cardo-python-utils 0.5.dev55__tar.gz → 0.5.1__tar.gz

{cardo_python_utils-0.5.dev55/cardo_python_utils.egg-info → cardo_python_utils-0.5.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cardo-python-utils
-Version: 0.5.dev55
+Version: 0.5.1
 Summary: Python library enhanced with a wide range of functions for different scenarios.
 Author-email: CardoAI <hello@cardoai.com>
 License: MIT

{cardo_python_utils-0.5.dev55 → cardo_python_utils-0.5.1/cardo_python_utils.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cardo-python-utils
-Version: 0.5.dev55
+Version: 0.5.1
 Summary: Python library enhanced with a wide range of functions for different scenarios.
 Author-email: CardoAI <hello@cardoai.com>
 License: MIT

{cardo_python_utils-0.5.dev55 → cardo_python_utils-0.5.1}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "cardo-python-utils"
-version = "0.5.dev55"
+version = "0.5.1"
 description = "Python library enhanced with a wide range of functions for different scenarios."
 readme = "README.rst"
 requires-python = ">=3.8"

{cardo_python_utils-0.5.dev55 → cardo_python_utils-0.5.1}/python_utils/django/api/drf.py

@@ -1,5 +1,5 @@
 from django.conf import settings
-from jwt.exceptions import ExpiredSignatureError, InvalidTokenError, PyJWKClientError
+from jwt.exceptions import ExpiredSignatureError, PyJWTError
 
 from rest_framework import authentication
 from rest_framework.exceptions import AuthenticationFailed, PermissionDenied
@@ -16,19 +16,17 @@ class AuthenticationBackend(authentication.TokenAuthentication):
             payload = decode_jwt(token, audience=self._get_audience())
         except ExpiredSignatureError as e:
             raise AuthenticationFailed("Token has expired.") from e
-        except (InvalidTokenError, PyJWKClientError) as e:
+        except PyJWTError as e:
             raise PermissionDenied(f"Invalid token: {str(e)}") from e
 
         try:
             username = payload["preferred_username"]
         except KeyError as e:
-            raise PermissionDenied(
-                "Invalid token: preferred_username not present."
-            ) from e
+            raise PermissionDenied("Invalid token: preferred_username not present.") from e
 
         user = create_or_update_user(username, payload)
         return user, payload
-    
+
     def _get_audience(self):
         """
         Allows subclasses to override the audience used for JWT decoding.
@@ -50,9 +48,9 @@ class HasScope(BasePermission):
         allowed_scopes = ["jobs"]
         ...
 
-    It is possible to define different scopes per HTTP method 
+    It is possible to define different scopes per HTTP method
     by setting `allowed_scopes` as a dict:
-    
+
     class MyApiView(APIView):
         permission_classes = [IsAuthenticated, HasScope]
         allowed_scopes = {
@@ -73,7 +71,7 @@ class HasScope(BasePermission):
                 f"No allowed_scopes defined on the view '{view.__class__.__name__}'. "
                 "Define allowed_scopes or set it to '*' to allow any scope."
             )
-        
+
         if isinstance(allowed_scopes, dict):
             allowed_scopes = allowed_scopes.get(request.method.lower(), [])
 

{cardo_python_utils-0.5.dev55 → cardo_python_utils-0.5.1}/python_utils/django/api/ninja.py

@@ -1,12 +1,12 @@
 import logging
 from typing import Literal, Optional, Union
 
-from jwt.exceptions import ExpiredSignatureError, InvalidTokenError, PyJWKClientError
+from jwt.exceptions import ExpiredSignatureError, PyJWTError
 
 from django.conf import settings
 from django.http import HttpRequest
 from ninja.security import HttpBearer
-from ninja.errors import AuthenticationError, AuthorizationError, HttpError
+from ninja.errors import AuthenticationError, HttpError
 
 from .utils import (
     acreate_or_update_user,
@@ -63,14 +63,14 @@ class AuthBearer(HttpBearer):
             return decode_jwt(token)
         except ExpiredSignatureError as e:
             raise AuthenticationError("Token has expired.") from e
-        except (InvalidTokenError, PyJWKClientError) as e:
-            raise AuthorizationError(f"Invalid token: {str(e)}") from e
+        except PyJWTError as e:
+            raise AuthenticationError(f"Invalid token: {str(e)}") from e
 
     def _get_username(self, payload: TokenPayload) -> str:
         try:
             return payload["preferred_username"]
         except KeyError as e:
-            raise AuthorizationError("Invalid token: 'preferred_username' claim not present.") from e
+            raise AuthenticationError("Invalid token: 'preferred_username' claim not present.") from e
 
     def _verify_scopes(self, request, token_payload):
         allowed_scopes = self._get_view_allowed_scopes(request)

{cardo_python_utils-0.5.dev55 → cardo_python_utils-0.5.1}/python_utils/django/middleware/tenant_aware_websocket_middleware.py

@@ -3,6 +3,7 @@ from urllib.parse import parse_qs
 
 from django.conf import settings
 from django.contrib.auth import get_user_model
+from jwt.exceptions import PyJWTError
 
 from ..api.utils import decode_jwt, TokenPayload
 from ..settings import DEVELOPMENT_TENANT
@@ -50,7 +51,13 @@ class TenantAwareWebsocketMiddleware:
         tenant = self._get_tenant(scope)
 
         async with TenantContext(tenant):
-            token_payload: TokenPayload = decode_jwt(access_token)
+            try:
+                token_payload: TokenPayload = decode_jwt(access_token)
+            except PyJWTError as e:
+                logger.info(f"Failed to decode JWT token: {e}")
+                await self._reject_connection(send, f"Invalid authorization token: {str(e)}")
+                return
+
             username = token_payload.get("preferred_username")
             if not username:
                 await self._reject_connection(send, "Username cannot be extracted from the token")
@@ -84,9 +91,7 @@ class TenantAwareWebsocketMiddleware:
         Returns:
             None
         """
-        await send(
-            {"type": "websocket.close", "code": 4000, "reason": reason}
-        )  # Custom close code for rejection
+        await send({"type": "websocket.close", "code": 4000, "reason": reason})  # Custom close code for rejection
 
     def _get_tenant(self, scope) -> str:
         """
@@ -110,9 +115,7 @@ class TenantAwareWebsocketMiddleware:
             logger.debug(f"Tenant '{tenant}' extracted from websocket host: {host}")
             return tenant
 
-        raise Exception(
-            f"Could not determine tenant from websocket subdomain. Host: {host}"
-        )
+        raise Exception(f"Could not determine tenant from websocket subdomain. Host: {host}")
 
     @staticmethod
     def _get_host_from_scope(scope) -> str: