gocept.webtoken


Namegocept.webtoken JSON
Version 4.0 PyPI version JSON
download
home_pagehttps://github.com/gocept/gocept.webtoken
SummaryWrapper around JWT tokens and the Zope Component Architecture (ZCA).
upload_time2023-08-21 05:49:24
maintainer
docs_urlNone
authorgocept <mail@gocept.com>
requires_python>=3.7
licenseMIT
keywords jwt token webtoken zca
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage
            ================================
The gocept.webtoken distribution
================================

.. image:: https://github.com/gocept/gocept.webtoken/workflows/tests/badge.svg
    :target: https://github.com/gocept/gocept.webtoken/actions?query=workflow%3Atests

.. image:: https://coveralls.io/repos/github/gocept/gocept.webtoken/badge.svg
    :target: https://coveralls.io/github/gocept/gocept.webtoken


This library helps you using JWT tokens with the Zope Component Architecture
(ZCA).

This package is compatible with Python version 2.7, 3.6 up to 3.8.

Copyright (c) 2015-2020 gocept gmbh & co kg

All Rights Reserved.

This software is subject to the provisions of the Zope Public License,
Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
FOR A PARTICULAR PURPOSE.

Installation
============

This package requires ``cryptography``, which needs some install attention.
Please refer to its `install documentation`_ for further information.


.. _`install documentation`: https://cryptography.io/en/latest/installation/

.. contents::

Usage
=====

The ``CryptographicKey`` utility
--------------------------------

``gocept.webtoken`` uses a global utility of the class
``gocept.webtoken.CryptographicKeys``, which provides cryptographic keys for
different purposes. It loads a set of public and private keys from disk. It
takes the filesystem path to your key files and a list of key names::

    >>> import gocept.webtoken
    >>> import pkg_resources
    >>> path_to_keys = pkg_resources.resource_filename(
    ...     'gocept.webtoken', 'testing/keys')
    >>> keys = gocept.webtoken.CryptographicKeys(
    ...     path_to_keys, ['key1'])

For each of the names, a private key file of the same name and a public key
file (with a .pub suffix) must reside inside the keys_dir.

The utility needs to be registered at the ZCA, either via a zcml file or via::

    >>> import zope.component
    >>> zope.component.provideUtility(keys)


Creating a token
----------------

Create a signed web token with the function ``create_web_token``. You will need
the private key name, which was registered at the CryptographycKey utility. It
is referenced by its name and the suffix ``-private``::

    >>> expires_in = 300  # The token is valid for 300 seconds
    >>> payload = {'your': 'data'}
    >>> result = gocept.webtoken.create_web_token(
    ...     'key1-private', 'issuer', 'subject', expires_in, payload)
    >>> sorted(result.keys())
    ['data', 'token']

The token is available under the key ``token``, while the data encoded in the
token is placed under the key ``data``.


Creating a Bearer Authorization header
--------------------------------------

You can create an `Bearer Authorization header`_ either from a token_dict as
returned by create_web_token or from a token directly::

    >>> gocept.webtoken.create_authorization_header(b'<TOKEN>')
    ('Authorization', 'Bearer <TOKEN>')

.. _`Bearer Authorization header`: https://tools.ietf.org/html/rfc6750#section-2.1

Extracting a token from a Bearer Authorization header
-----------------------------------------------------

Extract the token from a dict containing the headers of you request or from the
value of the HTTP Authorization header itself::

    >>> request_headers = dict(Authorization='Bearer <TOKEN>')
    >>> b'<TOKEN>' == gocept.webtoken.extract_token(request_headers)
    True


Decoding a token
----------------

Decode a signed web token with the function ``decode_web_token``. You will need
the public key name, which was registered at the CryptographycKey utility. It
is referenced by its name and the suffix ``-public``::

    >>> result = gocept.webtoken.decode_web_token(
    ...     result['token'], 'key1-public', 'subject')

Note that the subject must match the subject given when the token was created.

The result contains all data encoded in the token. You can find the payload
under the key ``data``::

    >>> {'your': 'data'} == result['data']
    True


gocept.webtoken
===============

4.0 (2023-08-21)
----------------

- Drop support for Python 2.7, 3.5, 3.6.

- Add support for Python 3.9, 3.10, 3.11.


3.1.post1 (2020-04-08)
----------------------

- Drop faulty ``python_requires`` in `setup.py`.


3.1 (2020-04-08)
----------------

- Migrate to Github.

- Test with Python 3.8 and PyPy3.

- Stop testing with Python 3.5.

3.0 (2018-11-14)
----------------

- Change license from ZPL to MIT.

- Add support for Python 3.7.

- Drop support for Python 3.4.

- Make subject check optional as some systems like Keycloak use a random
  uuid as the subject which is unknown for the decoder.

- Add `audience` parameter which is required to decode tokens generated
  by Keycloak.


2.0 (2018-01-08)
----------------

- Drop support for Python 3.3 but add it for 3.6.

