clear-skies 2.0.4__py3-none-any.whl → 2.0.5__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of clear-skies might be problematic. Click here for more details.
- clear_skies-2.0.5.dist-info/METADATA +74 -0
- clear_skies-2.0.5.dist-info/RECORD +4 -0
- {clear_skies-2.0.4.dist-info → clear_skies-2.0.5.dist-info}/WHEEL +1 -1
- clear_skies-2.0.4.dist-info/METADATA +0 -36
- clear_skies-2.0.4.dist-info/RECORD +0 -251
- clearskies/__init__.py +0 -61
- clearskies/action.py +0 -7
- clearskies/authentication/__init__.py +0 -15
- clearskies/authentication/authentication.py +0 -46
- clearskies/authentication/authorization.py +0 -16
- clearskies/authentication/authorization_pass_through.py +0 -20
- clearskies/authentication/jwks.py +0 -163
- clearskies/authentication/public.py +0 -5
- clearskies/authentication/secret_bearer.py +0 -553
- clearskies/autodoc/__init__.py +0 -8
- clearskies/autodoc/formats/__init__.py +0 -5
- clearskies/autodoc/formats/oai3_json/__init__.py +0 -7
- clearskies/autodoc/formats/oai3_json/oai3_json.py +0 -87
- clearskies/autodoc/formats/oai3_json/oai3_schema_resolver.py +0 -15
- clearskies/autodoc/formats/oai3_json/parameter.py +0 -35
- clearskies/autodoc/formats/oai3_json/request.py +0 -68
- clearskies/autodoc/formats/oai3_json/response.py +0 -28
- clearskies/autodoc/formats/oai3_json/schema/__init__.py +0 -11
- clearskies/autodoc/formats/oai3_json/schema/array.py +0 -9
- clearskies/autodoc/formats/oai3_json/schema/default.py +0 -13
- clearskies/autodoc/formats/oai3_json/schema/enum.py +0 -7
- clearskies/autodoc/formats/oai3_json/schema/object.py +0 -35
- clearskies/autodoc/formats/oai3_json/test.json +0 -1985
- clearskies/autodoc/py.typed +0 -0
- clearskies/autodoc/request/__init__.py +0 -15
- clearskies/autodoc/request/header.py +0 -6
- clearskies/autodoc/request/json_body.py +0 -6
- clearskies/autodoc/request/parameter.py +0 -8
- clearskies/autodoc/request/request.py +0 -47
- clearskies/autodoc/request/url_parameter.py +0 -6
- clearskies/autodoc/request/url_path.py +0 -6
- clearskies/autodoc/response/__init__.py +0 -5
- clearskies/autodoc/response/response.py +0 -9
- clearskies/autodoc/schema/__init__.py +0 -31
- clearskies/autodoc/schema/array.py +0 -10
- clearskies/autodoc/schema/base64.py +0 -8
- clearskies/autodoc/schema/boolean.py +0 -5
- clearskies/autodoc/schema/date.py +0 -5
- clearskies/autodoc/schema/datetime.py +0 -5
- clearskies/autodoc/schema/double.py +0 -5
- clearskies/autodoc/schema/enum.py +0 -17
- clearskies/autodoc/schema/integer.py +0 -6
- clearskies/autodoc/schema/long.py +0 -5
- clearskies/autodoc/schema/number.py +0 -6
- clearskies/autodoc/schema/object.py +0 -13
- clearskies/autodoc/schema/password.py +0 -5
- clearskies/autodoc/schema/schema.py +0 -11
- clearskies/autodoc/schema/string.py +0 -5
- clearskies/backends/__init__.py +0 -65
- clearskies/backends/api_backend.py +0 -1178
- clearskies/backends/backend.py +0 -136
- clearskies/backends/cursor_backend.py +0 -335
- clearskies/backends/memory_backend.py +0 -797
- clearskies/backends/secrets_backend.py +0 -106
- clearskies/column.py +0 -1233
- clearskies/columns/__init__.py +0 -71
- clearskies/columns/audit.py +0 -206
- clearskies/columns/belongs_to_id.py +0 -483
- clearskies/columns/belongs_to_model.py +0 -132
- clearskies/columns/belongs_to_self.py +0 -105
- clearskies/columns/boolean.py +0 -113
- clearskies/columns/category_tree.py +0 -275
- clearskies/columns/category_tree_ancestors.py +0 -51
