PyAuthTicket

From Free Software Directory
 
Jump to: navigation, search

[edit]

PyAuthTicket

http://code.google.com/p/pyauthticket/
simple HMAC Authentication in Python.

PyAuthTicket uses HMAC to generate a one time ticket based on a secret key, message (optional) and timestamp (defaults to the current time). If both sides know a secret key (ie, an API key), a receiver can verify the identity of a sender by requiring a ticket digest and the timestamp used to create it along with the actual request. To verify the sender, the receiver would create a ticket with the same credentials (key, request, timestamp) and verify it against the provided digest. This does not prevent replay attacks but as the timestamp is provided, a lower threshold can be set to reduce the time window in which replays can run.



Download

http://pyauthticket.googlecode.com/files/pyauthticket-0.1.zip

version 0.1 (alpha)
released on 16 September 2008



User level

Intermediate


Categories





Licensing

License

Verified by

Verified on

Notes

Verified by

Kelly Hopkins

Verified on

5 March 2010




Leaders and contributors

Contact(s)Role
JJ Geewax Maintainer


Resources and communication

Software prerequisites

This entry (in part or in whole) was last reviewed on 5 March 2010.



Entry



















Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.

The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.