- Make `setup.py` compatible with newer `setuptools` versions by no longer
  using absolute paths.


1.2.1 (2015-10-08)
------------------

- Fix `extract_token` to accept any ``collections.Mapping`` derived object.


1.2 (2015-10-08)
----------------

- Added helper functions to create a Bearer Authorization header and extract
  a token from it.

- Officially support Python 3.5.


1.1 (2015-10-01)
----------------

- Shortened imports for `CryptographicKeys`, `create_web_token` and
  `decode_web_token`, which are now importable directly from `gocept.webtoken`.

- Added documentation.


1.0 (2015-10-01)
----------------

* Add support for Python 3.3 and 3.4.

* Initial release, extracted from internally used package.

            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/gocept/gocept.webtoken",
    "name": "gocept.webtoken",
    "maintainer": "",
    "docs_url": null,
    "requires_python": ">=3.7",
    "maintainer_email": "",
    "keywords": "jwt token webtoken ZCA",
    "author": "gocept <mail@gocept.com>",
    "author_email": "mail@gocept.com",
    "download_url": "https://files.pythonhosted.org/packages/0e/31/bf6fd33b8ae53676a60f7d59a332be9642c5f772e6e5ae9c9e8741a63454/gocept.webtoken-4.0.tar.gz",
    "platform": null,
    "description": "================================\nThe gocept.webtoken distribution\n================================\n\n.. image:: https://github.com/gocept/gocept.webtoken/workflows/tests/badge.svg\n    :target: https://github.com/gocept/gocept.webtoken/actions?query=workflow%3Atests\n\n.. image:: https://coveralls.io/repos/github/gocept/gocept.webtoken/badge.svg\n    :target: https://coveralls.io/github/gocept/gocept.webtoken\n\n\nThis library helps you using JWT tokens with the Zope Component Architecture\n(ZCA).\n\nThis package is compatible with Python version 2.7, 3.6 up to 3.8.\n\nCopyright (c) 2015-2020 gocept gmbh & co kg\n\nAll Rights Reserved.\n\nThis software is subject to the provisions of the Zope Public License,\nVersion 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.\nTHIS SOFTWARE IS PROVIDED \"AS IS\" AND ANY AND ALL EXPRESS OR IMPLIED\nWARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED\nWARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS\nFOR A PARTICULAR PURPOSE.\n\nInstallation\n============\n\nThis package requires ``cryptography``, which needs some install attention.\nPlease refer to its `install documentation`_ for further information.\n\n\n.. _`install documentation`: https://cryptography.io/en/latest/installation/\n\n.. contents::\n\nUsage\n=====\n\nThe ``CryptographicKey`` utility\n--------------------------------\n\n``gocept.webtoken`` uses a global utility of the class\n``gocept.webtoken.CryptographicKeys``, which provides cryptographic keys for\ndifferent purposes. It loads a set of public and private keys from disk. It\ntakes the filesystem path to your key files and a list of key names::\n\n    >>> import gocept.webtoken\n    >>> import pkg_resources\n    >>> path_to_keys = pkg_resources.resource_filename(\n    ...     'gocept.webtoken', 'testing/keys')\n    >>> keys = gocept.webtoken.CryptographicKeys(\n    ...     path_to_keys, ['key1'])\n\nFor each of the names, a private key file of the same name and a public key\nfile (with a .pub suffix) must reside inside the keys_dir.\n\nThe utility needs to be registered at the ZCA, either via a zcml file or via::\n\n    >>> import zope.component\n    >>> zope.component.provideUtility(keys)\n\n\nCreating a token\n----------------\n\nCreate a signed web token with the function ``create_web_token``. You will need\nthe private key name, which was registered at the CryptographycKey utility. It\nis referenced by its name and the suffix ``-private``::\n\n    >>> expires_in = 300  # The token is valid for 300 seconds\n    >>> payload = {'your': 'data'}\n    >>> result = gocept.webtoken.create_web_token(\n    ...     'key1-private', 'issuer', 'subject', expires_in, payload)\n    >>> sorted(result.keys())\n    ['data', 'token']\n\nThe token is available under the key ``token``, while the data encoded in the\ntoken is placed under the key ``data``.\n\n\nCreating a Bearer Authorization header\n--------------------------------------\n\nYou can create an `Bearer Authorization header`_ either from a token_dict as\nreturned by create_web_token or from a token directly::\n\n    >>> gocept.webtoken.create_authorization_header(b'<TOKEN>')\n    ('Authorization', 'Bearer <TOKEN>')\n\n.. _`Bearer Authorization header`: https://tools.ietf.org/html/rfc6750#section-2.1\n\nExtracting a token from a Bearer Authorization header\n-----------------------------------------------------\n\nExtract the token from a dict containing the headers of you request or from the\nvalue of the HTTP Authorization header itself::\n\n    >>> request_headers = dict(Authorization='Bearer <TOKEN>')\n    >>> b'<TOKEN>' == gocept.webtoken.extract_token(request_headers)\n    True\n\n\nDecoding a token\n----------------\n\nDecode a signed web token with the function ``decode_web_token``. You will need\nthe public key name, which was registered at the CryptographycKey utility. It\nis referenced by its name and the suffix ``-public``::\n\n    >>> result = gocept.webtoken.decode_web_token(\n    ...     