- clearskies/columns/category_tree_children.py +0 -127
- clearskies/columns/category_tree_descendants.py +0 -48
- clearskies/columns/created.py +0 -95
- clearskies/columns/created_by_authorization_data.py +0 -116
- clearskies/columns/created_by_header.py +0 -99
- clearskies/columns/created_by_ip.py +0 -92
- clearskies/columns/created_by_routing_data.py +0 -97
- clearskies/columns/created_by_user_agent.py +0 -92
- clearskies/columns/date.py +0 -234
- clearskies/columns/datetime.py +0 -282
- clearskies/columns/email.py +0 -76
- clearskies/columns/float.py +0 -153
- clearskies/columns/has_many.py +0 -505
- clearskies/columns/has_many_self.py +0 -56
- clearskies/columns/has_one.py +0 -14
- clearskies/columns/integer.py +0 -160
- clearskies/columns/json.py +0 -126
- clearskies/columns/many_to_many_ids.py +0 -337
- clearskies/columns/many_to_many_ids_with_data.py +0 -274
- clearskies/columns/many_to_many_models.py +0 -158
- clearskies/columns/many_to_many_pivots.py +0 -134
- clearskies/columns/phone.py +0 -159
- clearskies/columns/select.py +0 -92
- clearskies/columns/string.py +0 -102
- clearskies/columns/timestamp.py +0 -164
- clearskies/columns/updated.py +0 -110
- clearskies/columns/uuid.py +0 -86
- clearskies/configs/README.md +0 -105
- clearskies/configs/__init__.py +0 -162
- clearskies/configs/actions.py +0 -43
- clearskies/configs/any.py +0 -13
- clearskies/configs/any_dict.py +0 -22
- clearskies/configs/any_dict_or_callable.py +0 -23
- clearskies/configs/authentication.py +0 -23
- clearskies/configs/authorization.py +0 -23
- clearskies/configs/boolean.py +0 -16
- clearskies/configs/boolean_or_callable.py +0 -18
- clearskies/configs/callable_config.py +0 -18
- clearskies/configs/columns.py +0 -34
- clearskies/configs/conditions.py +0 -30
- clearskies/configs/config.py +0 -24
- clearskies/configs/datetime.py +0 -18
- clearskies/configs/datetime_or_callable.py +0 -19
- clearskies/configs/endpoint.py +0 -23
- clearskies/configs/endpoint_list.py +0 -28
- clearskies/configs/float.py +0 -16
- clearskies/configs/float_or_callable.py +0 -18
- clearskies/configs/integer.py +0 -16
- clearskies/configs/integer_or_callable.py +0 -18
- clearskies/configs/joins.py +0 -30
- clearskies/configs/list_any_dict.py +0 -30
- clearskies/configs/list_any_dict_or_callable.py +0 -31
- clearskies/configs/model_class.py +0 -35
- clearskies/configs/model_column.py +0 -65
- clearskies/configs/model_columns.py +0 -56
- clearskies/configs/model_destination_name.py +0 -25
- clearskies/configs/model_to_id_column.py +0 -43
- clearskies/configs/readable_model_column.py +0 -9
- clearskies/configs/readable_model_columns.py +0 -9
- clearskies/configs/schema.py +0 -23
- clearskies/configs/searchable_model_columns.py +0 -9
- clearskies/configs/security_headers.py +0 -39
- clearskies/configs/select.py +0 -26
- clearskies/configs/select_list.py +0 -47
- clearskies/configs/string.py +0 -29
- clearskies/configs/string_dict.py +0 -32
- clearskies/configs/string_list.py +0 -32
- clearskies/configs/string_list_or_callable.py +0 -35
- clearskies/configs/string_or_callable.py +0 -18
- clearskies/configs/timedelta.py +0 -18
- clearskies/configs/timezone.py +0 -18
- clearskies/configs/url.py +0 -23
- clearskies/configs/validators.py +0 -45
- clearskies/configs/writeable_model_column.py +0 -9
- clearskies/configs/writeable_model_columns.py +0 -9
- clearskies/configurable.py +0 -76
