Metadata-Version: 2.1
Name: authparser
Version: 1.0
Summary: Used to parse http Authentication headers, and to call handlers per scheme.
Home-page: https://github.com/pointw-dev/authparser
Author: Michael Ottoson
Author-email: michael@pointw.com
License: MIT
Description: # authparser
        Used to parse http Authentication headers, and to call handlers per scheme.
        
        Provides
        
        ### AuthParser
        This class does the parsing and dispatches to handler methods per scheme.
        
        `add_handler(scheme, user_record_fn, challenge_fn=None, **kwargs)`
        - Registers an authentication scheme to be handled, and is details
          - **scheme**: (string) the name of the auth scheme, e.g. Basic, Bearer, Digest, etc.
          - **user_record_fn** (callable) the function `get_user_record()` calls after parsing the Authorization header.
            - The function will receive either the token for this scheme, or the params (see RFC 7235).
            - The function can return whatever your application needs, eg. True or False whether the Authoriation is valid, or a whole dict of claims.  `get_user_record()` merely passes what is returned back to your application.  
          - **challenge_fn** (callable) [optional] if specified, `get_challenge_header()` will call this function while building the `WWW-Authenticate` header. 
            - The function receives all kwargs passed to `get_challenge_header()`.  
            - The function should return a dict of name-value pairs which will be added to the scheme's challenge params.  e.g. a Digest challenge (without qop) will issue a challenge similar to: `WWW-Authenticate: Digest nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", realm="pointw.com", opaque="5ccc069c403ebaf9f0171e9517f40e41"`
          - **kwargs** - if any, they are passed through to the handler function.  For example, you may wish to pass the URL being requested, the method being used, or even the entire request object.
        
        
        `clear_handlers()`
        - Clears all handlers.
        
        `get_user_record(auth_header)`
        - Parses the Authorization header and passes the results to the handler for the corresponding scheme.
          - **auth_header** (string) the Authorization header from the request (with or without the starting `Authorization: ` keyword).
        
        `get_challenge_header(**kwargs)`
        - Returns the challenge header based on the handlers previously added.  Call this when forming the response to an unauthorized request.
          - **kwargs** [optional] 
            - set `multi_line=True` to have this method return an array of headers, one item in the array per scheme/handler.
            - all other kwargs are passed to the `challenge_fn` for it to use as it sees fit.  For example, if the request had an `Authorization:` header that had bad credentials, you could pass that fact to the `get_challenge_header()` so it can add details to the challenge header params. e.g. `WWW-Authenticate: Bearer error="invalid_token"`
        
Platform: UNKNOWN
Classifier: Programming Language :: Python :: 3
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Description-Content-Type: text/markdown
