jamlib 3.1.1__tar.gz → 3.2.0__tar.gz

{jamlib-3.1.1/src/jamlib.egg-info → jamlib-3.2.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: jamlib
-Version: 3.1.1
+Version: 3.2.0
 Summary: Simple and universal library for authorization.
 Author-email: Makridenko Adrian <adrianmakridenko@duck.com>, Ksenia Travnikova <kseniatravnikova@duck.com>
 License: Apache-2.0
@@ -30,7 +30,7 @@ Classifier: Framework :: FastAPI
 Requires-Python: >=3.10
 Description-Content-Type: text/markdown
 License-File: LICENSE.md
-Requires-Dist: cryptography>=46.0.5
+Requires-Dist: cryptography>=48.0.0
 Provides-Extra: cli
 Requires-Dist: click>=8.3.1; extra == "cli"
 Provides-Extra: redis
@@ -77,7 +77,7 @@ from jam import Jam
 
 jam = Jam(config="config.toml")
 
-jwt = jam.jwt_create({"user": 1})
+jwt = jam.jwt_encode(payload={"user": 1})
 session_id = jam.session_create(session_key="username", data={"user": 1})
 otp_code = jam.otp_code(secret="3DB7FOAOFBCI3WFDRE7EPF43CA")
 ```
@@ -85,7 +85,7 @@ otp_code = jam.otp_code(secret="3DB7FOAOFBCI3WFDRE7EPF43CA")
 ## Why Jam?
 Jam is a library that provides the most popular AUTH* mechanisms right out of the box.
 
-* [JWT](https://jam.makridenko.ru/usage/jwt/)
+* [JOSE](https://jam.makridenko.ru/usage/jose/)
 * [PASETO](https://jam.makridenko.ru/usage/paseto/)
 * [Server side sessions](https://jam.makridenko.ru/usage/sessions/)
 * [OTP](https://jam.makridenko.ru/usage/otp/)
@@ -109,7 +109,7 @@ Here is a comparison with other libraries:
 
 | Features / Library    | **Jam** | [Authx](https://authx.yezz.me/) | [PyJWT](https://pyjwt.readthedocs.io) | [AuthLib](https://docs.authlib.org) | [OTP Auth](https://otp.authlib.org/) |
 |-----------------------|--------|----------------------------------|---------------------------------------|-------------------------------------|--------------------------------------|
-| JWT                   | ✅     | ✅                               | ✅                                    | ✅                                  | ❌                                   |
+| JOSE                  | ✅     | ❌ only JWT                      | ❌ only JWT                           | ✅                                  | ❌                                   |
 | JWT black/white lists | ✅     | ❌                               | ❌                                    | ❌                                  | ❌                                   |
 | PASETO                | ✅     | ❌                               | ❌                                    | ❌                                  | ❌                                   |
 | Server side sessions  | ✅     | ✅                               | ❌                                    | ❌                                  | ❌                                   |

{jamlib-3.1.1 → jamlib-3.2.0}/README.md

@@ -24,7 +24,7 @@ from jam import Jam
 
 jam = Jam(config="config.toml")
 
-jwt = jam.jwt_create({"user": 1})
+jwt = jam.jwt_encode(payload={"user": 1})
 session_id = jam.session_create(session_key="username", data={"user": 1})
 otp_code = jam.otp_code(secret="3DB7FOAOFBCI3WFDRE7EPF43CA")
 ```
@@ -32,7 +32,7 @@ otp_code = jam.otp_code(secret="3DB7FOAOFBCI3WFDRE7EPF43CA")
 ## Why Jam?
 Jam is a library that provides the most popular AUTH* mechanisms right out of the box.
 
-* [JWT](https://jam.makridenko.ru/usage/jwt/)
+* [JOSE](https://jam.makridenko.ru/usage/jose/)
 * [PASETO](https://jam.makridenko.ru/usage/paseto/)
 * [Server side sessions](https://jam.makridenko.ru/usage/sessions/)
 * [OTP](https://jam.makridenko.ru/usage/otp/)
@@ -56,7 +56,7 @@ Here is a comparison with other libraries:
 