- clearskies/contexts/__init__.py +0 -11
- clearskies/contexts/cli.py +0 -117
- clearskies/contexts/context.py +0 -98
- clearskies/contexts/wsgi.py +0 -76
- clearskies/contexts/wsgi_ref.py +0 -82
- clearskies/decorators.py +0 -33
- clearskies/di/__init__.py +0 -14
- clearskies/di/additional_config.py +0 -130
- clearskies/di/additional_config_auto_import.py +0 -17
- clearskies/di/di.py +0 -973
- clearskies/di/inject/__init__.py +0 -23
- clearskies/di/inject/by_class.py +0 -21
- clearskies/di/inject/by_name.py +0 -18
- clearskies/di/inject/di.py +0 -13
- clearskies/di/inject/environment.py +0 -14
- clearskies/di/inject/input_output.py +0 -20
- clearskies/di/inject/now.py +0 -13
- clearskies/di/inject/requests.py +0 -13
- clearskies/di/inject/secrets.py +0 -14
- clearskies/di/inject/utcnow.py +0 -13
- clearskies/di/inject/uuid.py +0 -15
- clearskies/di/injectable.py +0 -29
- clearskies/di/injectable_properties.py +0 -131
- clearskies/di/test_module/__init__.py +0 -6
- clearskies/di/test_module/another_module/__init__.py +0 -2
- clearskies/di/test_module/module_class.py +0 -5
- clearskies/end.py +0 -183
- clearskies/endpoint.py +0 -1314
- clearskies/endpoint_group.py +0 -338
- clearskies/endpoints/__init__.py +0 -25
- clearskies/endpoints/advanced_search.py +0 -526
- clearskies/endpoints/callable.py +0 -388
- clearskies/endpoints/create.py +0 -205
- clearskies/endpoints/delete.py +0 -139
- clearskies/endpoints/get.py +0 -271
- clearskies/endpoints/health_check.py +0 -183
- clearskies/endpoints/list.py +0 -574
- clearskies/endpoints/restful_api.py +0 -427
- clearskies/endpoints/schema.py +0 -189
- clearskies/endpoints/simple_search.py +0 -286
- clearskies/endpoints/update.py +0 -193
- clearskies/environment.py +0 -104
- clearskies/exceptions/__init__.py +0 -19
- clearskies/exceptions/authentication.py +0 -2
- clearskies/exceptions/authorization.py +0 -2
- clearskies/exceptions/client_error.py +0 -2
- clearskies/exceptions/input_errors.py +0 -4
- clearskies/exceptions/missing_dependency.py +0 -2
- clearskies/exceptions/moved_permanently.py +0 -3
- clearskies/exceptions/moved_temporarily.py +0 -3
- clearskies/exceptions/not_found.py +0 -2
- clearskies/functional/__init__.py +0 -7
- clearskies/functional/routing.py +0 -92
- clearskies/functional/string.py +0 -112
- clearskies/functional/validations.py +0 -76
- clearskies/input_outputs/__init__.py +0 -13
- clearskies/input_outputs/cli.py +0 -171
- clearskies/input_outputs/exceptions/__init__.py +0 -2
- clearskies/input_outputs/exceptions/cli_input_error.py +0 -2
- clearskies/input_outputs/exceptions/cli_not_found.py +0 -2
- clearskies/input_outputs/headers.py +0 -45
- clearskies/input_outputs/input_output.py +0 -138
- clearskies/input_outputs/programmatic.py +0 -69
- clearskies/input_outputs/py.typed +0 -0
- clearskies/input_outputs/wsgi.py +0 -77
- clearskies/model.py +0 -1922
- clearskies/py.typed +0 -0
- clearskies/query/__init__.py +0 -12
- clearskies/query/condition.py +0 -223
- clearskies/query/join.py +0 -136
- clearskies/query/query.py +0 -196
- clearskies/query/sort.py +0 -27
- clearskies/schema.py +0 -82
- clearskies/secrets/__init__.py +0 -6
- clearskies/secrets/additional_configs/__init__.py +0 -32
- clearskies/secrets/additional_configs/mysql_connection_dynamic_producer.py +0 -61
- clearskies/secrets/additional_configs/mysql_connection_dynamic_producer_via_ssh_cert_bastion.py +0 -160
- clearskies/secrets/akeyless.py +0 -182
