Python library for generating a Mastercard API compliant OAuth signature.
Python 3.6+
Before using this library, you will need to set up a project in the Mastercard Developers Portal.
As part of this set up, you'll receive credentials for your app:
- A consumer key (displayed on the Mastercard Developer Portal)
- A private request signing key (matching the public certificate displayed on the Mastercard Developer Portal)
pip install mastercard-oauth1-signer
import oauth1.authenticationutils as authenticationutils
from oauth1.oauth import OAuthA private key object can be created by calling the authenticationutils.load_signing_key method:
signing_key = authenticationutils.load_signing_key('<insert PKCS#12 key file path>', '<insert key password>')The method that does all the heavy lifting is OAuth.get_authorization_header. You can call into it directly and as long as you provide the correct parameters, it will return a string that you can add into your request's Authorization header.
uri = 'https://sandbox.api.mastercard.com/service'
payload = 'Hello world!'
authHeader = OAuth.get_authorization_header(uri, 'POST', payload, '<insert consumer key>', signing_key)uri = 'https://sandbox.api.mastercard.com/service'
authHeader = OAuth.get_authorization_header(uri, 'GET', None, '<insert consumer key>', signing_key)headerdict = {'Authorization' : authHeader}
requests.post(uri, headers=headerdict, data=payload)
requests.get(uri, headers=headerdict)Alternatively, you can use helper classes for some of the commonly used HTTP clients.
These classes will modify the provided request object in-place and will add the correct Authorization header. Once instantiated with a consumer key and private key, these objects can be reused.
Usage briefly described below, but you can also refer to the test project for examples.
You can sign request objects using the OAuthSigner class.
Usage:
uri = "https://sandbox.api.mastercard.com/service"
request = Request()
request.method = "POST"
# …
signer = OAuthSigner(consumer_key, signing_key)
request = signer.sign_request(uri, request)The requests library supports custom authentication extensions, with which the procedure of creating and calling such requests can simplify the process of request signing. Please, see the examples below:
from oauth1.oauth_ext import OAuth1RSA
from oauth1.oauth_ext import HASH_SHA256
import requests
uri = 'https://sandbox.api.mastercard.com/service'
oauth = OAuth1RSA(consumer_key, signing_key)
header = {'Content-type' : 'application/json', 'Accept' : 'application/json'}
# Passing payload for data parameter as string
payload = '{"key" : "value"}'
response = requests.post(uri, data=payload, auth=oauth, headers=header)
# Passing payload for data parameter as Json object
payload = {'key' : 'value'}
response = requests.post(uri, data=json.dumps(payload), auth=oauth, headers=header)
# Passing payload for json parameter Json object
payload = {'key' : 'value'}
response = requests.post(uri, json=payload, auth=oauth, headers=header)from oauth1.oauth_ext import OAuth1RSA
import requests
uri = 'https://sandbox.api.mastercard.com/service'
oauth = OAuth1RSA(consumer_key, signing_key)
# Operation for get call
response = requests.get(uri, auth=oauth)OpenAPI Generator generates API client libraries from OpenAPI Specs. It provides generators and library templates for supporting multiple languages and frameworks.
This project provides you with classes you can use when configuring your API client. These classes will take care of adding the correct Authorization header before sending the request.
Generators currently supported:
Client libraries can be generated using the following command:
openapi-generator-cli generate -i openapi-spec.yaml -g python -o outSee also:
import openapi_client
from oauth1.signer_interceptor import add_signer_layer
# …
config = openapi_client.Configuration()
config.host = 'https://sandbox.api.mastercard.com'
client = openapi_client.ApiClient(config)
add_signer_layer(client, '<insert PKCS#12 key file path>', '<insert key password>', '<insert consumer key>')
some_api = openapi_client.SomeApi(client)
result = some_api.do_something()
# …