============================
Atlassian JWT authentication
============================
.. image:: https://github.com/atlassian/asap-authentication-python/workflows/Tests/badge.svg
.. image:: https://img.shields.io/pypi/v/atlassian-jwt-auth.svg
:target: https://pypi.org/project/atlassian-jwt-auth
This package provides an implementation of the `Service to Service Authentication <https://s2sauth.bitbucket.io/spec/>`_ specification.
----
Installation
============
To install simply run
.. code:: sh
$ pip install atlassian-jwt-auth
Using this library
==================
To create a JWT for authentication
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. code:: python
import atlassian_jwt_auth
signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
a_jwt = signer.generate_jwt('audience')
To create a JWT using a file on disk in the conventional location
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Each time you call ``generate_jwt`` this will find the latest active key file (ends with ``.pem``) and use it to generate your JWT.
.. code:: python
import atlassian_jwt_auth
signer = atlassian_jwt_auth.create_signer_from_file_private_key_repository('issuer', '/opt/jwtprivatekeys')
a_jwt = signer.generate_jwt('audience')
To create a JWT using a data uri
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. code:: python
import atlassian_jwt_auth
from atlassian_jwt_auth.key import DataUriPrivateKeyRetriever
key_id, private_key_pem = DataUriPrivateKeyRetriever('Your base64 encoded data uri').load('issuer')
signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
a_jwt = signer.generate_jwt('audience')
To make an authenticated HTTP request
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If you use the ``atlassian_jwt_auth.contrib.requests.JWTAuth`` provider, you
can automatically generate JWT tokens when using the ``requests`` library to
perform authenticated HTTP requests.
.. code:: python
import atlassian_jwt_auth
from atlassian_jwt_auth.contrib.requests import JWTAuth
signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
response = requests.get(
'https://your-url',
auth=JWTAuth(signer, 'audience')
)
One can also use ``atlassian_jwt_auth.contrib.aiohttp.JWTAuth``
to authenticate ``aiohttp`` requests:
.. code:: python
import aiohttp
import atlassian_jwt_auth
from atlassian_jwt_auth.contrib.aiohttp import JWTAuth
signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
async with aiohttp.ClientSession() as session:
async with session.get('https://your-url',
auth=JWTAuth(signer, 'audience')) as resp:
...
If you want to reuse tokens that have the same claim within their period of validity
then pass through `reuse_jwts=True` when calling `create_signer`.
For example:
.. code:: python
import atlassian_jwt_auth
import requests
from atlassian_jwt_auth.contrib.requests import JWTAuth
signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem, reuse_jwts=True)
response = requests.get(
'https://your-url',
auth=JWTAuth(signer, 'audience')
)
If you want to generate tokens with a longer lifetime than the default 1 minute period,
you can do so via specifying a `lifetime` value to `create_signer`.
