quickrpc.security module

Security Providers.

exception quickrpc.security.SecurityError[source]

Bases: Exception

Security-related error

exception quickrpc.security.InvalidSignatureError[source]

Bases: quickrpc.security.SecurityError

Received message had an invalid signature

exception quickrpc.security.UnknownUserError[source]

Bases: quickrpc.security.SecurityError

User account not found

class quickrpc.security.Security[source]

Bases: object

Base class for Security providers.

A security provider has sec_in and sec_out methods, which are used to process inbound and outbound messages, respectively.

Apart from that, it is up to the security provider what it does to the messages and how it manages authentication.

classmethod fromstring(expression)[source]

Creates a security instance from a given string expression.

The expression must be “<shorthand>:<specific parameters>”, with shorthand being the wanted Security’s .shorthand property. For the specific parameters, see the respective Security’s .fromstring method.

sec_in(payload, secinfo)[source]

Secure an inbound message.

Parameters:
  • payload (bytes) – Payload as received.
  • secinfo (dict of str -> str) – Security headers as received.
Returns:

new_payload (bytes); None indicates that received payload can be used.

The provider can e.g. decrypt the payload and or check the signature (raising an exception on failure).

sec_out(payload)[source]

Secure an outbound message.

Parameters:payload (bytes) – Payload data for the frame.

Returns (secinfo, new_payload):

  • secinfo (dict): security information, dictionary str->str
  • new_payload (bytes): transformed payload; None indicates that original payload can be used.

secinfo can contain arbitrary keys specified by the subclass.

The provider can e.g. calculate a signature and/or encrypt the payload.

shorthand = ''
class quickrpc.security.NullSecurity[source]

Bases: quickrpc.security.Security

no security added, no user management at all (anonymous communication).

Default if nothing is specified.

classmethod fromstring(expression)[source]

Creates a security instance from a given string expression.

The expression must be “<shorthand>:<specific parameters>”, with shorthand being the wanted Security’s .shorthand property. For the specific parameters, see the respective Security’s .fromstring method.

sec_in = None
sec_out = None
shorthand = 'null'
class quickrpc.security.NoSecurity(user='')[source]

Bases: quickrpc.security.Security

Provides transmission of a username, without any checking.

There is no validation or message integrity checking.

Only use this if you absolutely trust each communication endpoint. … Actually, please don’t.

To specify username for outbound messages, set the user attribute.

classmethod fromstring(expression)[source]

Creates a security instance from a given string expression.

The expression must be “<shorthand>:<specific parameters>”, with shorthand being the wanted Security’s .shorthand property. For the specific parameters, see the respective Security’s .fromstring method.

sec_in(payload, secinfo)[source]

does nothing

sec_out(payload)[source]

return self.user as username.

shorthand = 'blindly_believe_everything'