============================
Atlassian JWT authentication
============================
.. image:: https://github.com/atlassian/asap-authentication-python/workflows/Tests/badge.svg
.. image:: https://img.shields.io/pypi/v/atlassian-jwt-auth.svg
:target: https://pypi.org/project/atlassian-jwt-auth
This package provides an implementation of the `Service to Service Authentication <https://s2sauth.bitbucket.io/spec/>`_ specification.
----
Installation
============
To install simply run
.. code:: sh
$ pip install atlassian-jwt-auth
Using this library
==================
To create a JWT for authentication
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. code:: python
import atlassian_jwt_auth
signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
a_jwt = signer.generate_jwt('audience')
To create a JWT using a file on disk in the conventional location
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Each time you call ``generate_jwt`` this will find the latest active key file (ends with ``.pem``) and use it to generate your JWT.
.. code:: python
import atlassian_jwt_auth
signer = atlassian_jwt_auth.create_signer_from_file_private_key_repository('issuer', '/opt/jwtprivatekeys')
a_jwt = signer.generate_jwt('audience')
To create a JWT using a data uri
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. code:: python
import atlassian_jwt_auth
from atlassian_jwt_auth.key import DataUriPrivateKeyRetriever
key_id, private_key_pem = DataUriPrivateKeyRetriever('Your base64 encoded data uri').load('issuer')
signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
a_jwt = signer.generate_jwt('audience')
To make an authenticated HTTP request
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If you use the ``atlassian_jwt_auth.contrib.requests.JWTAuth`` provider, you
can automatically generate JWT tokens when using the ``requests`` library to
perform authenticated HTTP requests.
.. code:: python
import atlassian_jwt_auth
from atlassian_jwt_auth.contrib.requests import JWTAuth
signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
response = requests.get(
'https://your-url',
auth=JWTAuth(signer, 'audience')
)
One can also use ``atlassian_jwt_auth.contrib.aiohttp.JWTAuth``
to authenticate ``aiohttp`` requests:
.. code:: python
import aiohttp
import atlassian_jwt_auth
from atlassian_jwt_auth.contrib.aiohttp import JWTAuth
signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
async with aiohttp.ClientSession() as session:
async with session.get('https://your-url',
auth=JWTAuth(signer, 'audience')) as resp:
...
If you want to reuse tokens that have the same claim within their period of validity
then pass through `reuse_jwts=True` when calling `create_signer`.
For example:
.. code:: python
import atlassian_jwt_auth
from atlassian_jwt_auth.contrib.requests import JWTAuth
signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem, reuse_jwts=True)
response = requests.get(
'https://your-url',
auth=JWTAuth(signer, 'audience')
)
To verify a JWT
~~~~~~~~~~~~~~~
.. code:: python
import atlassian_jwt_auth
public_key_retriever = atlassian_jwt_auth.HTTPSPublicKeyRetriever('https://example.com')
verifier = atlassian_jwt_auth.JWTAuthVerifier(public_key_retriever)
verified_claims = verifier.verify_jwt(a_jwt, 'audience')
For Python versions starting from ``Python 3.5``, note this library no longer supports python 3.5, ``atlassian_jwt_auth.contrib.aiohttp``
provides drop-in replacements for the components that
perform HTTP requests, so that they use ``aiohttp`` instead of ``requests``:
.. code:: python
import atlassian_jwt_auth.contrib.aiohttp
public_key_retriever = atlassian_jwt_auth.contrib.aiohttp.HTTPSPublicKeyRetriever('https://example.com')
verifier = atlassian_jwt_auth.contrib.aiohttp.JWTAuthVerifier(public_key_retriever)
verified_claims = await verifier.verify_jwt(a_jwt, 'audience')
Raw data
{
"_id": null,
"home_page": "https://github.com/atlassian/asap-authentication-python",
"name": "atlassian-jwt-auth",
"maintainer": "",
"docs_url": null,
"requires_python": "",
"maintainer_email": "",
"keywords": "",
"author": "Atlassian",
"author_email": "dblack@atlassian.com",
"download_url": "https://files.pythonhosted.org/packages/1c/3f/2e0977b84ffef6ed094ada441b24859bda770c1fa06283001d271bb5aae0/atlassian-jwt-auth-18.0.1.tar.gz",
"platform": "any",
"description": "============================\nAtlassian JWT authentication\n============================\n\n.. image:: https://github.com/atlassian/asap-authentication-python/workflows/Tests/badge.svg\n.. image:: https://img.shields.io/pypi/v/atlassian-jwt-auth.svg\n :target: https://pypi.org/project/atlassian-jwt-auth\n\nThis package provides an implementation of the `Service to Service Authentication <https://s2sauth.bitbucket.io/spec/>`_ specification.\n\n----\n\nInstallation\n============\n\nTo install simply run\n\n.. code:: sh\n\n $ pip install atlassian-jwt-auth\n\nUsing this library\n==================\n\nTo create a JWT for authentication\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n.. code:: python\n\n import atlassian_jwt_auth\n\n\n signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)\n a_jwt = signer.generate_jwt('audience')\n\n\nTo create a JWT using a file on disk in the conventional location\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nEach time you call ``generate_jwt`` this will find the latest active key file (ends with ``.pem``) and use it to generate your JWT.