Merge pull request #250 from victorouse/basic-auth-header

Add support for basic authorization for `StockHistoricalDataClient` and `RESTClient`
alpacahq · Mar 9, 2023 · 1ff3ada · 1ff3ada
2 parents 314fad6 + 0e0ff3b
commit 1ff3ada
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 0 deletions.
diff --git a/alpaca/common/rest.py b/alpaca/common/rest.py
@@ -1,4 +1,5 @@
 import time
+import base64
 from abc import ABC
 from typing import Any, List, Optional, Type, Union, Tuple, Iterator
 
@@ -29,6 +30,7 @@ def __init__(
         api_key: Optional[str] = None,
         secret_key: Optional[str] = None,
         oauth_token: Optional[str] = None,
+        use_basic_auth: bool = False,
         api_version: str = "v2",
         sandbox: bool = False,
         raw_data: bool = False,
@@ -45,6 +47,7 @@ def __init__(
             api_key (Optional[str]): The api key string for authentication.
             secret_key (Optional[str]): The corresponding secret key string for the api key.
             oauth_token (Optional[str]): The oauth token if authenticating via OAuth.
+            use_basic_auth (bool): Whether API requests should use basic authorization headers.
             api_version (Optional[str]): The API version for the endpoints.
             sandbox (bool): False if the live API should be used.
             raw_data (bool): Whether API responses should be wrapped in data models or returned raw.
@@ -59,6 +62,7 @@ def __init__(
         self._api_version: str = api_version
         self._base_url: Union[BaseURL, str] = base_url
         self._sandbox: bool = sandbox
+        self._use_basic_auth: bool = use_basic_auth
         self._use_raw_data: bool = raw_data
         self._session: Session = Session()
 
@@ -156,6 +160,12 @@ def _get_auth_headers(self) -> dict:
 
         if self._oauth_token:
             headers["Authorization"] = "Bearer " + self._oauth_token
+        elif self._use_basic_auth:
+            api_key_secret = "{key}:{secret}".format(
+                key=self._api_key, secret=self._secret_key
+            ).encode("utf-8")
+            encoded_api_key_secret = base64.b64encode(api_key_secret).decode("utf-8")
+            headers["Authorization"] = "Basic " + encoded_api_key_secret
         else:
             headers["APCA-API-KEY-ID"] = self._api_key
             headers["APCA-API-SECRET-KEY"] = self._secret_key

diff --git a/alpaca/data/historical/stock.py b/alpaca/data/historical/stock.py
@@ -45,6 +45,7 @@ def __init__(
         api_key: Optional[str] = None,
         secret_key: Optional[str] = None,
         oauth_token: Optional[str] = None,
+        use_basic_auth: bool = False,
         raw_data: bool = False,
         url_override: Optional[str] = None,
     ) -> None:
@@ -55,6 +56,7 @@ def __init__(
             api_key (Optional[str], optional): Alpaca API key. Defaults to None.
             secret_key (Optional[str], optional): Alpaca API secret key. Defaults to None.
             oauth_token (Optional[str]): The oauth token if authenticating via OAuth. Defaults to None.
+            use_basic_auth (bool, optional): If true, API requests will use basic authorization headers.
             raw_data (bool, optional): If true, API responses will not be wrapped and raw responses will be returned from
               methods. Defaults to False. This has not been implemented yet.
             url_override (Optional[str], optional): If specified allows you to override the base url the client points
@@ -64,6 +66,7 @@ def __init__(
             api_key=api_key,
             secret_key=secret_key,
             oauth_token=oauth_token,
+            use_basic_auth=use_basic_auth,
             api_version="v2",
             base_url=url_override if url_override is not None else BaseURL.DATA,
             sandbox=False,