dj-jwt-auth 1.9.4__tar.gz → 1.9.5__tar.gz

{dj_jwt_auth-1.9.4 → dj_jwt_auth-1.9.5}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dj-jwt-auth
-Version: 1.9.4
+Version: 1.9.5
 Summary: A Django package for JSON Web Token validation and verification. Using PyJWT.
 Home-page: https://www.example.com/
 Author: Konstantin Seleznev
@@ -102,12 +102,9 @@ OR
 These functions should accept two arguments: user and request.
 
 ### Admin panel integration:
-To integrate admin panel with OIDC, add OIDC_ADMIN_ISSUER and OIDC_ADMIN_CLIENT_ID to settings.
-- OIDC_ADMIN_ISSUER - for admin-panel access through OIDC. By default will be used 'ES256' from OIDC_CONFIG_ROUTES. Example: 
-```
-    OIDC_ADMIN_ISSUER = "https://keyCloak/realms/h/.well-known/openid-configuration"
-```
+To integrate admin panel with OIDC, add OIDC_ADMIN_CLIENT_ID to settings. Example:
 - OIDC_ADMIN_CLIENT_ID - by default "complete-anatomy"
+By default will be used 'ES256' from OIDC_CONFIG_ROUTES as Issuer.
 To mapping roles to admin panel permissions, use OIDC_ADMIN_ROLES. Example:
 
 ```python

{dj_jwt_auth-1.9.4 → dj_jwt_auth-1.9.5}/README.md

@@ -73,12 +73,9 @@ OR
 These functions should accept two arguments: user and request.
 
 ### Admin panel integration:
-To integrate admin panel with OIDC, add OIDC_ADMIN_ISSUER and OIDC_ADMIN_CLIENT_ID to settings.
-- OIDC_ADMIN_ISSUER - for admin-panel access through OIDC. By default will be used 'ES256' from OIDC_CONFIG_ROUTES. Example: 
-```
-    OIDC_ADMIN_ISSUER = "https://keyCloak/realms/h/.well-known/openid-configuration"
-```
+To integrate admin panel with OIDC, add OIDC_ADMIN_CLIENT_ID to settings. Example:
 - OIDC_ADMIN_CLIENT_ID - by default "complete-anatomy"
+By default will be used 'ES256' from OIDC_CONFIG_ROUTES as Issuer.
 To mapping roles to admin panel permissions, use OIDC_ADMIN_ROLES. Example:
 
 ```python

{dj_jwt_auth-1.9.4 → dj_jwt_auth-1.9.5}/dj_jwt_auth.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dj-jwt-auth
-Version: 1.9.4
+Version: 1.9.5
 Summary: A Django package for JSON Web Token validation and verification. Using PyJWT.
 Home-page: https://www.example.com/
 Author: Konstantin Seleznev
@@ -102,12 +102,9 @@ OR
 These functions should accept two arguments: user and request.
 
