latch-asgi 1.0.3__tar.gz → 1.0.5__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (19) hide show
  1. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/PKG-INFO +1 -1
  2. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/auth.py +10 -4
  3. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/pyproject.toml +1 -1
  4. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/COPYING +0 -0
  5. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/README.md +0 -0
  6. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/__init__.py +0 -0
  7. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/asgi_iface.py +0 -0
  8. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/config.py +0 -0
  9. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/context/__init__.py +0 -0
  10. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/context/common.py +0 -0
  11. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/context/http.py +0 -0
  12. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/context/websocket.py +0 -0
  13. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/datadog_propagator.py +0 -0
  14. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/framework/__init__.py +0 -0
  15. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/framework/common.py +0 -0
  16. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/framework/http.py +0 -0
  17. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/framework/websocket.py +0 -0
  18. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/py.typed +0 -0
  19. {latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/server.py +0 -0
{latch_asgi-1.0.3 → latch_asgi-1.0.5}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: latch-asgi
3
- Version: 1.0.3
3
+ Version: 1.0.5
4
4
  Summary: ASGI python server
5
5
  Author-Email: Max Smolin <max@latch.bio>
6
6
  License: CC0-1.0
{latch_asgi-1.0.3 → latch_asgi-1.0.5}/latch_asgi/auth.py RENAMED
@@ -27,7 +27,8 @@ authentication_header_regex = re.compile(
27
27
  Bearer \s+ (?P<oauth_token>.*) |
28
28
  Latch-Execution-Token \s+ (?P<execution_token>.*) |
29
29
  Latch-SDK-Token \s+ (?P<sdk_token>.*) |
30
- Latch-X-Server-Token \s+ (?P<server_token>.*)
30
+ Latch-X-Server-Token \s+ (?P<server_token>.*) |
31
+ Latch-Session-Token \s+ (?P<session_token>.*)
31
32
  )$
32
33
  """,
33
34
  re.IGNORECASE | re.VERBOSE,
@@ -58,6 +59,7 @@ class _HTTPUnauthorized(HTTPErrorResponse):
58
59
  class Authorization:
59
60
  oauth_sub: str | None = None
60
61
  execution_token: str | None = None
62
+ session_token: str | None = None
61
63
  sdk_token: str | None = None
62
64
  cross_server_token: str | None = None
63
65
 
@@ -105,6 +107,10 @@ def get_signer_sub(auth_header: str) -> Authorization:
105
107
  if sdk_token is not None:
106
108
  return Authorization(sdk_token=sdk_token)
107
109
 
110
+ session_token = auth_match.group("session_token")
111
+ if session_token is not None:
112
+ return Authorization(session_token=session_token)
113
+
108
114
  cross_server_token = auth_match.group("server_token")
109
115
  if cross_server_token is not None:
110
116
  if (
@@ -141,15 +147,15 @@ def get_signer_sub(auth_header: str) -> Authorization:
141
147
  # ) from e
142
148
 
143
149
  with app_tracer.start_as_current_span("decode jwt"):
150
+ audience = config.audience if jwt_key != config.self_signed_jwk else None
144
151
  try:
145
152
  jwt_data: dict[str, str] = jwt.decode(
146
153
  oauth_token,
147
154
  key=jwt_key,
148
155
  algorithms=["RS256", "HS256"],
149
156
  # fixme(maximsmol): gut this abomination
150
- audience=(
151
- config.audience if jwt_key != config.self_signed_jwk else None
152
- ),
157
+ audience=audience,
158
+ options={"verify_aud": audience is not None},
153
159
  )
154
160
  except jwt.exceptions.InvalidTokenError as e:
155
161
  # todo(maximsmol): filter out scope failures and include the correct error code
{latch_asgi-1.0.3 → latch_asgi-1.0.5}/pyproject.toml RENAMED
@@ -1,6 +1,6 @@
1
1
  [project]
2
2
  name = "latch-asgi"
3
- version = "1.0.3"
3
+ version = "1.0.5"
4
4
  description = "ASGI python server"
5
5
  authors = [
6
6
  { name = "Max Smolin", email = "max@latch.bio" },
{latch_asgi-1.0.3 → latch_asgi-1.0.5}/COPYING RENAMED
File without changes
{latch_asgi-1.0.3 → latch_asgi-1.0.5}/README.md RENAMED
File without changes