HMAC based auth handler

from @nimajalali

I'm finalizing a [HMAC](http://en.wikipedia.org/wiki/Hash-based_message_authentication_code) based auth handler. Using Amazon S3 signed and authorized model, more info [here](http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html).

I use it for server to server communication where a pre shared secret is possible. The handler adds to the S3 model by enabling the use of a [nonce](http://en.wikipedia.org/wiki/Cryptographic_nonce).

Should this be under the auth package, possibly auth.HMAC? If so how should I go about adding info to the auth README?

Also, any thoughts on how to incorporate multiple auth handlers? For instance I have API endpoints that are accessed from servers as well as clients. I use this HMAC auth handler to handle server to server auth and another handler for session based auth. Today I have to create two separate endpoints to enable auth from either handler. 


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

HMAC based auth handler #1

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development