cardo-python-utils 0.5.dev15__py3-none-any.whl → 0.5.dev16__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {cardo_python_utils-0.5.dev15.dist-info → cardo_python_utils-0.5.dev16.dist-info}/METADATA +1 -1
- {cardo_python_utils-0.5.dev15.dist-info → cardo_python_utils-0.5.dev16.dist-info}/RECORD +7 -7
- python_utils/django/keycloak/api/drf.py +7 -1
- python_utils/django/keycloak/api/utils.py +6 -3
- {cardo_python_utils-0.5.dev15.dist-info → cardo_python_utils-0.5.dev16.dist-info}/WHEEL +0 -0
- {cardo_python_utils-0.5.dev15.dist-info → cardo_python_utils-0.5.dev16.dist-info}/licenses/LICENSE +0 -0
- {cardo_python_utils-0.5.dev15.dist-info → cardo_python_utils-0.5.dev16.dist-info}/top_level.txt +0 -0
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
cardo_python_utils-0.5.
|
|
1
|
+
cardo_python_utils-0.5.dev16.dist-info/licenses/LICENSE,sha256=N-YtxDy8n5A1Mo7JKKItNIlboiK_pMOZ48ojx76jo3g,1046
|
|
2
2
|
python_utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
3
3
|
python_utils/choices.py,sha256=_sLNkSnQqhg55gGKNRsOQCJ75W6gnz8J8Q00528MEYk,2548
|
|
4
4
|
python_utils/data_structures.py,sha256=ZqkZYPy20zyGYOVhwb9qst4vF_P7X2A9z5E36rMUC6I,16820
|
|
@@ -18,12 +18,12 @@ python_utils/django/keycloak/admin/auth.py,sha256=0aB3kP7r3Vk1xTM341os5-pv_JVv1l
|
|
|
18
18
|
python_utils/django/keycloak/admin/user_group.py,sha256=3-zfrehLR_nVP-60Zw4ViJjBY1lLAmmlbXaUW1pQs4Q,2668
|
|
19
19
|
python_utils/django/keycloak/admin/user_groups_changelist.html,sha256=KbO6bsH-nh3DDYCq4UB8j25NdjLP_nh_GuGZ4lYSarM,182
|
|
20
20
|
python_utils/django/keycloak/api/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
21
|
-
python_utils/django/keycloak/api/drf.py,sha256=
|
|
21
|
+
python_utils/django/keycloak/api/drf.py,sha256=i4vZoZXta8IOsGO5YerAEfVyc9jMyD95lVePuaB4eeg,2919
|
|
22
22
|
python_utils/django/keycloak/api/ninja.py,sha256=PO_i-Wr_sK8f45KddKDg5kMAfiEEN1DibYlsMEYYom8,4727
|
|
23
|
-
python_utils/django/keycloak/api/utils.py,sha256=
|
|
23
|
+
python_utils/django/keycloak/api/utils.py,sha256=yGUrB1LGatGVy0PFuFhz3t5INWr0xcarGnoZg2-q3B8,2974
|
|
24
24
|
python_utils/django/keycloak/models/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
25
25
|
python_utils/django/keycloak/models/user_group.py,sha256=WU_KClfj-pboDIKUDHZQfQuhAPIPXgP-LrEvg9XJjmA,504
|
|
26
|
-
cardo_python_utils-0.5.
|
|
27
|
-
cardo_python_utils-0.5.
|
|
28
|
-
cardo_python_utils-0.5.
|
|
29
|
-
cardo_python_utils-0.5.
|
|
26
|
+
cardo_python_utils-0.5.dev16.dist-info/METADATA,sha256=OqQtC4cfsEKsNt6h98GflZ6lDsQNcPZwXiBZnatz6tE,2915
|
|
27
|
+
cardo_python_utils-0.5.dev16.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
|
|
28
|
+
cardo_python_utils-0.5.dev16.dist-info/top_level.txt,sha256=zAx6OfEsjJs8BEW3okSiG_j9gpkI69xWShzum6oBgKI,13
|
|
29
|
+
cardo_python_utils-0.5.dev16.dist-info/RECORD,,
|
|
@@ -13,7 +13,7 @@ class AuthenticationBackend(authentication.TokenAuthentication):
|
|
|
13
13
|
|
|
14
14
|
def authenticate_credentials(self, token: str):
|
|
15
15
|
try:
|
|
16
|
-
payload = decode_jwt(token)
|
|
16
|
+
payload = decode_jwt(token, audience=self._get_audience())
|
|
17
17
|
except InvalidTokenError as e:
|
|
18
18
|
raise AuthenticationFailed(f"Invalid token: {str(e)}") from e
|
|
19
19
|
|
|
@@ -26,6 +26,12 @@ class AuthenticationBackend(authentication.TokenAuthentication):
|
|
|
26
26
|
|
|
27
27
|
user = create_or_update_user(username, payload)
|
|
28
28
|
return user, payload
|
|
29
|
+
|
|
30
|
+
def _get_audience(self):
|
|
31
|
+
"""
|
|
32
|
+
Allows subclasses to override the audience used for JWT decoding.
|
|
33
|
+
"""
|
|
34
|
+
return getattr(settings, "JWT_AUDIENCE", None)
|
|
29
35
|
|
|
30
36
|
|
|
31
37
|
class HasScope(BasePermission):
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
from typing import TypedDict, Union
|
|
1
|
+
from typing import Optional, TypedDict, Union
|
|
2
2
|
|
|
3
3
|
from django.conf import settings
|
|
4
4
|
from django.contrib.auth import get_user_model
|
|
@@ -27,7 +27,7 @@ class TokenPayload(TypedDict, total=False):
|
|
|
27
27
|
groups: list[str] # Full path of the user group, e.g. "/group1/subgroup1"
|
|
28
28
|
|
|
29
29
|
|
|
30
|
-
def decode_jwt(token: str) -> TokenPayload:
|
|
30
|
+
def decode_jwt(token: str, audience: Optional[str] = None) -> TokenPayload:
|
|
31
31
|
"""
|
|
32
32
|
Decode a JWT token using the public certificate of the Auth Server.
|
|
33
33
|
|
|
@@ -36,11 +36,14 @@ def decode_jwt(token: str) -> TokenPayload:
|
|
|
36
36
|
"""
|
|
37
37
|
signing_key = jwks_client.get_signing_key_from_jwt(token)
|
|
38
38
|
|
|
39
|
+
if audience is None:
|
|
40
|
+
audience = getattr(settings, "JWT_AUDIENCE", None)
|
|
41
|
+
|
|
39
42
|
return decode(
|
|
40
43
|
token,
|
|
41
44
|
signing_key.key,
|
|
42
45
|
algorithms=["RS256"],
|
|
43
|
-
audience=
|
|
46
|
+
audience=audience,
|
|
44
47
|
)
|
|
45
48
|
|
|
46
49
|
|
|
File without changes
|
{cardo_python_utils-0.5.dev15.dist-info → cardo_python_utils-0.5.dev16.dist-info}/licenses/LICENSE
RENAMED
|
File without changes
|
{cardo_python_utils-0.5.dev15.dist-info → cardo_python_utils-0.5.dev16.dist-info}/top_level.txt
RENAMED
|
File without changes
|