\n\n.. code:: python\n\n import atlassian_jwt_auth\n\n\n signer = atlassian_jwt_auth.create_signer_from_file_private_key_repository('issuer', '/opt/jwtprivatekeys')\n a_jwt = signer.generate_jwt('audience')\n\nTo create a JWT using a data uri\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n.. code:: python\n\n import atlassian_jwt_auth\n from atlassian_jwt_auth.key import DataUriPrivateKeyRetriever\n\n key_id, private_key_pem = DataUriPrivateKeyRetriever('Your base64 encoded data uri').load('issuer')\n signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)\n a_jwt = signer.generate_jwt('audience')\n\n\n\nTo make an authenticated HTTP request\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nIf you use the ``atlassian_jwt_auth.contrib.requests.JWTAuth`` provider, you\ncan automatically generate JWT tokens when using the ``requests`` library to\nperform authenticated HTTP requests.\n\n.. code:: python\n\n import atlassian_jwt_auth\n from atlassian_jwt_auth.contrib.requests import JWTAuth\n\n signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)\n response = requests.get(\n 'https://your-url',\n auth=JWTAuth(signer, 'audience')\n )\n\nOne can also use ``atlassian_jwt_auth.contrib.aiohttp.JWTAuth``\nto authenticate ``aiohttp`` requests:\n\n.. code:: python\n\n import aiohttp\n\n import atlassian_jwt_auth\n from atlassian_jwt_auth.contrib.aiohttp import JWTAuth\n\n signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)\n\n async with aiohttp.ClientSession() as session:\n async with session.get('https://your-url',\n auth=JWTAuth(signer, 'audience')) as resp:\n ...\n\n\nIf you want to reuse tokens that have the same claim within their period of validity\nthen pass through `reuse_jwts=True` when calling `create_signer`.\nFor example:\n\n\n.. code:: python\n\n import atlassian_jwt_auth\n from atlassian_jwt_auth.contrib.requests import JWTAuth\n\n signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem, reuse_jwts=True)\n response = requests.get(\n 'https://your-url',\n auth=JWTAuth(signer, 'audience')\n )\n\n\n\nTo verify a JWT\n~~~~~~~~~~~~~~~\n\n.. code:: python\n\n import atlassian_jwt_auth\n\n public_key_retriever = atlassian_jwt_auth.HTTPSPublicKeyRetriever('https://example.com')\n verifier = atlassian_jwt_auth.JWTAuthVerifier(public_key_retriever)\n verified_claims = verifier.verify_jwt(a_jwt, 'audience')\n\nFor Python versions starting from ``Python 3.5``, note this library no longer supports python 3.5, ``atlassian_jwt_auth.contrib.aiohttp``\nprovides drop-in replacements for the components that\nperform HTTP requests, so that they use ``aiohttp`` instead of ``requests``:\n\n.. code:: python\n\n import atlassian_jwt_auth.contrib.aiohttp\n\n public_key_retriever = atlassian_jwt_auth.contrib.aiohttp.HTTPSPublicKeyRetriever('https://example.com')\n verifier = atlassian_jwt_auth.contrib.aiohttp.JWTAuthVerifier(public_key_retriever)\n verified_claims = await verifier.verify_jwt(a_jwt, 'audience')\n\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Python implementation of the Atlassian Service to Service Authentication specification.",
"version": "18.0.1",
"project_urls": {
"Bug Tracker": "https://github.com/atlassian/asap-authentication-python/issues",
"Homepage": "https://github.com/atlassian/asap-authentication-python",
"Source Code": "https://github.com/atlassian/asap-authentication-python"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "6a7ac006ef910a598b1527d2515b29fcfbbe3feb60659b27221c4b9e1002901d",
"md5": "d5be86ba02d5467aa32880bf9907adf4",
"sha256": "1970d215da32efca1126ffa43a46f426056d8d16d554c10024442299fb971bf2"
},
"downloads": -1,
"filename": "atlassian_jwt_auth-18.0.1-py2.py3-none-any.whl",
"has_sig": false,
"md5_digest": "d5be86ba02d5467aa32880bf9907adf4",
"packagetype": "bdist_wheel",
"python_version": "py2.py3",
"requires_python": null,
"size": 54131,
"upload_time": "2024-01-08T02:21:10",
"upload_time_iso_8601": "2024-01-08T02:21:10.343417Z",
"url": "https://files.pythonhosted.org/packages/6a/7a/c006ef910a598b1527d2515b29fcfbbe3feb60659b27221c4b9e1002901d/atlassian_jwt_auth-18.0.1-py2.py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "1c3f2e0977b84ffef6ed094ada441b24859bda770c1fa06283001d271bb5aae0",
"md5": "36741b9f7cff0b0aace88a0d3162d7f5",
"sha256": "c860fb4911daaa9530b8da51864768aac0e2d7775ce88419b52f6ba372c45e9d"
},
"downloads": -1,
"filename": "atlassian-jwt-auth-18.0.1.tar.gz",
"has_sig": false,
"md5_digest": "36741b9f7cff0b0aace88a0d3162d7f5",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 44362,
"upload_time": "2024-01-08T02:21:12",
"upload_time_iso_8601": "2024-01-08T02:21:12.987223Z",
"url": "https://files.pythonhosted.org/packages/1c/3f/2e0977b84ffef6ed094ada441b24859bda770c1fa06283001d271bb5aae0/atlassian-jwt-auth-18.0.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-01-08 02:21:12",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "atlassian",
"github_project": "asap-authentication-python",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [
{
"name": "PyJWT",
"specs": [
[
">=",
"2.4.0"
],
[
"<",
"3.0.0"
]
]
},
{
"name": "PyJWT",
"specs": [
[
">=",
"2.4.0"
],
[
"<",
"3.0.0"
]
]
},
{
"name": "requests",
"specs": [
[
"<",
"3.0.0"
],
[
">=",
"2.8.1"
]
]
},
{
"name": "CacheControl",
"specs": [
[
"==",
"0.13.1"
]
]
}
],
"lcname": "atlassian-jwt-auth"
}