requests-ecp#

requests-ecp provides a SAML/ECP authentication handler for Requests that implements the SAML 2.0 ECP Profile.

requests-ecp PyPI version badge requests-ecp Conda-forge version badge requests-ecp DOI badge requests-ecp license badge Supported Python versions badge

Installation#

conda install -c conda-forge requests-ecp

The conda package includes the optional Kerberos Auth plugin from requests-gssapi, which in turn ensures that a working GSSAPI implementation is installed.

Installing with Conda (or Mamba) is the recommended installation method for requests-ecp.

apt-get install python3-requests-ecp

See the IGWN Computing Guide software repositories entry for Debian for instructions on how to configure the required IGWN Debian repositories.

python -m pip install requests-ecp

Default pip install doesn’t include Kerberos Auth support

By default pip install requests-ecp does not bundle Kerberos auth support. This is provided by the requests-gssapi package, which in turn relies on a working installation of GSSAPI (such as MIT Kerberos).

The requests-ecp[kerberos] extra can be used to automatically include requests-gssapi:

python -m pip install requests-ecp[kerberos]

If you need Kerberos auth, and need to install GSSAPI itself on your system, it is recommended that you use Conda to install `requests-ecp`.

yum install python3-requests-ecp

See the IGWN Computing Guide software repositories entries for Scientific Linux 7 or Rocky Linux 8 for instructions on how to configure the required IGWN Yum repositories.

requests-ecp documentation#

ECP authentication wrappers for python-requests.

Basic usage:

>>> from request_ecp import Session
>>> with Session(idp="https://idp.example.com/SAML/SOAP/ECP") as sess:
...     sess.get("https://private.example.com/data")

Classes#

ECPAuthSessionMixin([idp, kerberos, ...])

A mixin for requests.Session to add default ECP Auth.

HTTPECPAuth(idp[, kerberos, username, password])

SAML2/ECP authorisation plugin for requests.

Session([idp, kerberos, username, password])

A requests.Session wrapper with default SAML/ECP authentication.