For example:
.. code:: python
import datetime
import atlassian_jwt_auth
import requests
from atlassian_jwt_auth.contrib.requests import JWTAuth
signer = atlassian_jwt_auth.create_signer(
'issuer', 'issuer/key', private_key_pem,
reuse_jwts=True, lifetime=datetime.timedelta(minutes=2))
response = requests.get(
'https://your-url',
auth=JWTAuth(signer, 'audience')
)
To verify a JWT
~~~~~~~~~~~~~~~
.. code:: python
import atlassian_jwt_auth
public_key_retriever = atlassian_jwt_auth.HTTPSPublicKeyRetriever('https://example.com')
verifier = atlassian_jwt_auth.JWTAuthVerifier(public_key_retriever)
verified_claims = verifier.verify_jwt(a_jwt, 'audience')
For Python versions starting from ``Python 3.5``, note this library no longer supports python 3.5, ``atlassian_jwt_auth.contrib.aiohttp``
provides drop-in replacements for the components that
perform HTTP requests, so that they use ``aiohttp`` instead of ``requests``:
.. code:: python
import atlassian_jwt_auth.contrib.aiohttp
public_key_retriever = atlassian_jwt_auth.contrib.aiohttp.HTTPSPublicKeyRetriever('https://example.com')
verifier = atlassian_jwt_auth.contrib.aiohttp.JWTAuthVerifier(public_key_retriever)
verified_claims = await verifier.verify_jwt(a_jwt, 'audience')
Raw data
{
"_id": null,
"home_page": "https://github.com/atlassian/asap-authentication-python",
"name": "atlassian-jwt-auth",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": null,
"keywords": null,
"author": "Atlassian",
"author_email": "dblack@atlassian.com",
"download_url": "https://files.pythonhosted.org/packages/21/58/49c69405e72144128796db2035b4b8e766932410fb6b687f4aac8ce7563c/atlassian_jwt_auth-20.0.0.tar.gz",
"platform": "any",
"description": "============================\nAtlassian JWT authentication\n============================\n\n.. image:: https://github.com/atlassian/asap-authentication-python/workflows/Tests/badge.svg\n.. image:: https://img.shields.io/pypi/v/atlassian-jwt-auth.svg\n :target: https://pypi.org/project/atlassian-jwt-auth\n\nThis package provides an implementation of the `Service to Service Authentication <https://s2sauth.bitbucket.io/spec/>`_ specification.\n\n----\n\nInstallation\n============\n\nTo install simply run\n\n.. code:: sh\n\n $ pip install atlassian-jwt-auth\n\nUsing this library\n==================\n\nTo create a JWT for authentication\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n.. code:: python\n\n import atlassian_jwt_auth\n\n\n signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)\n a_jwt = signer.generate_jwt('audience')\n\n\nTo create a JWT using a file on disk in the conventional location\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nEach time you call ``generate_jwt`` this will find the latest active key file (ends with ``.pem``) and use it to generate your JWT.\n\n.. code:: python\n\n import atlassian_jwt_auth\n\n\n signer = atlassian_jwt_auth.create_signer_from_file_private_key_repository('issuer', '/opt/jwtprivatekeys')\n a_jwt = signer.generate_jwt('audience')\n\nTo create a JWT using a data uri\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n.. code:: python\n\n import atlassian_jwt_auth\n from atlassian_jwt_auth.key import DataUriPrivateKeyRetriever\n\n key_id, private_key_pem = DataUriPrivateKeyRetriever('Your base64 encoded data uri').load('issuer')\n signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)\n a_jwt = signer.generate_jwt('audience')\n\n\n\nTo make an authenticated HTTP request\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nIf you use the ``atlassian_jwt_auth.contrib.requests.JWTAuth`` provider, you\ncan automatically generate JWT tokens when using the ``requests`` library to\nperform authenticated HTTP requests.\n\n.. code:: python\n\n import atlassian_jwt_auth\n from atlassian_jwt_auth.contrib.requests import JWTAuth\n\n signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)\n response = requests.get(\n 'https://your-url',\n auth=JWTAuth(signer, 'audience')\n )\n\nOne can also use ``atlassian_jwt_auth.contrib.aiohttp.JWTAuth``\nto authenticate ``aiohttp`` requests:\n\n.. code:: python\n\n import aiohttp\n\n import atlassian_jwt_auth\n from atlassian_jwt_auth.contrib.aiohttp import JWTAuth\n\n signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)\n\n async with aiohttp.ClientSession() as session:\n async with session.get('https://your-url',\n auth=JWTAuth(signer, 'audience')) as resp:\n ...