aad-token-verify


Nameaad-token-verify JSON
Version 0.2.0 PyPI version JSON
download
home_pagehttps://github.com/GeneralMills/azure-ad-token-verify
SummaryA python utility library to verify an Azure Active Directory OAuth token
upload_time2023-06-07 15:38:35
maintainer
docs_urlNone
author['Daniel Thompson']
requires_python>=3.7
licenseMIT
keywords azure ad token oauth verify jwt
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            [![Tests](https://github.com/GeneralMills/azure-ad-token-verify/workflows/Test%20and%20Analysis/badge.svg)](https://github.com/GeneralMills/azure-ad-token-verify/actions)
[![PyPi](https://img.shields.io/pypi/pyversions/aad-token-verify.svg)](https://pypi.python.org/pypi/aad-token-verify)
# aad-token-verify
A python utility library to verify an Azure Active Directory OAuth token. Meant for resource servers serving secured API endpoints (eg FastAPI)

## Install

```bash
python3 -m pip install aad-token-verify
```

## Usage

To use stand alone, simply import the verify payload function and call.

```python
from aad_token_verify import get_verified_payload

token_verifier = get_verified_payload(token, tenant_id="YOUR_TENANT_ID", audience_uris=["AUDIENCE_URI"])
```

To use with FastAPI, there's some setup to get the Swagger docs to work

```python
from fastapi import Depends, FastAPI
from fastapi.openapi.models import OAuthFlowImplicit, OAuthFlows
from fastapi.middleware.cors import CORSMiddleware
from fastapi.security import OAuth2

from aad_token_verify import get_verified_payload

# TODO Update these with your Tenant ID, Audience URI, and Client ID
_TENANT_ID = "ISSUER_TENANT_ID"
_AUDIENCE_URI = "https://YOUR_AUDIENCE_URI"
_AAD_CLIENT_ID = "CLIENT_ID"

oauth2_scheme = OAuth2(
    flows=OAuthFlows(
        implicit=OAuthFlowImplicit(
            authorizationUrl=f"https://login.microsoftonline.com/{_TENANT_ID}/oauth2/v2.0/authorize",
            scopes={
                f"{_AUDIENCE_URI}/.default": "Custom Audience URI scope",
                "openid": "OpenID scope",
                "profile": "Profile scope",
                "email": "email scope",
            },
        )
    )
)

async def get_current_user(
    auth_header: str = Depends(oauth2_scheme),  # noqa: B008
):
    scheme, _, token = auth_header.partition(" ")
    return get_verified_payload(
        token,
        tenantId=_TENANT_ID,
        audience_uris=[_AUDIENCE_URI],
    )

app = FastAPI()

app.add_middleware(
    CORSMiddleware,
    allow_origins=["*"],
    allow_credentials=True,
    allow_methods=["*"],
    allow_headers=["*"],
)

app.swagger_ui_init_oauth = {
    "usePkceWithAuthorizationCodeGrant": True,
    "clientId": _AAD_CLIENT_ID,
    "scopes": [f"{_AUDIENCE_URI}.default"],
}

@app.get("/")
async def secured_endpoint(user=Depends(get_current_user)):
    return user
```

## Contributing

Feel free to submit issues and pull requests!