 ### Admin panel integration:
-To integrate admin panel with OIDC, add OIDC_ADMIN_ISSUER and OIDC_ADMIN_CLIENT_ID to settings.
-- OIDC_ADMIN_ISSUER - for admin-panel access through OIDC. By default will be used 'ES256' from OIDC_CONFIG_ROUTES. Example: 
-```
-    OIDC_ADMIN_ISSUER = "https://keyCloak/realms/h/.well-known/openid-configuration"
-```
+To integrate admin panel with OIDC, add OIDC_ADMIN_CLIENT_ID to settings. Example:
 - OIDC_ADMIN_CLIENT_ID - by default "complete-anatomy"
+By default will be used 'ES256' from OIDC_CONFIG_ROUTES as Issuer.
 To mapping roles to admin panel permissions, use OIDC_ADMIN_ROLES. Example:
 
 ```python

{dj_jwt_auth-1.9.4 → dj_jwt_auth-1.9.5}/django_jwt/config.py

@@ -1,4 +1,5 @@
 import json
+from enum import StrEnum
 from functools import cache
 from urllib.parse import urljoin
 
@@ -9,6 +10,11 @@ from django_jwt import settings
 from django_jwt.exceptions import AlgorithmNotSupportedException, ConfigException
 
 
+class SupportedAlgorithms(StrEnum):
+    ES256 = "ES256"
+    RS256 = "RS256"
+
+
 def ensure_well_known(url: str) -> str:
     if url.endswith(".well-known/openid-configuration"):
         return url
@@ -42,13 +48,5 @@ class Config:
                 algorithm = RSAAlgorithm if key_data["kty"] == "RSA" else ECAlgorithm
                 return algorithm.from_jwk(json.dumps(key_data))
 
-    @cache
-    def admin(self) -> dict:
-        if settings.OIDC_ADMIN_ISSUER:
-            response = requests.get(ensure_well_known(settings.OIDC_ADMIN_ISSUER))
-            response.raise_for_status()
-            return response.json()
-        raise ConfigException("OIDC_ADMIN_ISSUER is not set")
-
 
 config = Config()

{dj_jwt_auth-1.9.4 → dj_jwt_auth-1.9.5}/django_jwt/settings.py

@@ -38,7 +38,6 @@ OIDC_USER_ON_UPDATE = getattr(
 )
 
 OIDC_CONFIG_ROUTES = getattr(settings, "OIDC_CONFIG_ROUTES", {})
-OIDC_ADMIN_ISSUER = getattr(settings, "OIDC_ADMIN_ISSUER", None)
 OIDC_ADMIN_CLIENT_ID = getattr(settings, "OIDC_ADMIN_CLIENT_ID", "gme-completeanatomy-admin")
 OIDC_ADMIN_SCOPE = getattr(settings, "OIDC_ADMIN_SCOPE", "openid")
 OIDC_ADMIN_ROLES = getattr(settings, "OIDC_ADMIN_ROLES", [])
@@ -49,9 +48,6 @@ OIDC_AUTHORIZATION_BACKEND = getattr(
     "django.contrib.auth.backends.ModelBackend",
 )
 
-if not OIDC_ADMIN_ISSUER:
-    OIDC_ADMIN_ISSUER = OIDC_CONFIG_ROUTES.get("ES256", None)
-
 for role in OIDC_ADMIN_ROLES:
     assert isinstance(role, ROLE), f"Role must be a namedtuple, got {type(role)}"
 

{dj_jwt_auth-1.9.4 → dj_jwt_auth-1.9.5}/django_jwt/views.py

@@ -11,7 +11,7 @@ from django.views import View
 from requests.exceptions import HTTPError
 
 from django_jwt import settings as jwt_settings
-from django_jwt.config import config
+from django_jwt.config import SupportedAlgorithms, config
 from django_jwt.exceptions import BadRequestException, ConfigException
 from django_jwt.pkce import PKCESecret
 from django_jwt.user import UserHandler, role_handler
@@ -44,11 +44,12 @@ class InitiateView(View):
     client_id = None
     scope = "openid"
     params = {}
+    algorithm = SupportedAlgorithms.ES256
 
     def get(self, request):
         pkce_secret = PKCESecret()
         redirect_uri = request.build_absolute_uri(reverse(self.callback_view_name))
-        authorization_endpoint = config.admin().get("authorization_endpoint")
+        authorization_endpoint = config.cfg(self.algorithm).get("authorization_endpoint")
         state = base64.urlsafe_b64encode(get_random_string().encode()).decode()
         self.params = {
             "client_id": self.client_id,

{dj_jwt_auth-1.9.4 → dj_jwt_auth-1.9.5}/setup.cfg

@@ -1,6 +1,6 @@
 [metadata]
 name = dj-jwt-auth
-version = 1.9.4
+version = 1.9.5
 description = A Django package for JSON Web Token validation and verification. Using PyJWT.
 long_description = file: README.md
 url = https://www.example.com/