\n\n\nIf you want to reuse tokens that have the same claim within their period of validity\nthen pass through `reuse_jwts=True` when calling `create_signer`.\nFor example:\n\n\n.. code:: python\n\n import atlassian_jwt_auth\n import requests\n from atlassian_jwt_auth.contrib.requests import JWTAuth\n\n signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem, reuse_jwts=True)\n response = requests.get(\n 'https://your-url',\n auth=JWTAuth(signer, 'audience')\n )\n\nIf you want to generate tokens with a longer lifetime than the default 1 minute period,\nyou can do so via specifying a `lifetime` value to `create_signer`.\nFor example:\n\n\n.. code:: python\n\n import datetime\n\n import atlassian_jwt_auth\n import requests\n from atlassian_jwt_auth.contrib.requests import JWTAuth\n\n signer = atlassian_jwt_auth.create_signer(\n 'issuer', 'issuer/key', private_key_pem,\n reuse_jwts=True, lifetime=datetime.timedelta(minutes=2))\n response = requests.get(\n 'https://your-url',\n auth=JWTAuth(signer, 'audience')\n )\n\n\nTo verify a JWT\n~~~~~~~~~~~~~~~\n\n.. code:: python\n\n import atlassian_jwt_auth\n\n public_key_retriever = atlassian_jwt_auth.HTTPSPublicKeyRetriever('https://example.com')\n verifier = atlassian_jwt_auth.JWTAuthVerifier(public_key_retriever)\n verified_claims = verifier.verify_jwt(a_jwt, 'audience')\n\nFor Python versions starting from ``Python 3.5``, note this library no longer supports python 3.5, ``atlassian_jwt_auth.contrib.aiohttp``\nprovides drop-in replacements for the components that\nperform HTTP requests, so that they use ``aiohttp`` instead of ``requests``:\n\n.. code:: python\n\n import atlassian_jwt_auth.contrib.aiohttp\n\n public_key_retriever = atlassian_jwt_auth.contrib.aiohttp.HTTPSPublicKeyRetriever('https://example.com')\n verifier = atlassian_jwt_auth.contrib.aiohttp.JWTAuthVerifier(public_key_retriever)\n verified_claims = await verifier.verify_jwt(a_jwt, 'audience')\n\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Python implementation of the Atlassian Service to Service Authentication specification.",
"version": "20.0.0",
"project_urls": {
"Bug Tracker": "https://github.com/atlassian/asap-authentication-python/issues",
"Homepage": "https://github.com/atlassian/asap-authentication-python",
"Source Code": "https://github.com/atlassian/asap-authentication-python"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "e6b6f6e4c9c9ca9b52648b6e84b843c1437377d2f52a1cc69f653f75db13f3f4",
"md5": "e8207407e438ae621e9fddade4e5d0b3",
"sha256": "9da90861453693a24834475583bfa93210521b6feff375c86926b6bead282fc1"
},
"downloads": -1,
"filename": "atlassian_jwt_auth-20.0.0-py2.py3-none-any.whl",
"has_sig": false,
"md5_digest": "e8207407e438ae621e9fddade4e5d0b3",
"packagetype": "bdist_wheel",
"python_version": "py2.py3",
"requires_python": null,
"size": 54290,
"upload_time": "2024-11-20T02:03:54",
"upload_time_iso_8601": "2024-11-20T02:03:54.389501Z",
"url": "https://files.pythonhosted.org/packages/e6/b6/f6e4c9c9ca9b52648b6e84b843c1437377d2f52a1cc69f653f75db13f3f4/atlassian_jwt_auth-20.0.0-py2.py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "215849c69405e72144128796db2035b4b8e766932410fb6b687f4aac8ce7563c",
"md5": "92418a3ff2f45ae08a454ff673b13fd9",
"sha256": "9efb773e62c26633ecbec7597848090694437df6581a5012c5b928c791a763a9"
},
"downloads": -1,
"filename": "atlassian_jwt_auth-20.0.0.tar.gz",
"has_sig": false,
"md5_digest": "92418a3ff2f45ae08a454ff673b13fd9",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 44174,
"upload_time": "2024-11-20T02:03:56",
"upload_time_iso_8601": "2024-11-20T02:03:56.496618Z",
"url": "https://files.pythonhosted.org/packages/21/58/49c69405e72144128796db2035b4b8e766932410fb6b687f4aac8ce7563c/atlassian_jwt_auth-20.0.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-11-20 02:03:56",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "atlassian",
"github_project": "asap-authentication-python",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [],
"lcname": "atlassian-jwt-auth"
}
JSON