            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/GeneralMills/azure-ad-token-verify",
    "name": "aad-token-verify",
    "maintainer": "",
    "docs_url": null,
    "requires_python": ">=3.7",
    "maintainer_email": "",
    "keywords": "azure ad token oauth verify jwt",
    "author": "['Daniel Thompson']",
    "author_email": "daniel.thompson2@genmills.com",
    "download_url": "https://files.pythonhosted.org/packages/55/44/bfb8208cdc163da2deb00921231e089a9136c4bdc693f2417a0010ce4663/aad-token-verify-0.2.0.tar.gz",
    "platform": null,
    "description": "[![Tests](https://github.com/GeneralMills/azure-ad-token-verify/workflows/Test%20and%20Analysis/badge.svg)](https://github.com/GeneralMills/azure-ad-token-verify/actions)\n[![PyPi](https://img.shields.io/pypi/pyversions/aad-token-verify.svg)](https://pypi.python.org/pypi/aad-token-verify)\n# aad-token-verify\nA python utility library to verify an Azure Active Directory OAuth token. Meant for resource servers serving secured API endpoints (eg FastAPI)\n\n## Install\n\n```bash\npython3 -m pip install aad-token-verify\n```\n\n## Usage\n\nTo use stand alone, simply import the verify payload function and call.\n\n```python\nfrom aad_token_verify import get_verified_payload\n\ntoken_verifier = get_verified_payload(token, tenant_id=\"YOUR_TENANT_ID\", audience_uris=[\"AUDIENCE_URI\"])\n```\n\nTo use with FastAPI, there's some setup to get the Swagger docs to work\n\n```python\nfrom fastapi import Depends, FastAPI\nfrom fastapi.openapi.models import OAuthFlowImplicit, OAuthFlows\nfrom fastapi.middleware.cors import CORSMiddleware\nfrom fastapi.security import OAuth2\n\nfrom aad_token_verify import get_verified_payload\n\n# TODO Update these with your Tenant ID, Audience URI, and Client ID\n_TENANT_ID = \"ISSUER_TENANT_ID\"\n_AUDIENCE_URI = \"https://YOUR_AUDIENCE_URI\"\n_AAD_CLIENT_ID = \"CLIENT_ID\"\n\noauth2_scheme = OAuth2(\n    flows=OAuthFlows(\n        implicit=OAuthFlowImplicit(\n            authorizationUrl=f\"https://login.microsoftonline.com/{_TENANT_ID}/oauth2/v2.0/authorize\",\n            scopes={\n                f\"{_AUDIENCE_URI}/.default\": \"Custom Audience URI scope\",\n                \"openid\": \"OpenID scope\",\n                \"profile\": \"Profile scope\",\n                \"email\": \"email scope\",\n            },\n        )\n    )\n)\n\nasync def get_current_user(\n    auth_header: str = Depends(oauth2_scheme),  # noqa: B008\n):\n    scheme, _, token = auth_header.partition(\" \")\n    return get_verified_payload(\n        token,\n        tenantId=_TENANT_ID,\n        audience_uris=[_AUDIENCE_URI],\n    )\n\napp = FastAPI()\n\napp.add_middleware(\n    CORSMiddleware,\n    allow_origins=[\"*\"],\n    allow_credentials=True,\n    allow_methods=[\"*\"],\n    allow_headers=[\"*\"],\n)\n\napp.swagger_ui_init_oauth = {\n    \"usePkceWithAuthorizationCodeGrant\": True,\n    \"clientId\": _AAD_CLIENT_ID,\n    \"scopes\": [f\"{_AUDIENCE_URI}.default\"],\n}\n\n@app.get(\"/\")\nasync def secured_endpoint(user=Depends(get_current_user)):\n    return user\n```\n\n## Contributing\n\nFeel free to submit issues and pull requests!\n",
    "bugtrack_url": null,
    "license": "MIT",
    "summary": "A python utility library to verify an Azure Active Directory OAuth token",
    "version": "0.2.0",
    "project_urls": {
        "Homepage": "https://github.com/GeneralMills/azure-ad-token-verify"
    },
    "split_keywords": [
        "azure",
        "ad",
        "token",
        "oauth",
        "verify",
        "jwt"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "d288c41e394e6ad9b68716acde148546a5c79e42d77c8b08fbf64153a0309f82",
                "md5": "0906d8b228ee78d917789a719dfcffbf",
                "sha256": "a32a29c29b5eb9dd030d0f5378a46e316b27c3a7152635aa7e3fb50fb55c7a6e"
            },
            "downloads": -1,
            "filename": "aad_token_verify-0.2.0-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "0906d8b228ee78d917789a719dfcffbf",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.7",
            "size": 5348,
            "upload_time": "2023-06-07T15:38:33",
            "upload_time_iso_8601": "2023-06-07T15:38:33.684832Z",
            "url": "https://files.pythonhosted.org/packages/d2/88/c41e394e6ad9b68716acde148546a5c79e42d77c8b08fbf64153a0309f82/aad_token_verify-0.2.0-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "5544bfb8208cdc163da2deb00921231e089a9136c4bdc693f2417a0010ce4663",
                "md5": "e892de16471a999f0f7bb6e151a2a06c",
                "sha256": "91fdb46070b0f4b258d7ffb8f5bee11de2e6728e2f0885cf04dbb354f59dcdaf"
            },
            "downloads": -1,
            "filename": "aad-token-verify-0.2.0.tar.gz",
            "has_sig": false,
            "md5_digest": "e892de16471a999f0f7bb6e151a2a06c",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.7",
            "size": 5012,
            "upload_time": "2023-06-07T15:38:35",
            "upload_time_iso_8601": "2023-06-07T15:38:35.186165Z",
            "url": "https://files.pythonhosted.org/packages/55/44/bfb8208cdc163da2deb00921231e089a9136c4bdc693f2417a0010ce4663/aad-token-verify-0.2.0.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2023-06-07 15:38:35",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "GeneralMills",
    "github_project": "azure-ad-token-verify",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": true,
    "lcname": "aad-token-verify"
}
        
Elapsed time: 0.07710s