Unified the default signing algo under one setting.

Setting httpsig.sign.DEFAULT_SIGN_ALGORITHM changes it for all future classes.

Author: ahknight

httpsig/requests_auth.py

@@ -19,8 +19,7 @@ class HTTPSignatureAuth(AuthBase):
     algorithm is one of the six specified algorithms
     headers is a list of http headers to be included in the signing string, defaulting to "Date" alone.
     '''
-    def __init__(self, key_id='', secret='', algorithm='hmac-sha256',
-            headers=None, allow_agent=False):
+    def __init__(self, key_id='', secret='', algorithm=None, headers=None):
         headers = headers or []
         self.header_signer = HeaderSigner(key_id=key_id, secret=secret,
                 algorithm=algorithm, headers=headers)

httpsig/sign.py

@@ -8,14 +8,20 @@
 from .utils import *
 
 
+DEFAULT_SIGN_ALGORITHM = "hmac-sha256"
+
+
 class Signer(object):
     """
     When using an RSA algo, the secret is a PEM-encoded private key.
     When using an HMAC algo, the secret is the HMAC signing secret.
     
     Password-protected keyfiles are not supported.
     """
-    def __init__(self, secret, algorithm='rsa-sha256'):
+    def __init__(self, secret, algorithm=None):
+        if algorithm is None:
+            algorithm = DEFAULT_SIGN_ALGORITHM
+        
         assert algorithm in ALGORITHMS, "Unknown algorithm"
         if isinstance(secret, six.string_types): secret = secret.encode("ascii")
 
@@ -67,12 +73,15 @@ class HeaderSigner(Signer):
     Generic object that will sign headers as a dictionary using the http-signature scheme.
     https://github.com/joyent/node-http-signature/blob/master/http_signing.md
 
-    key_id is the mandatory label indicating to the server which secret to use
-    secret is the filename of a pem file in the case of rsa, a password string in the case of an hmac algorithm
-    algorithm is one of the six specified algorithms
-    headers is a list of http headers to be included in the signing string, defaulting to ['date'].
+    :arg key_id:    the mandatory label indicating to the server which secret to use
+    :arg secret:    a PEM-encoded RSA private key or an HMAC secret (must match the algorithm)
+    :arg algorithm: one of the six specified algorithms
+    :arg headers:   a list of http headers to be included in the signing string, defaulting to ['date'].
     '''
-    def __init__(self, key_id, secret, algorithm='rsa-sha256', headers=None):
+    def __init__(self, key_id, secret, algorithm=None, headers=None):
+        if algorithm is None:
+            algorithm = DEFAULT_SIGN_ALGORITHM
+        
         super(HeaderSigner, self).__init__(secret=secret, algorithm=algorithm)
         self.headers = headers or ['date']
         self.signature_template = build_signature_template(key_id, algorithm, headers)

httpsig/tests/test_signature.py

@@ -6,18 +6,21 @@
 import json
 import unittest
 
-from httpsig.sign import HeaderSigner
+import httpsig.sign as sign
 from httpsig.utils import parse_authorization_header
 
 
+sign.DEFAULT_SIGN_ALGORITHM = "rsa-sha256"
+
+
 class TestSign(unittest.TestCase):
 
     def setUp(self):
         self.key_path = os.path.join(os.path.dirname(__file__), 'rsa_private.pem')
         self.key = open(self.key_path, 'rb').read()
 
     def test_default(self):
-        hs = HeaderSigner(key_id='Test', secret=self.key)
+        hs = sign.HeaderSigner(key_id='Test', secret=self.key)
         unsigned = {
             'Date': 'Thu, 05 Jan 2012 21:31:40 GMT'
         }
@@ -35,7 +38,7 @@ def test_default(self):
         self.assertEqual(params['signature'], 'ATp0r26dbMIxOopqw0OfABDT7CKMIoENumuruOtarj8n/97Q3htHFYpH8yOSQk3Z5zh8UxUym6FYTb5+A0Nz3NRsXJibnYi7brE/4tx5But9kkFGzG+xpUmimN4c3TMN7OFH//+r8hBf7BT9/GmHDUVZT2JzWGLZES2xDOUuMtA=')
 
     def test_all(self):
-        hs = HeaderSigner(key_id='Test', secret=self.key, headers=[
+        hs = sign.HeaderSigner(key_id='Test', secret=self.key, headers=[
             '(request-line)',
             'host',
             'date',