PyPI - jamlib - Versions diffs - 3.2.0b0__tar.gz → 3.2.0b2__tar.gz - Mend

jamlib 3.2.0b0tar.gz → 3.2.0b2tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (122) hide show

{jamlib-3.2.0b0/src/jamlib.egg-info → jamlib-3.2.0b2}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: jamlib
-Version: 3.2.0b0
+Version: 3.2.0b2
 Summary: Simple and universal library for authorization.
 Author-email: Makridenko Adrian <adrianmakridenko@duck.com>, Ksenia Travnikova <kseniatravnikova@duck.com>
 License: Apache-2.0

{jamlib-3.2.0b0 → jamlib-3.2.0b2}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "jamlib"
-version = "3.2.0b0"
+version = "3.2.0b2"
 description = "Simple and universal library for authorization."
 authors = [
     {name = "Makridenko Adrian",email = "adrianmakridenko@duck.com"},

{jamlib-3.2.0b0 → jamlib-3.2.0b2}/src/jam/__init__.py RENAMED Viewed

@@ -12,5 +12,5 @@ from jam.encoders import JsonEncoder
 from jam.instance import Jam
-__version__ = "3.2.0b0"
+__version__ = "3.2.0b2"
 __all__ = ["Jam", "JsonEncoder", "BaseJam", "BaseEncoder"]

{jamlib-3.2.0b0 → jamlib-3.2.0b2}/src/jam/aio/__base__.py RENAMED Viewed

@@ -75,7 +75,12 @@ class BaseAsyncJam(BaseJam):
     @abstractmethod
     async def jwt_decode(  # type: ignore[override]
-        self, token: str, check_exp: bool = True, check_list: bool = True
+        self,
+        token: str,
+        check_exp: bool = True,
+        check_list: bool = True,
+        check_nbf: bool = False,
+        include_headers: bool = False,
     ) -> dict[str, Any]:
         """Verify and decode JWT token.
@@ -83,6 +88,8 @@ class BaseAsyncJam(BaseJam):
             token (str): JWT token
             check_exp (bool): Check expire
             check_list (bool): Check white/black list. Docs: https://jam.makridenko.ru/jwt/lists/what/
+            check_nbf (bool): Check not-before time
+            include_headers (bool): Include headers in the decoded payload
         Returns:
             dict[str, Any]: Decoded payload

{jamlib-3.2.0b0 → jamlib-3.2.0b2}/src/jam/aio/instance.py RENAMED Viewed

@@ -1,6 +1,7 @@
 # -*- coding: utf-8 -*-
 import datetime
+import time
 from typing import Any
 import uuid
@@ -10,6 +11,7 @@ from jam.exceptions import (
     JamJWTExpired,
     JamJWTInBlackList,
     JamJWTNotInWhiteList,
+    JamJWTNotYetValid,
 )
@@ -108,7 +110,12 @@ class Jam(BaseAsyncJam):
         return token
     async def jwt_decode(
-        self, token: str, check_exp: bool = True, check_list: bool = True
+        self,
+        token: str,
+        check_exp: bool = True,
+        check_list: bool = True,
+        check_nbf: bool = False,
+        include_headers: bool = False,
     ) -> dict[str, Any]:
         """Verify and decode JWT token.
@@ -116,23 +123,43 @@ class Jam(BaseAsyncJam):
             token (str): JWT token
             check_exp (bool): Check expire
             check_list (bool): Check white/black list. Docs: https://jam.makridenko.ru/jwt/lists/what/
+            check_nbf (bool): Check not-before time
+            include_headers (bool): Include headers in the decoded payload
         Returns:
             dict[str, Any]: Decoded payload
+        Raises:
+            JamJWTExpired: If token is expired
+            JamJWTNotYetValid: If token is not yet valid (nbf claim)
+            JamConfigurationError: If JWT list is not connected
+            JamJWTNotInWhiteList: If token is not in white list
+            JamJWTInBlackList: If token is in black list
         """
         assert self.jwt is not None
         self._logger.debug(
-            f"Verifying JWT token (length: {len(token)} chars), check_exp={check_exp}, check_list={check_list}"
+            f"Verifying JWT token (length: {len(token)} chars), check_exp={check_exp}, check_list={check_list}, check_nbf={check_nbf}"
         )
-        payload = self.jwt.decode(token)
+        data = self.jwt.decode(token)
+        if "payload" in data:
+            payload = data["payload"]
+            headers = data.get("header")
+        else:
+            payload = data
+            headers = None
+        if check_exp and "exp" in payload:
+            if payload["exp"] < time.time():
+                raise JamJWTExpired
+        if check_nbf and "nbf" in payload:
+            if payload["nbf"] > time.time():
+                raise JamJWTNotYetValid
         self._logger.debug(
             f"JWT token verified successfully, payload keys: {list(payload.keys())}"
         )
-        if check_exp:
-            if payload["exp"] < datetime.datetime.now().timestamp():
-                raise JamJWTExpired
         if check_list:
             if not self.jwt.list:
                 raise JamConfigurationError(
@@ -152,6 +179,9 @@ class Jam(BaseAsyncJam):
                             message="Invalid JWT list type",
                             error_code="configuration.jwt.unknown_list_type",
                         )
+        if include_headers and headers is not None:
+            return {"header": headers, "payload": payload}
         return payload
     async def session_create(