 | Features / Library    | **Jam** | [Authx](https://authx.yezz.me/) | [PyJWT](https://pyjwt.readthedocs.io) | [AuthLib](https://docs.authlib.org) | [OTP Auth](https://otp.authlib.org/) |
 |-----------------------|--------|----------------------------------|---------------------------------------|-------------------------------------|--------------------------------------|
-| JWT                   | ✅     | ✅                               | ✅                                    | ✅                                  | ❌                                   |
+| JOSE                  | ✅     | ❌ only JWT                      | ❌ only JWT                           | ✅                                  | ❌                                   |
 | JWT black/white lists | ✅     | ❌                               | ❌                                    | ❌                                  | ❌                                   |
 | PASETO                | ✅     | ❌                               | ❌                                    | ❌                                  | ❌                                   |
 | Server side sessions  | ✅     | ✅                               | ❌                                    | ❌                                  | ❌                                   |

{jamlib-3.1.1 → jamlib-3.2.0}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "jamlib"
-version = "3.1.1"
+version = "3.2.0"
 description = "Simple and universal library for authorization."
 authors = [
     {name = "Makridenko Adrian",email = "adrianmakridenko@duck.com"},
@@ -23,7 +23,7 @@ keywords = [
 ]
 requires-python = ">=3.10"
 dependencies = [
-    "cryptography>=46.0.5",
+    "cryptography>=48.0.0",
 ]
 
 classifiers = [

{jamlib-3.1.1 → jamlib-3.2.0}/src/jam/__base__.py

@@ -10,7 +10,7 @@ from typing import Any, Literal
 from jam.__base_encoder__ import BaseEncoder
 from jam.encoders import JsonEncoder
 from jam.exceptions import JamConfigurationError
-from jam.jwt.__base__ import BaseJWT
+from jam.jose.__base__ import BaseJWE, BaseJWS, BaseJWT
 from jam.logger import BaseLogger, JamLogger
 from jam.oauth2.__base__ import BaseOAuth2Client
 from jam.otp.__base__ import BaseOTP, OTPConfig
@@ -23,7 +23,7 @@ from jam.utils.config_maker import __config_maker__, __module_loader__
 class BaseJam(ABC):
     """Base jam instance."""
 
-    MODULES: dict[str, str] = {}
+    MODULES: dict[str, str | dict[str, str]] = {}
 
     def __init__(
         self,
@@ -64,6 +64,9 @@ class BaseJam(ABC):
         self._plugins = []
 
         self.jwt: BaseJWT | None = None
+        self.jws: BaseJWS | None = None
+        self.jwe: BaseJWE | None = None
+        self.jose: dict[str, Any] | None = None
         self.session: BaseSessionModule | None = None
         self.oauth2: dict[str, BaseOAuth2Client] | None = None
         self.otp: OTPConfig | None = None
@@ -78,7 +81,7 @@ class BaseJam(ABC):
         )
         self._logger.debug(
             "BaseJam initialization complete. Modules loaded:\n"
-            f" jwt={self.jwt is not None}, session={self.session is not None}, oauth2={self.oauth2 is not None}"
+            f" jwt={self.jwt is not None}, jose={self.jose is not None}, session={self.session is not None}, oauth2={self.oauth2 is not None}"
         )
         if os.getenv("JAM_ENABLE_PLUGINS", "0") == "1":
             self._logger.warning("Experimental plugins are enabled!")
@@ -151,6 +154,7 @@ class BaseJam(ABC):
         """Build instance.
 
         Load modules from configuration and initialize them.
+        Supports both flat modules (name -> path) and nested modules (name -> {subname -> path}).
 
         Args:
             config (dict[str, Any]): Configuration
@@ -163,24 +167,68 @@ class BaseJam(ABC):
                 self._logger.debug(f"Missing configuration for module {name}")
                 continue
 
