Python library for generating a Mastercard API compliant OAuth signature.

Related tags

Authenticationpythonopenapipython3oauth1mastercardoauth1a
Overview

oauth1-signer-python

Table of Contents

Overview

Python library for generating a Mastercard API compliant OAuth signature.

Compatibility

Python 3.6+

References

Usage

Prerequisites

Before using this library, you will need to set up a project in the Mastercard Developers Portal.

As part of this set up, you'll receive credentials for your app:

  • A consumer key (displayed on the Mastercard Developer Portal)
  • A private request signing key (matching the public certificate displayed on the Mastercard Developer Portal)

Adding the Library to Your Project 

pip install mastercard-oauth1-signer

Importing the Code 

import oauth1.authenticationutils as authenticationutils
from oauth1.oauth import OAuth

Loading the Signing Key

A private key object can be created by calling the authenticationutils.load_signing_key method:

signing_key = authenticationutils.load_signing_key('
   
    '
   , '
   
    '
   )

Creating the OAuth Authorization Header

The method that does all the heavy lifting is OAuth.get_authorization_header. You can call into it directly and as long as you provide the correct parameters, it will return a string that you can add into your request's Authorization header.

POST example

uri = 'https://sandbox.api.mastercard.com/service'
payload = 'Hello world!'
authHeader = OAuth.get_authorization_header(uri, 'POST', payload, '
   
    '
   , signing_key)

GET example

uri = 'https://sandbox.api.mastercard.com/service'
authHeader = OAuth.get_authorization_header(uri, 'GET', None, '
   
    '
   , signing_key)

Use of authHeader with requests module (POST and GET example)

headerdict = {'Authorization' : authHeader}
requests.post(uri, headers=headerdict, data=payload)
requests.get(uri, headers=headerdict)

Signing HTTP Client Request Objects

Alternatively, you can use helper classes for some of the commonly used HTTP clients.

These classes will modify the provided request object in-place and will add the correct Authorization header. Once instantiated with a consumer key and private key, these objects can be reused.

Usage briefly described below, but you can also refer to the test project for examples.

Requests: HTTP for Humans™

You can sign request objects using the OAuthSigner class.

Usage:

uri = "https://sandbox.api.mastercard.com/service"
request = Request()
request.method = "POST"
# ...

signer = OAuthSigner(consumer_key, signing_key)
request = signer.sign_request(uri, request)

Usage of the oauth_ext

The requests library supports custom authentication extensions, with which the procedure of creating and calling such requests can simplify the process of request signing. Please, see the examples below:

POST example
from oauth1.oauth_ext import OAuth1RSA
from oauth1.oauth_ext import HASH_SHA256
import requests

uri = 'https://sandbox.api.mastercard.com/service'
oauth = OAuth1RSA(consumer_key, signing_key)
header = {'Content-type' : 'application/json', 'Accept' : 'application/json'}

# Passing payload for data parameter as string
payload = '{"key" : "value"}'
request = requests.post(uri, data=payload, auth=oauth, headers=header)

# Passing payload for data parameter as Json object
payload = {'key' : 'value'}
request = requests.post(uri, data=json.dumps(payload), auth=oauth, headers=header)

# Passing payload for json parameter Json object
payload = {'key' : 'value'}
request = requests.post(uri, json=payload, auth=oauth, headers=header)
GET example
from oauth1.oauth_ext import OAuth1RSA
import requests

uri = 'https://sandbox.api.mastercard.com/service'
oauth = OAuth1RSA(consumer_key, signing_key)

# Operation for get call
request = requests.get(uri, auth=oauth)

Integrating with OpenAPI Generator API Client Libraries

OpenAPI Generator generates API client libraries from OpenAPI Specs. It provides generators and library templates for supporting multiple languages and frameworks.

This project provides you with classes you can use when configuring your API client. These classes will take care of adding the correct Authorization header before sending the request.

Generators currently supported:

python

OpenAPI Generator

Client libraries can be generated using the following command:

java -jar openapi-generator-cli.jar generate -i openapi-spec.yaml -g python -o out

See also:

Usage of the oauth1.signer_interceptor
import openapi_client
from oauth1.signer_interceptor import add_signer_layer

# ...
config = openapi_client.Configuration()
config.host = 'https://sandbox.api.mastercard.com'
client = openapi_client.ApiClient(config)
add_signer_layer(client, '
   
    '
   , '
   
    '
   , '
   
    '
   )
some_api = openapi_client.SomeApi(client)
result = some_api.do_something()
# ...
You might also like...
Doing the OAuth dance with style using Flask, requests, and oauthlib.

