Summary
The authorization_header() and related functions build HMAC-SHA1 signatures from (method, content, content_type, date, request_path). This is ideal for property-based testing.
Benefits
- Determinism: Same inputs should always produce the same output — trivial to verify with
@given(st.text(), st.binary(), ...)
- Robustness: Edge cases — empty content, Unicode, very long strings, special characters in method/path — would be systematically explored
- No crashes:
authorization_header should never raise on valid-type inputs
Suggested properties
authorization_header(access_key=k, secret_key=s, method=m, content=c, ...) is deterministic for fixed inputs- Empty
content (None, b"", "") is handled correctly
- Unicode in
content is encoded without crashing
- Arbitrary
request_path strings (including special chars) produce valid output
Note
.hypothesis/ is already in .gitignore, suggesting Hypothesis may have been considered. No implementation exists yet.
Summary
The
authorization_header()and related functions build HMAC-SHA1 signatures from(method, content, content_type, date, request_path). This is ideal for property-based testing.Benefits
@given(st.text(), st.binary(), ...)authorization_headershould never raise on valid-type inputsSuggested properties
authorization_header(access_key=k, secret_key=s, method=m, content=c, ...)is deterministic for fixed inputscontent(None, b"", "") is handled correctlycontentis encoded without crashingrequest_pathstrings (including special chars) produce valid outputNote
.hypothesis/is already in.gitignore, suggesting Hypothesis may have been considered. No implementation exists yet.