result['token'], 'key1-public', 'subject')\n\nNote that the subject must match the subject given when the token was created.\n\nThe result contains all data encoded in the token. You can find the payload\nunder the key ``data``::\n\n    >>> {'your': 'data'} == result['data']\n    True\n\n\ngocept.webtoken\n===============\n\n4.0 (2023-08-21)\n----------------\n\n- Drop support for Python 2.7, 3.5, 3.6.\n\n- Add support for Python 3.9, 3.10, 3.11.\n\n\n3.1.post1 (2020-04-08)\n----------------------\n\n- Drop faulty ``python_requires`` in `setup.py`.\n\n\n3.1 (2020-04-08)\n----------------\n\n- Migrate to Github.\n\n- Test with Python 3.8 and PyPy3.\n\n- Stop testing with Python 3.5.\n\n3.0 (2018-11-14)\n----------------\n\n- Change license from ZPL to MIT.\n\n- Add support for Python 3.7.\n\n- Drop support for Python 3.4.\n\n- Make subject check optional as some systems like Keycloak use a random\n  uuid as the subject which is unknown for the decoder.\n\n- Add `audience` parameter which is required to decode tokens generated\n  by Keycloak.\n\n\n2.0 (2018-01-08)\n----------------\n\n- Drop support for Python 3.3 but add it for 3.6.\n\n- Make `setup.py` compatible with newer `setuptools` versions by no longer\n  using absolute paths.\n\n\n1.2.1 (2015-10-08)\n------------------\n\n- Fix `extract_token` to accept any ``collections.Mapping`` derived object.\n\n\n1.2 (2015-10-08)\n----------------\n\n- Added helper functions to create a Bearer Authorization header and extract\n  a token from it.\n\n- Officially support Python 3.5.\n\n\n1.1 (2015-10-01)\n----------------\n\n- Shortened imports for `CryptographicKeys`, `create_web_token` and\n  `decode_web_token`, which are now importable directly from `gocept.webtoken`.\n\n- Added documentation.\n\n\n1.0 (2015-10-01)\n----------------\n\n* Add support for Python 3.3 and 3.4.\n\n* Initial release, extracted from internally used package.\n",
    "bugtrack_url": null,
    "license": "MIT",
    "summary": "Wrapper around JWT tokens and the Zope Component Architecture (ZCA).",
    "version": "4.0",
    "project_urls": {
        "Homepage": "https://github.com/gocept/gocept.webtoken"
    },
    "split_keywords": [
        "jwt",
        "token",
        "webtoken",
        "zca"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "1eb8e69b24a4d060fe55d6813607d7cf2fd580c4516a4080b1e1d352a189f364",
                "md5": "f3a71aa7eb453561d56d1e4e3cb2c047",
                "sha256": "a5347e2700a3ff85534ba4feb820379650c501a85106b84ee5f3a77dd8cb149f"
            },
            "downloads": -1,
            "filename": "gocept.webtoken-4.0-py2.py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "f3a71aa7eb453561d56d1e4e3cb2c047",
            "packagetype": "bdist_wheel",
            "python_version": "py2.py3",
            "requires_python": ">=3.7",
            "size": 17313,
            "upload_time": "2023-08-21T05:49:22",
            "upload_time_iso_8601": "2023-08-21T05:49:22.635770Z",
            "url": "https://files.pythonhosted.org/packages/1e/b8/e69b24a4d060fe55d6813607d7cf2fd580c4516a4080b1e1d352a189f364/gocept.webtoken-4.0-py2.py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "0e31bf6fd33b8ae53676a60f7d59a332be9642c5f772e6e5ae9c9e8741a63454",
                "md5": "e79403dc8cf4fcb80ea205dbc05d7be6",
                "sha256": "626588ecd486c28584a85dcf2532844c4529d11f691bfe3f49e04c5d25e348b0"
            },
            "downloads": -1,
            "filename": "gocept.webtoken-4.0.tar.gz",
            "has_sig": false,
            "md5_digest": "e79403dc8cf4fcb80ea205dbc05d7be6",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.7",
            "size": 16825,
            "upload_time": "2023-08-21T05:49:24",
            "upload_time_iso_8601": "2023-08-21T05:49:24.282160Z",
            "url": "https://files.pythonhosted.org/packages/0e/31/bf6fd33b8ae53676a60f7d59a332be9642c5f772e6e5ae9c9e8741a63454/gocept.webtoken-4.0.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2023-08-21 05:49:24",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "gocept",
    "github_project": "gocept.webtoken",
    "travis_ci": false,
    "coveralls": true,
    "github_actions": true,
    "tox": true,
    "lcname": "gocept.webtoken"
}
        
Elapsed time: 1.52452s