Flask-Dance Doing the OAuth dance with style using Flask, requests, and oauthlib. Currently, only OAuth consumers are supported, but this project coul

David Baumgold 802 Feb 22, 2021
Phishing Abusing Microsoft 365 OAuth Authorization Flow
Phishing Abusing Microsoft 365 OAuth Authorization Flow

Microsoft365_devicePhish Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack This is a simple proof-of-concept script that allows an at

bigb0ss 11 Dec 11, 2022
Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack
Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack

Microsoft365_devicePhish Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack This is a simple proof-of-concept script that allows an at

Optiv Security 76 Jan 2, 2023
A module making it easier to manage Discord oAuth with Quart

quart_discord A module making it easier to manage Discord oAuth with Quart Install pip install git+https://github.com/xelA/[email protected] How to

null 5 Oct 27, 2022
Plotly Dash plugin to allow authentication through 3rd party OAuth providers.

dash-auth-external Integrate your dashboards with 3rd parties and external OAuth providers. Overview Do you want to build a Plotly Dash app which pull

James Holcombe 15 Dec 11, 2022
Python module for generating and verifying JSON Web Tokens

python-jwt Module for generating and verifying JSON Web Tokens. Note: From version 2.0.1 the namespace has changed from jwt to python_jwt, in order to

David Halls 210 Dec 24, 2022
Two factor authentication system using azure services and python language and its api's
Two factor authentication system using azure services and python language and its api's

FUTURE READY TALENT VIRTUAL INTERSHIP PROJECT PROJECT NAME - TWO FACTOR AUTHENTICATION SYSTEM Resources used: * Azure functions(python)

BHUSHAN SATISH DESHMUKH 1 Dec 10, 2021
Google Auth Python Library

Google Auth Python Library This library simplifies using Google's various server-to-server authentication mechanisms to access Google APIs. Installing

Google APIs 598 Jan 7, 2023
Python One-Time Password Library
Python One-Time Password Library

PyOTP - The Python One-Time Password Library PyOTP is a Python library for generating and verifying one-time passwords. It can be used to implement tw

PyAuth 2.2k Dec 26, 2022
Comments
  • Deprecation notice about urllib3[secure] Safe

    Deprecation notice about urllib3[secure] Safe

    Description

    Description pyOpenSSL and urllib3[secure] are deprecated in the upcoming release (1.26.12) https://github.com/urllib3/urllib3/issues/2680

    Removed urllib3[secure] and updated pyOpenssl to pyOpenSSL>=0.14

    opened by fyunusa 0
Releases(1.6.0)

  • 1.6.0(Sep 22, 2022)

  • 1.5.0(Oct 11, 2021)

  • 1.4.0(Jul 28, 2021)

    • Fixed issue https://github.com/Mastercard/oauth1-signer-python/issues/35: oauth_signature not encoded in versions 1.2.0 and 1.3.0
    • Fixed security hotspot python:S2245
    • Keep the behavior consistent with other Mastercard OAuth1.0a signer libraries when encoding URL and params
    • The OAuth1RSA module reuse the core functions instead of redefining them
    • sha256_encode: added support for byte payload
    • Moved nonce and timestamp generation function into the utils module
    • get_authorization_header method is now static in OAuth class
    • Added pycodestyle GitHub workflow and fixed sonar scan not running on new Pull Requests
    • Improved code coverage
    Source code(tar.gz)
    Source code(zip)

  • 1.3.0(Jan 18, 2021)

  • 1.2.0(Dec 23, 2020)

    • Added oauth_ext authentication extension for simplifying the requests signing process (https://github.com/Mastercard/oauth1-signer-python/issues/19)
    • Removed unnecessary RFC 3986 encoding of the Authorization header
    • Removed cryptography lib dependency
    Source code(tar.gz)
    Source code(zip)

  • 1.1.3(Jun 27, 2019)

    • Fixed #2 ("If the request does not have an entity body, the hash should be taken over the empty string")
    • Removed unused 'self' param from static functions
    Source code(tar.gz)
    Source code(zip)

  • 1.1.2(Jun 20, 2019)

    • Fixed requirements.txt with missing dependencies
    • Removed unused dependencies from setup.py
    • Updated README.md
    • General clean-up
    • Added Python 3.8-dev to the Travis CI environments
    Source code(tar.gz)
    Source code(zip)

  • 1.1.1(May 30, 2019)

  • 1.1.0(May 30, 2019)

Owner
GitHub Repository https://developer.mastercard.com/platform/documentation/security-and-authentication/using-oauth-1a-to-access-mastercard-apis/
A simple model based API maker written in Python and based on Django and Django REST Framework

Fast DRF Fast DRF is a small library for making API faster with Django and Django REST Framework. It's easy and configurable. Full Documentation here

Mohammad Ashraful Islam 18 Oct 05, 2022
python-social-auth and oauth2 support for django-rest-framework

Django REST Framework Social OAuth2 This module provides OAuth2 social authentication support for applications in Django REST Framework. The aim of th

1k Dec 22, 2022
Connect-4-AI - AI that plays Connect-4 using the minimax algorithm

Connect-4-AI Brief overview I coded up the Connect-4 (or four-in-a-row) game in

Favour Okeke 1 Feb 15, 2022
Flask JWT Router is a Python library that adds authorised routes to a Flask app.