- clearskies/secrets/exceptions/__init__.py +0 -1
- clearskies/secrets/exceptions/not_found.py +0 -2
- clearskies/secrets/secrets.py +0 -38
- clearskies/security_header.py +0 -15
- clearskies/security_headers/__init__.py +0 -11
- clearskies/security_headers/cache_control.py +0 -67
- clearskies/security_headers/cors.py +0 -50
- clearskies/security_headers/csp.py +0 -94
- clearskies/security_headers/hsts.py +0 -22
- clearskies/security_headers/x_content_type_options.py +0 -0
- clearskies/security_headers/x_frame_options.py +0 -0
- clearskies/test_base.py +0 -8
- clearskies/typing.py +0 -11
- clearskies/validator.py +0 -37
- clearskies/validators/__init__.py +0 -33
- clearskies/validators/after_column.py +0 -62
- clearskies/validators/before_column.py +0 -13
- clearskies/validators/in_the_future.py +0 -32
- clearskies/validators/in_the_future_at_least.py +0 -11
- clearskies/validators/in_the_future_at_most.py +0 -10
- clearskies/validators/in_the_past.py +0 -32
- clearskies/validators/in_the_past_at_least.py +0 -10
- clearskies/validators/in_the_past_at_most.py +0 -10
- clearskies/validators/maximum_length.py +0 -26
- clearskies/validators/maximum_value.py +0 -29
- clearskies/validators/minimum_length.py +0 -26
- clearskies/validators/minimum_value.py +0 -29
- clearskies/validators/required.py +0 -34
- clearskies/validators/timedelta.py +0 -59
- clearskies/validators/unique.py +0 -30
- {clear_skies-2.0.4.dist-info → clear_skies-2.0.5.dist-info/licenses}/LICENSE +0 -0
|
@@ -1,163 +0,0 @@
|
|
|
1
|
-
import json
|
|
2
|
-
from typing import Any
|
|
3
|
-
|
|
4
|
-
import clearskies.configs
|
|
5
|
-
import clearskies.decorators
|
|
6
|
-
import clearskies.di
|
|
7
|
-
from clearskies.authentication.authentication import Authentication
|
|
8
|
-
from clearskies.exceptions import ClientError
|
|
9
|
-
from clearskies.security_headers.cors import Cors
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
class Jwks(Authentication, clearskies.di.InjectableProperties):
|
|
13
|
-
"""
|
|
14
|
-
Validate a JWT against a JWKS (JSON Web Key Set)
|
|
15
|
-
"""
|
|
16
|
-
|
|
17
|
-
"""
|
|
18
|
-
The URL of the JWKS
|
|
19
|
-
"""
|
|
20
|
-
jwks_url = clearskies.configs.String(required=True)
|
|
21
|
-
|
|
22
|
-
"""
|
|
23
|
-
The audience to accept JWTs for.
|
|
24
|
-
"""
|
|
25
|
-
audience = clearskies.configs.StringList(default=[])
|
|
26
|
-
|
|
27
|
-
"""
|
|
28
|
-
The expected issuer of the JWTs.
|
|
29
|
-
"""
|
|
30
|
-
issuer = clearskies.configs.String(default="")
|
|
31
|
-
|
|
32
|
-
"""
|
|
33
|
-
The allowed algorithms
|
|
34
|
-
"""
|
|
35
|
-
algorithms = clearskies.configs.StringList(default=["RS256"])
|
|
36
|
-
|
|
37
|
-
"""
|
|
38
|
-
The number of seconds for which the JWKS URL contents can be cached
|
|
39
|
-
"""
|
|
40
|
-
jwks_cache_time = clearskies.configs.Integer(default=86400)
|
|
41
|
-
|
|
42
|
-
"""
|
|
43
|
-
The Authorization URL (used in the auto-generated documentation)
|
|
44
|
-
"""
|
|
45
|
-
authorization_url = clearskies.configs.String()
|
|
46
|
-
|
|
47
|
-
"""
|
|
48
|
-
The name of the security scheme in the auto-generated documentation.
|
|
49
|
-
"""
|
|
50
|
-
documentation_security_name = clearskies.configs.String(default="jwt")
|
|
51
|
-
|
|
52
|
-
"""
|
|
53
|
-
The environment helper.
|
|
54
|
-
"""
|
|
55
|
-
environment = clearskies.di.inject.Environment()
|
|
56
|
-
|
|
57
|
-
"""
|
|
58
|
-
The requests object.