{jamlib-3.2.0b0 → jamlib-3.2.0b2}/src/jam/exceptions/__init__.py RENAMED Viewed

@@ -15,6 +15,7 @@ from .jwt import (
     JamJWTExpired,
     JamJWTInBlackList,
     JamJWTNotInWhiteList,
+    JamJWTNotYetValid,
     JamJWTUnsupportedAlgorithm,
     JamJWTValidationError,
 )
@@ -56,6 +57,7 @@ __all__ = [
     "JamJWTExpired",
     "JamJWTInBlackList",
     "JamJWTNotInWhiteList",
+    "JamJWTNotYetValid",
     "JamJWTEmptyPrivateKey",
     "JamJWTEmptySecretKey",
     "JamJWTUnsupportedAlgorithm",

{jamlib-3.2.0b0 → jamlib-3.2.0b2}/src/jam/exceptions/jwt.py RENAMED Viewed

@@ -8,6 +8,11 @@ class JamJWTExpired(JamError):
     default_code = "jwt.token_expired"
+class JamJWTNotYetValid(JamError):
+    default_message = "Token is not yet valid (nbf claim)."
+    default_code = "jwt.token_not_yet_valid"
 class JamJWTInBlackList(JamError):
     default_message = "Token in blacklist."
     default_code = "jwt.blacklist"

{jamlib-3.2.0b0 → jamlib-3.2.0b2}/src/jam/ext/flask/extensions.py RENAMED Viewed

@@ -5,7 +5,7 @@ from typing import Any
 import flask
 from jam.exceptions import JamFlaskPluginConfigError
-from jam.jwt import create_instance as create_jwt
+from jam.jose import create_instance as create_jwt
 from jam.oauth2 import create_instance as create_oauth2
 from jam.paseto import create_instance as create_paseto
 from jam.sessions import create_instance as create_session
@@ -170,7 +170,8 @@ class JWTExtension(BaseAuthExtension):
         if not token:
             return None
         try:
-            payload = self._auth.decode(token)
+            result = self._auth.decode(token)
+            payload = result.get("payload", result)
             flask.g.payload = payload
             return payload
         except Exception:

{jamlib-3.2.0b0 → jamlib-3.2.0b2}/src/jam/ext/litestar/middleware.py RENAMED Viewed

@@ -11,7 +11,7 @@ from litestar.middleware import (
 from jam.aio.sessions.__base__ import BaseAsyncSessionModule
 from jam.exceptions import JamLitestarPluginConfigError, JamLitestarPluginError
 from jam.ext.litestar.objects import BaseUser, Token
-from jam.jwt import JWT
+from jam.jose.__base__ import BaseJWT as JWTClass
 from jam.paseto import BasePASETO
@@ -46,7 +46,7 @@ class BaseMiddleware(AbstractAuthenticationMiddleware):
 class JWTMiddleware(BaseMiddleware):
     """JWT Middleware for litestar."""
-    AUTH_MODULE: JWT
+    AUTH_MODULE: JWTClass
     LIST: bool = False
     async def authenticate_request(  # noqa
@@ -57,7 +57,8 @@ class JWTMiddleware(BaseMiddleware):
         if not token:
             return AuthenticationResult(user=None, auth=token_model)
         try:
-            data = self.AUTH_MODULE.decode(token)
+            result = self.AUTH_MODULE.decode(token)
+            data = result.get("payload", result)
             if self.AUTH_MODULE.list and self.LIST:
                 match self.AUTH_MODULE.list.__list_type__:
                     case "white":