Read the docs: Flask-JWT-Router Flask JWT Router Flask JWT Router is a Python library that adds authorised routes to a Flask app. Both basic & Google'

Joe Gasewicz 52 Jan 03, 2023
Official implementation of the AAAI 2022 paper "Learning Token-based Representation for Image Retrieval"

Token: Token-based Representation for Image Retrieval PyTorch training code for Token-based Representation for Image Retrieval. We propose a joint loc

Hui Wu 42 Dec 06, 2022
An extension of django rest framework, providing a configurable password reset strategy

Django Rest Password Reset This python package provides a simple password reset strategy for django rest framework, where users can request password r

Anexia 363 Dec 24, 2022
A secure authentication module to validate user credentials in a Streamlit application.

Streamlit-Authenticator A secure authentication module to validate user credentials in a Streamlit application. Installation Streamlit-Authenticator i

M Khorasani 336 Dec 31, 2022
A full Rest-API With Oauth2 and JWT for request & response a JSON file Using FastAPI and SQLAlchemy 🔑

Pexon-Rest-API A full Rest-API for request & response a JSON file, Building a Simple WorkFlow that help you to Request a JSON File Format and Handling

Yasser Tahiri 15 Jul 22, 2022
JWT Key Confusion PoC (CVE-2015-9235) Written for the Hack the Box challenge - Under Construction

JWT Key Confusion PoC (CVE-2015-9235) Written for the Hack the Box challenge - Under Construction This script performs a Java Web Token Key Confusion

Alex Fronteddu 1 Jan 13, 2022
Graphical Password Authentication System.

Graphical Password Authentication System. This is used to increase the protection/security of a website. Our system is divided into further 4 layers of protection. Each layer is totally different and

Hassan Shahzad 12 Dec 16, 2022
Some scripts to utilise device code authorization for phishing.

OAuth Device Code Authorization Phishing Some scripts to utilise device code authorization for phishing. High level overview as per the instructions a

Daniel Underhay 6 Oct 03, 2022
Minimal authorization through OO design and pure Ruby classes

Pundit Pundit provides a set of helpers which guide you in leveraging regular Ruby classes and object oriented design patterns to build a simple, robu

Varvet 7.8k Jan 02, 2023
Login qr line & qr image

login-qr-line-qr-image login qr line & qr image python3 & linux ubuntu api source: https://github.com/hert0t/BEAPI-BETA import httpx import qrcode fro

Alif Budiman 1 Dec 27, 2021
Kube OpenID Connect is an application that can be used to easily enable authentication flows via OIDC for a kubernetes cluster

Kube OpenID Connect is an application that can be used to easily enable authentication flows via OIDC for a kubernetes cluster. Kubernetes supports OpenID Connect Tokens as a way to identify users wh

7 Nov 20, 2022
A generic, spec-compliant, thorough implementation of the OAuth request-signing logic

OAuthLib - Python Framework for OAuth1 & OAuth2 *A generic, spec-compliant, thorough implementation of the OAuth request-signing logic for Python 3.5+

OAuthlib 2.5k Jan 01, 2023
CheckList-Api - Created with django rest framework and JWT(Json Web Tokens for Authentication)

CheckList Api created with django rest framework and JWT(Json Web Tokens for Aut

shantanu nimkar 1 Jan 24, 2022
Django CAS 1.0/2.0/3.0 client authentication library, support Django 2.0, 2.1, 2.2, 3.0 and Python 3.5+

django-cas-ng django-cas-ng is Django CAS (Central Authentication Service) 1.0/2.0/3.0 client library to support SSO (Single Sign On) and Single Logou

django-cas-ng 347 Dec 18, 2022
Simplifying third-party authentication for web applications.

Velruse is a set of authentication routines that provide a unified way to have a website user authenticate to a variety of different identity provider

Ben Bangert 253 Nov 14, 2022
Login System Using Django

Login System Django

Nandini Chhajed 6 Dec 12, 2021
MikroTik Authentication POCs

Proofs of concept which successfully authenticate with MikroTik Winbox and MAC Telnet servers running on RouterOS version 6.45.1+

Margin Research 56 Dec 08, 2022