|
|
59
|
-
"""
|
|
60
|
-
requests = clearskies.di.inject.Requests()
|
|
61
|
-
|
|
62
|
-
"""
|
|
63
|
-
The JoseJwt library
|
|
64
|
-
"""
|
|
65
|
-
jose_jwt = clearskies.di.inject.ByName("jose_jwt")
|
|
66
|
-
|
|
67
|
-
"""
|
|
68
|
-
The current time
|
|
69
|
-
"""
|
|
70
|
-
now = clearskies.di.inject.Now()
|
|
71
|
-
|
|
72
|
-
"""
|
|
73
|
-
Local cache of the JWKS
|
|
74
|
-
"""
|
|
75
|
-
_jwks = None
|
|
76
|
-
|
|
77
|
-
"""
|
|
78
|
-
The time when the JWKS was last fetched
|
|
79
|
-
"""
|
|
80
|
-
_jwks_fetched = None
|
|
81
|
-
|
|
82
|
-
@clearskies.decorators.parameters_to_properties
|
|
83
|
-
def __init__(
|
|
84
|
-
self,
|
|
85
|
-
jwks_url: str,
|
|
86
|
-
audience: str = "",
|
|
87
|
-
issuer: str = "",
|
|
88
|
-
algorithms: list[str] = ["RS256"],
|
|
89
|
-
jwks_cache_time: int = 86400,
|
|
90
|
-
authorization_url: str = "",
|
|
91
|
-
documentation_security_name: str = "jwt",
|
|
92
|
-
):
|
|
93
|
-
self.finalize_and_validate_configuration()
|
|
94
|
-
|
|
95
|
-
def authenticate(self, input_output) -> bool:
|
|
96
|
-
auth_header = input_output.get_request_header("authorization", True)
|
|
97
|
-
if not auth_header:
|
|
98
|
-
raise ClientError("Missing 'Authorization' header in request")
|
|
99
|
-
if auth_header[:7].lower() != "bearer ":
|
|
100
|
-
raise ClientError("Missing 'Bearer ' prefix in authorization header")
|
|
101
|
-
self.validate_jwt(auth_header[7:])
|
|
102
|
-
input_output.authorization_data = self.jwt_claims
|
|
103
|
-
return True
|
|
104
|
-
|
|
105
|
-
def validate_jwt(self, raw_jwt):
|
|
106
|
-
try:
|
|
107
|
-
from jwcrypto import jwk, jws, jwt # type: ignore
|
|
108
|
-
from jwcrypto.common import JWException # type: ignore
|
|
109
|
-
except:
|
|
110
|
-
raise ValueError(
|
|
111
|
-
"The JWKS authentication method requires the jwcrypto libraries to be installed. These are optional dependencies of clearskies, so to include them do a `pip install 'clear-skies[jwcrypto]'`"
|
|
112
|
-
)
|
|
113
|
-
|
|
114
|
-
keys = jwk.JWKSet()
|
|
115
|
-
keys.import_keyset(json.dumps(self._get_jwks()))
|
|
116
|
-
|
|
117
|
-
client_jwt = jwt.JWT()
|
|
118
|
-
try:
|
|
119
|
-
client_jwt.deserialize(raw_jwt)
|
|
120
|
-
except Exception as e:
|
|
121
|
-
raise ClientError(str(e))
|
|
122
|
-
|
|
123
|
-
try:
|
|
124
|
-
client_jwt.validate(keys)
|
|
125
|
-
self.jwt_claims = json.loads(client_jwt.claims)
|
|
126
|
-
except JWException as e:
|
|
127
|
-
raise ClientError(str(e))
|
|
128
|
-
|
|
129
|
-
if self.issuer and self.jwt_claims.get("iss") != self.issuer:
|
|
130
|
-
raise ClientError("Issuer does not match")
|
|
131
|
-
|
|
132
|
-
if self.audience:
|
|
133
|
-
jwt_audience = self.jwt_claims.get("aud")
|
|
134
|
-
if not jwt_audience:
|
|
135
|
-
raise ClientError("Audience required, but missing in JWT")
|
|
136
|
-
has_match = False
|
|
137
|
-
for audience in jwt_audience:
|
|
138
|
-
if audience == self.audience:
|
|
139
|
-
has_match = True
|
|
140
|
-
if not has_match:
|
|
141
|
-
raise ClientError("Audience does not match")
|
|
142
|
-
|
|
143
|
-
return True
|
|
144
|
-
|
|
145
|
-
def _get_jwks(self):
|
|
146
|
-
if self._jwks is None or ((self.now - self._jwks_fetched).total_seconds() > self.jwks_cache_time):
|
|
147
|
-
self._jwks = self.requests.get(self.jwks_url).json()
|
|
148
|
-
self._jwks_fetched = self.now
|
|
149
|
-
|
|
150
|
-
return self._jwks
|
|
151
|
-
|
|
152
|
-
def documentation_security_scheme(self) -> dict[str, Any]:
|
|
153
|
-
return {
|
|
154
|
-
"type": "oauth2",
|
|
155
|
-
"description": "JWT based authentication",
|
|
156
|
-
"flows": {"implicit": {"authorizationUrl": self.authorization_url, "scopes": {}}},
|
|
157
|
-
}
|
|
158
|
-
|
|
159
|
-
def documentation_security_scheme_name(self) -> str:
|
|
160
|
-
return self.documentation_security_name
|
|
161
|
-
|
|
162
|
-
def set_headers_for_cors(self, cors: Cors):
|
|
163
|
-
cors.add_header("Authorization")
|