{jamlib-3.2.0b0 → jamlib-3.2.0b2}/src/jam/ext/litestar/plugins.py RENAMED Viewed

@@ -16,7 +16,7 @@ from jam.ext.litestar.middleware import (
     SessionMiddleware,
 )
 from jam.ext.litestar.objects import BaseUser
-from jam.jwt import create_instance as create_jwt
+from jam.jose import create_instance as create_jwt
 from jam.oauth2 import create_instance as create_oauth2
 from jam.paseto import create_instance as create_paseto
 from jam.utils.config_maker import GENERIC_POINTER, __config_maker__

{jamlib-3.2.0b0 → jamlib-3.2.0b2}/src/jam/ext/starlette/backends.py RENAMED Viewed

@@ -14,7 +14,7 @@ from starlette.requests import HTTPConnection
 from jam.aio.sessions import create_instance as create_session
 from jam.exceptions import JamStarlettePluginConfigError
 from jam.ext.starlette.objects import BaseUser, SimpleUser
-from jam.jwt import create_instance as create_jwt
+from jam.jose import create_instance as create_jwt
 from jam.paseto import create_instance as create_paseto
 from jam.utils.config_maker import GENERIC_POINTER, __config_maker__
@@ -141,7 +141,8 @@ class JWTBackend(BaseBackend):
                         if self._auth.list.check(token):
                             return AuthCredentials(None), UnauthenticatedUser()
             data = self._auth.decode(token)
-            user = self._user.from_payload(data)
+            payload = data.get("payload", data)
+            user = self._user.from_payload(payload)
             return AuthCredentials(["authenticated"]), user
         return AuthCredentials(None), UnauthenticatedUser()

{jamlib-3.2.0b0 → jamlib-3.2.0b2}/src/jam/instance.py RENAMED Viewed

@@ -1,6 +1,7 @@
 # -*- coding: utf-8 -*-
 import datetime
+import time
 from typing import Any
 import uuid
@@ -8,8 +9,10 @@ from jam.__base__ import BaseJam
 from jam.__deprecated__ import deprecated
 from jam.exceptions import (
     JamConfigurationError,
+    JamJWTExpired,
     JamJWTInBlackList,
     JamJWTNotInWhiteList,
+    JamJWTNotYetValid,
 )
@@ -139,24 +142,25 @@ class Jam(BaseJam):
         Raises:
             JamJWTExpired: If token is expired
+            JamJWTNotYetValid: If token is not yet valid (nbf claim)
             JamConfigurationError: If JWT list is not connected
             JamJWTNotInWhiteList: If token is not in white list
             JamJWTInBlackList: If token is in black list
         """
         self._logger.debug(
-            f"Verifying JWT token (length: {len(token)} chars), check_exp={check_exp}, check_list={check_list}"
+            f"Verifying JWT token (length: {len(token)} chars), check_exp={check_exp}, check_list={check_list}, check_nbf={check_nbf}"
         )
         assert self.jwt is not None
-        data = self.jwt.decode(token, include_headers)
+        data = self.jwt.decode(token)
+        payload = data["payload"]
-        if include_headers:
-            payload = data
-        else:
-            payload = data
-            if isinstance(payload, bytes):
-                import json
+        if check_exp and "exp" in payload:
+            if payload["exp"] < time.time():
+                raise JamJWTExpired
-                payload = json.loads(payload)
+        if check_nbf and "nbf" in payload:
+            if payload["nbf"] > time.time():
+                raise JamJWTNotYetValid
         self._logger.debug(
             f"JWT token verified successfully, payload keys: {list(payload.keys())}"
@@ -181,6 +185,9 @@ class Jam(BaseJam):
                             message="Invalid JWT list type",
                             error_code="configuration.jwt.unknown_list_type",
                         )
+        if include_headers:
+            return data
         return payload
     def session_create(self, session_key: str, data: dict[str, Any]) -> str:

