Clarifications and fixes

Author: benmod

README.md

@@ -233,7 +233,8 @@ try:
 
 You can use the `MetricsResponseHandler` object to process your OpenPAYGO Metrics request from start to finish. It accepts the following initial inputs: 
 - `metrics_payload` (required): The OpenPAYGO Metrics payload, as a string containing the JSON payload. 
-- `secret_key` (optional): The secret key provided as a string containing 32 hexadecimal characters (e.g. `dac86b1a29ab82edc5fbbc41ec9530f6`)
+- `secret_key` (optional): The secret key provided as a string containing 32 hexadecimal characters (e.g. `dac86b1a29ab82edc5fbbc41ec9530f6`). If the secret key is not set later using `set_device_parameters()`, then you will not be able to verify the auth of the request (it will throw an error if you try) and the response will not be signed. 
+- `skip_auth`
 - `data_format` (optional): The data format, provided as dictionnary matching the data format object specifications. 
 - `last_request_count` (optional): The request count of the last valid request (used for avoiding request replay)
 - `last_request_timestamp` (optional): The timestamp of the last valid request (used for avoiding request replay)
@@ -313,6 +314,10 @@ def device_data():
 
 ## Changelog
 
+### 2023-10-12 - v0.5.2
+- Clarification in the doc of the behaviour when `secret_key` is missing
+- Implemented coherent behaviour when `secret_key` is missing
+
 ### 2023-10-12 - v0.5.1
 - Fixes typo in function name
 

openpaygo/metrics_response.py

@@ -46,7 +46,7 @@ def set_device_parameters(self, secret_key=None, data_format=None, last_request_
     def is_auth_valid(self):
         auth_string = self.request_dict.get('auth', None)
         if not auth_string:
-            return True
+            return False
         elif not self.secret_key:
             raise ValueError('Secret key is required to check the auth.')
         self.auth_method = auth_string[:2]
@@ -129,13 +129,14 @@ def get_answer_payload(self):
     def get_answer_dict(self):
         # If there is not data format, we just return the full response
         condensed_answer = copy.deepcopy(self.response_dict)
-        condensed_answer['auth'] = OpenPAYGOMetricsShared.generate_response_signature_from_data(
-            serial_number=self.request_dict.get('serial_number'),
-            request_count=self.request_dict.get('request_count'),
-            data=condensed_answer,
-            timestamp=self.request_dict.get('timestamp'),
-            secret_key=self.secret_key
-        )
+        if self.secret_key:
+            condensed_answer['auth'] = OpenPAYGOMetricsShared.generate_response_signature_from_data(
+                serial_number=self.request_dict.get('serial_number'),
+                request_count=self.request_dict.get('request_count'),
+                data=condensed_answer,
+                timestamp=self.request_dict.get('timestamp'),
+                secret_key=self.secret_key
+            )
         return OpenPAYGOMetricsShared.convert_dict_keys_to_condensed(condensed_answer)
 
     def _get_simple_data(self):

setup.cfg

@@ -1,6 +1,6 @@
 [metadata]
 name = openpaygo
-version = 0.5.1
+version = 0.5.2
 url = https://github.com/EnAccess/OpenPAYGO-python/
 description-file=README.md
 license_files=LICENSE

setup.py

@@ -4,7 +4,7 @@
 setup(
     name="openpaygo", 
     packages=find_packages(),
-    version='0.5.1',
+    version='0.5.2',
     license='MIT',
     author="Solaris Offgrid",
     url='https://github.com/EnAccess/OpenPAYGO-python/',