-            try:
-                module_cls = __module_loader__(path)
-                self._logger.debug(f"Loading module {name} from {path}")
-                params = config.get(name, {})
-                self._logger.debug(
-                    f"Module {name} config params: {list(params.keys())}"
-                )
-                # params["logger"] = self._logger
-                # params["serializer"] = self._serializer
-                module_instance = module_cls(**params)
-                self.__setattr__(name, module_instance)
-                self._logger.debug(f"Module {name} initialized successfully")
-
-            except Exception as e:
-                self._logger.error(
-                    f"Failed to load module {name} from {path}: {e}",
-                    exc_info=True,
-                )
+            if isinstance(path, dict):
+                subconfig = config.get(name, {})
+                if not isinstance(subconfig, dict):
+                    subconfig = {}
+
+                for subname, subpath in path.items():
+                    if subname not in subconfig:
+                        self._logger.debug(
+                            f"Missing configuration for module {name}.{subname}"
+                        )
+                        continue
+
+                    try:
+                        module_cls = __module_loader__(subpath)
+                        self._logger.debug(
+                            f"Loading module {name}.{subname} from {subpath}"
+                        )
+                        params = subconfig.get(subname, {})
+                        self._logger.debug(
+                            f"Module {name}.{subname} config params: {list(params.keys())}"
+                        )
+                        module_instance = module_cls(**params)
+
+                        if self.jose is None:
+                            self.jose = {}
+                        self.jose[subname] = module_instance
+
+                        if subname == "jwt":
+                            self.jwt = module_instance
+                        elif subname == "jws":
+                            self.jws = module_instance
+                        elif subname == "jwe":
+                            self.jwe = module_instance
+
+                        self._logger.debug(
+                            f"Module {name}.{subname} initialized successfully"
+                        )
+
+                    except Exception as e:
+                        self._logger.error(
+                            f"Failed to load module {name}.{subname} from {subpath}: {e}",
+                            exc_info=True,
+                        )
+            else:
+                try:
+                    module_cls = __module_loader__(path)
+                    self._logger.debug(f"Loading module {name} from {path}")
+                    params = config.get(name, {})
+                    self._logger.debug(
+                        f"Module {name} config params: {list(params.keys())}"
+                    )
+                    module_instance = module_cls(**params)
+                    self.__setattr__(name, module_instance)
+                    self._logger.debug(
+                        f"Module {name} initialized successfully"
+                    )
+
+                except Exception as e:
+                    self._logger.error(
+                        f"Failed to load module {name} from {path}: {e}",
+                        exc_info=True,
+                    )
 
     def __otp(
         self, type: Literal["totp", "hotp"] | None = None
@@ -235,47 +283,120 @@ class BaseJam(ABC):
         return kwargs
 
     @abstractmethod
-    def jwt_make_payload(
-        self, exp: int | None, data: dict[str, Any]
+    def jwt_encode(
+        self,
+        iss: str | None = None,
+        sub: str | None = None,
+        aud: str | None = None,
+        exp: int | None = None,
+        nbf: int | None = None,
+        jti: str | None = None,
+        *,
+        payload: dict[str, Any] | None = None,
+        header: dict[str, Any] | None = None,
+    ) -> str:
+        """Encode the JWT with the given expire, header, and payload.
+
+        Args:
+            exp (int | None): The expiration time in seconds.
+            nbf (int | None): The not-before time in seconds.
+            iss (str | None): The issuer.
+            sub (str | None): The subject.
+            aud (str | None): The audience.
+            jti (str | None): The JWT ID. If none use the JTI fabric function.
+            header (dict[str, Any] | None): The header to include in the JWT.
+            payload (dict[str, Any] | None): The payload to include in the JWT.
+
+        Returns:
+            str: The encoded JWT.
+        """
+        raise NotImplementedError
+
+    @abstractmethod
+    def jwt_decode(
+        self,
+        token: str,
+        check_exp: bool = True,
+        check_list: bool = True,
+        check_nbf: bool = False,
+        include_headers: bool = False,
     ) -> dict[str, Any]:
-        """Make JWT-specific payload.
+        """Verify and decode JWT token.
 
         Args:
-            exp (int | None): Token expire, if None -> use default
-            data (dict[str, Any]): Data to payload
+            token (str): JWT token
+            check_exp (bool): Check expire
+            check_list (bool): Check white/black list. Docs: https://jam.makridenko.ru/jwt/lists/what/
+            check_nbf (bool): Check not-before time
+            include_headers (bool): Include headers in the decoded payload
 
         Returns:
-            dict[str, Any]: Payload
+            dict[str, Any]: Decoded payload
+
         """
         raise NotImplementedError
 
     @abstractmethod
-    def jwt_create(self, payload: dict[str, Any]) -> str:
-        """Create JWT token.
+    def jws_sign(
+        self,
+        data: dict[str, Any] | str,
+        header: dict[str, Any] | None = None,
+    ) -> str:
+        """Sign data using JWS.
 
