ERROR_TEMPLATE (str): Path to 401 template that should be rendered in case of 401 responses. Defaults to empty string (not provided).

  • AUTH_USER (str): Default auth_user for ska.sign_url function. Defaults to “ska-auth-user”.

  • SECRET_KEY (str): The shared secret key. Should be defined in settings module as SKA_SECRET_KEY.

  • USER_GET_CALLBACK (str): User get callback (when user is fetched in auth backend).

  • USER_VALIDATE_CALLBACK (str): User validate callback (fired before user is created; created to allow custom logic to the user authentication before user object is even created).

  • USER_CREATE_CALLBACK (str): User create callback (when user is created in auth backend).

  • USER_INFO_CALLBACK (str): User info callback.

  • REDIRECT_AFTER_LOGIN (str): Redirect after login.

  • DB_STORE_SIGNATURES (bool): If set to True, signatures are stored in the database.

  • DB_PERFORM_SIGNATURE_CHECK (bool): If set to True, an extra check is fired on whether the token has already been used or not.

  • PROVIDERS (dict): A dictionary where key is the provider UID and the key is another dictionary holding the following provider specific keys: ‘SECRET_KEY’, ‘USER_GET_CALLBACK’, ‘USER_CREATE_CALLBACK’, ‘USER_INFO_CALLBACK’, ‘REDIRECT_AFTER_LOGIN’. Note, that the ‘SECRET_KEY’ is a required key. The rest are optional, and if given, override respectively the values of ska.contrib.django.ska.settings.

ska.contrib.django.ska.utils module

ska.contrib.django.ska.utils.get_provider_data(data: Dict[str, bytes | str | float | int], settings: Dict[str, Dict[str, str]] | None = None) Dict[str, str] | None[source]

Obtain the secret key from request data given.

This happens by looking up the secret key by provider param from the request data in the dictionary of PROVIDERS defined in settings module. If not found, fall back to the default value given, which is by default the globally set secret key.

Parameters:
  • data (dict) –

  • settings (dict) – Settings dict.

ska.contrib.django.ska.utils.get_secret_key(data: Dict[str, bytes | str | float | int] | None, default: str = 'secret-key') str[source]

Obtain the secret key from request data given.

This happens by looking up the secret key by provider param from the request data in the dictionary of PROVIDERS defined in settings module. If not found, fall back to the default value given, which is by default the globally set secret key.

Parameters:
  • data (dict) –

  • default (string) – Secret key value to be used as default. By default, the globally set secret key is used.

ska.contrib.django.ska.utils.purge_signature_data() None[source]

Purge old signature data (valid_until < now).

Module contents