{jamlib-3.2.0b0 → jamlib-3.2.0b2}/src/jam/jose/__base__.py RENAMED Viewed

@@ -65,21 +65,11 @@ class BaseJWT(ABC):
         raise NotImplementedError
     @abstractmethod
-    def decode(
-        self,
-        token: str,
-        include_headers: bool = False,
-    ) -> dict[str, Any]:
-        """Decode the JWT and return the payload.
-        Args:
-            token (str): The JWT to decode.
-            exp (bool): Whether to check the expiration time. Defaults to False.
-            nbf (bool): Whether to check the not-before time. Defaults to False.
-            include_headers (bool): Whether to include the headers in the result. Defaults to False.
+    def decode(self, token: str) -> dict[str, Any]:
+        """Decode the JWT and return the header and payload.
         Returns:
-            dict[str, Any]: The decoded payload.
+            dict with 'header' and 'payload' keys (both dicts).
         """
         raise NotImplementedError

jamlib-3.2.0b2/src/jam/jose/__init__.py ADDED Viewed

@@ -0,0 +1,55 @@
+# -*- coding: utf-8 -*-
+"""JOSE tools."""
+from typing import Any
+from jam.jose.jwk import JWK, JWKOct, JWKSet, JWKRSA, JWKEC
+from jam.jose.jws import JWS
+from jam.jose.jwe import JWE
+from jam.jose.jwt import JWT
+from jam.logger import BaseLogger, logger
+from jam.encoders import BaseEncoder, JsonEncoder
+def create_instance(
+    alg: str,
+    secret: Any = None,
+    secret_key: Any = None,
+    password: str | bytes | None = None,
+    list: dict[str, Any] | None = None,
+    logger: BaseLogger = logger,
+    serializer: BaseEncoder | type[BaseEncoder] = JsonEncoder,
+    **kwargs: Any,
+) -> JWT:
+    """Create JWT instance."""
+    if secret is None and secret_key is not None:
+        secret = secret_key
+    elif secret is None:
+        raise ValueError("Either 'secret' or 'secret_key' must be provided")
+    key = secret
+    if isinstance(secret, JWK):
+        key = secret._to_keylike()
+    return JWT(
+        alg=alg,
+        secret_key=key,
+        password=password,
+        list=list,
+        serializer=serializer,
+        logger=logger,
+    )
+__all__ = [
+    "JWK",
+    "JWKSet",
+    "JWS",
+    "JWE",
+    "JWT",
+    "JWKRSA",
+    "JWKEC",
+    "JWKOct",
+    "create_instance",
+]

{jamlib-3.2.0b0 → jamlib-3.2.0b2}/src/jam/jose/jwe.py RENAMED Viewed

@@ -31,10 +31,12 @@ class JWE(BaseJWE):
     Provides encryption and decryption of data using JWK keys.
     Example:
+        ```python
         >>> jwk = JWK.from_dict({"kty": "oct", "k": "your-secret-key"})
         >>> jwe = JWE(alg="A128KW", enc="A128CBC-HS256", key=jwk)
         >>> token = jwe.encrypt("secret data")
         >>> plaintext = jwe.decrypt(token)
+        ```
     """
     def __init__(

{jamlib-3.2.0b0 → jamlib-3.2.0b2}/src/jam/jose/jwk.py RENAMED Viewed

@@ -142,9 +142,11 @@ class JWK(BaseJWK):
     Provides JWK validation and signing capabilities.
     Example:
+        ```python
         >>> jwk = JWK.from_dict({"kty": "oct", "k": "your-secret-key"})
         >>> jwk.sign(b"data", "HS256")
         >>> jwk.verify(token)
+        ```
     """
     _SUPPORTED_KEY_TYPES = frozenset({"RSA", "EC", "oct"})

jamlib 3.2.0b0__tar.gz → 3.2.0b2__tar.gz

jamlib 3.2.0b0tar.gz → 3.2.0b2tar.gz