         Args:
-            payload (dict[str, Any]): Data payload
+            data: Data to sign. If dict, will be JSON encoded.
+            header: JWS header.
 
         Returns:
-            str: New token
+            str: JWS token.
+        """
+        raise NotImplementedError
+
+    @abstractmethod
+    def jws_verify(self, token: str) -> dict[str, Any]:
+        """Verify JWS token.
+
+        Args:
+            token: JWS token.
+
+        Returns:
+            dict[str, Any]: Decoded payload.
 
+        Raises:
+            JamJWSVerificationError: If verification fails.
         """
         raise NotImplementedError
 
     @abstractmethod
-    def jwt_decode(
-        self, token: str, check_exp: bool = True, check_list: bool = True
-    ) -> dict[str, Any]:
-        """Verify and decode JWT token.
+    def jwe_encrypt(
+        self,
+        data: dict[str, Any] | str,
+        header: dict[str, Any] | None = None,
+    ) -> str:
+        """Encrypt data using JWE.
 
         Args:
-            token (str): JWT token
-            check_exp (bool): Check expire
-            check_list (bool): Check white/black list. Docs: https://jam.makridenko.ru/jwt/lists/what/
+            data: Data to encrypt. If dict, will be JSON encoded.
+            header: JWE header.
 
         Returns:
-            dict[str, Any]: Decoded payload
+            str: JWE token.
+        """
+        raise NotImplementedError
+
+    @abstractmethod
+    def jwe_decrypt(self, token: str) -> bytes:
+        """Decrypt JWE token.
+
+        Args:
+            token: JWE token.
+
+        Returns:
+            bytes: Decrypted data.
 
+        Raises:
+            JamJWEDecryptionError: If decryption fails.
         """
         raise NotImplementedError
 

{jamlib-3.1.1 → jamlib-3.2.0}/src/jam/__deprecated__.py

@@ -8,7 +8,7 @@ def deprecated(replacement: str | None = None):
     """Mark funcs are deprecated."""
 
     def decorator(func):
-        msg = f"Function {func.__name__}() is deprecated."
+        msg = f"{func.__name__}() is deprecated."
         if replacement:
             msg += f" {replacement}"
 

{jamlib-3.1.1 → jamlib-3.2.0}/src/jam/__init__.py

@@ -7,10 +7,8 @@ Documentation: https://jam.makridenko.ru
 """
 
 from jam.__base__ import BaseJam
-from jam.__base_encoder__ import BaseEncoder
-from jam.encoders import JsonEncoder
 from jam.instance import Jam
 
 
-__version__ = "3.1.1"
-__all__ = ["Jam", "JsonEncoder", "BaseJam", "BaseEncoder"]
+__version__ = "3.2.0"
+__all__ = ["Jam", "BaseJam"]

{jamlib-3.1.1 → jamlib-3.2.0}/src/jam/aio/__base__.py

@@ -4,24 +4,35 @@ from abc import abstractmethod
 from typing import Any
 
 from jam.__base__ import BaseJam
+from jam.__deprecated__ import deprecated
 from jam.aio.oauth2.__base__ import BaseAsyncOAuth2Client
 from jam.aio.sessions.__base__ import BaseAsyncSessionModule
+from jam.jose.__base__ import BaseJWE, BaseJWS
 
 
 class BaseAsyncJam(BaseJam):
     """Base async jam instance."""
 
-    MODULES: dict[str, str] = {}
+    MODULES: dict[str, str | dict[str, str]] = {}
 
     session: BaseAsyncSessionModule | None = None  # type: ignore[override]
     oauth2: dict[str, BaseAsyncOAuth2Client] | None = None  # type: ignore[override]
+    jose: dict[str, Any] | None = None  # type: ignore[override]
+    jws: BaseJWS | None = None  # type: ignore[override]
+    jwe: BaseJWE | None = None  # type: ignore[override]
 
     @abstractmethod
+    @deprecated(
+        "This method is deprecated; the JWT payload is generated automatically in accordance with the specification."
+    )
     async def jwt_make_payload(  # type: ignore[override]
         self, exp: int | None, data: dict[str, Any]
     ) -> dict[str, Any]:
         """Make JWT-specific payload.
 
+        !!! Deprecated
+                This method is deprecated; the JWT payload is generated automatically in accordance with the specification.
+
         Args:
             exp (int | None): Token expire, if None -> use default
             data (dict[str, Any]): Data to payload
@@ -32,6 +43,7 @@ class BaseAsyncJam(BaseJam):
         raise NotImplementedError
 
     @abstractmethod
+    @deprecated("Use jam.jwt_encode")
     async def jwt_create(  # type: ignore[override]
         self, payload: dict[str, Any]
     ) -> str:
@@ -45,9 +57,44 @@ class BaseAsyncJam(BaseJam):
         """
         raise NotImplementedError
 
+    @abstractmethod
+    async def jwt_encode(  # type: ignore[override]
+        self,
+        iss: str | None = None,
+        sub: str | None = None,
+        aud: str | None = None,
+        exp: int | None = None,
+        nbf: int | None = None,
+        jti: str | None = None,
+        *,
+        payload: dict[str, Any] | None = None,
+        header: dict[str, Any] | None = None,
+    ) -> str:
+        """Encode the JWT with the given expire, header, and payload.
+
+        Args:
+            exp (int | None): The expiration time in seconds.
+            nbf (int | None): The not-before time in seconds.
+            iss (str | None): The issuer.
+            sub (str | None): The subject.
+            aud (str | None): The audience.
+            jti (str | None): The JWT ID. If none use the JTI fabric function.
+            header (dict[str, Any] | None): The header to include in the JWT.
+            payload (dict[str, Any] | None): The payload to include in the JWT.
+
+        Returns:
+            str: The encoded JWT.
+        """
+        raise NotImplementedError
+
     @abstractmethod
     async def jwt_decode(  # type: ignore[override]
-        self, token: str, check_exp: bool = True, check_list: bool = True
+        self,
+        token: str,
+        check_exp: bool = True,
+        check_list: bool = True,
+        check_nbf: bool = False,
+        include_headers: bool = False,
     ) -> dict[str, Any]:
         """Verify and decode JWT token.
 
@@ -55,6 +102,8 @@ class BaseAsyncJam(BaseJam):
             token (str): JWT token
             check_exp (bool): Check expire
             check_list (bool): Check white/black list. Docs: https://jam.makridenko.ru/jwt/lists/what/
+            check_nbf (bool): Check not-before time
+            include_headers (bool): Include headers in the decoded payload
 
         Returns:
             dict[str, Any]: Decoded payload
@@ -305,6 +354,74 @@ class BaseAsyncJam(BaseJam):
         """
         raise NotImplementedError
 
+    @abstractmethod
+    async def jws_sign(  # type: ignore[override]
+        self,
+        data: dict[str, Any] | str,
+        header: dict[str, Any] | None = None,
+    ) -> str:
+        """Sign data using JWS.
+
+        Args:
+            data: Data to sign. If dict, will be JSON encoded.
+            header: JWS header.
+
+        Returns:
+            str: JWS token.
+        """
+        raise NotImplementedError
+
+    @abstractmethod
+    async def jws_verify(  # type: ignore[override]
+        self, token: str
+    ) -> dict[str, Any]:
+        """Verify JWS token.
+
+        Args:
+            token: JWS token.
+
+        Returns:
+            dict[str, Any]: Decoded payload.
+
+        Raises:
+            JamJWSVerificationError: If verification fails.
+        """
+        raise NotImplementedError
+
+    @abstractmethod
+    async def jwe_encrypt(  # type: ignore[override]
+        self,
+        data: dict[str, Any] | str,
+        header: dict[str, Any] | None = None,
+    ) -> str:
+        """Encrypt data using JWE.
+
+        Args:
+            data: Data to encrypt. If dict, will be JSON encoded.
+            header: JWE header.
+
+        Returns:
+            str: JWE token.
+        """
+        raise NotImplementedError
+
+    @abstractmethod
+    async def jwe_decrypt(  # type: ignore[override]
+        self, token: str
+    ) -> bytes:
+        """Decrypt JWE token.
+
+        Args:
+            token: JWE token.
+
+        Returns:
+            bytes: Decrypted data.
+
+        Raises:
+            JamJWEDecryptionError: If decryption fails.
+        """
+        raise NotImplementedError
+
     @abstractmethod
     async def paseto_decode(  # type: ignore[override]
         self, token: str, check_exp: bool = True, check_list: bool = True