latch-asgi 1.0.4__py3-none-any.whl → 1.0.6.dev0__py3-none-any.whl

latch_asgi/auth.py

@@ -147,15 +147,15 @@ def get_signer_sub(auth_header: str) -> Authorization:
             # ) from e
 
     with app_tracer.start_as_current_span("decode jwt"):
+        audience = config.audience if jwt_key != config.self_signed_jwk else None
         try:
             jwt_data: dict[str, str] = jwt.decode(
                 oauth_token,
                 key=jwt_key,
                 algorithms=["RS256", "HS256"],
                 # fixme(maximsmol): gut this abomination
-                audience=(
-                    config.audience if jwt_key != config.self_signed_jwk else None
-                ),
+                audience=audience,
+                options={"verify_aud": audience is not None},
             )
         except jwt.exceptions.InvalidTokenError as e:
             # todo(maximsmol): filter out scope failures and include the correct error code

latch_asgi/context/websocket.py

@@ -27,9 +27,42 @@ class Context(
 
     @trace_app_function
     async def accept_connection(
-        self: Self, *, subprotocol: str | None = None, headers: Headers | None = None
+        self: Self,
+        *,
+        subprotocol: str | None = None,
+        headers: Headers | None = None,
+        negotiate_permessage_deflate: bool = False,
     ) -> None:
-        await accept_connection(self.send, subprotocol=subprotocol, headers=headers)
+        if not negotiate_permessage_deflate:
+            await accept_connection(self.send, subprotocol=subprotocol, headers=headers)
+            return
+
+        offer = self.header_str("sec-websocket-extensions")
+
+        headers_out: Headers = {}
+        if headers is not None:
+            headers_out = dict(headers)
+
+        def _has_extensions_header(h: Headers) -> bool:
+            for k in h.keys():
+                if isinstance(k, bytes):
+                    if k.decode("latin-1").lower() == "sec-websocket-extensions":
+                        return True
+                else:
+                    if k.lower() == "sec-websocket-extensions":
+                        return True
+            return False
+
+        if (
+            offer is not None
+            and "permessage-deflate" in offer.replace(" ", "").lower()
+            and not _has_extensions_header(headers_out)
+        ):
+            headers_out["Sec-WebSocket-Extensions"] = "permessage-deflate"
+
+        await accept_connection(
+            self.send, subprotocol=subprotocol, headers=headers_out or headers
+        )
 
     @trace_app_function
     async def receive_message(self: Self, cls: type[T]) -> T:

latch_asgi/framework/common.py

@@ -22,6 +22,7 @@ otel_header_whitelist = {
     "sec-gpc",
     "te",
     "upgrade-insecure-requests",
+    "sec-websocket-extensions",
     "device-memory",
     "downlink",
     "dpr",

{latch_asgi-1.0.4.dist-info → latch_asgi-1.0.6.dev0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: latch-asgi
-Version: 1.0.4
+Version: 1.0.6.dev0
 Summary: ASGI python server
 Author-Email: Max Smolin <max@latch.bio>
 License: CC0-1.0

{latch_asgi-1.0.4.dist-info → latch_asgi-1.0.6.dev0.dist-info}/RECORD

@@ -1,19 +1,20 @@
-latch_asgi-1.0.4.dist-info/METADATA,sha256=7XI3-sIgJ8P4MKSMl_QT5eFhhoBMD4zDNZTBRsQqTsk,580
-latch_asgi-1.0.4.dist-info/WHEEL,sha256=SOP-4bEE0jbVaCHQGVvF08uWxk5rcSsfEybvoQVHlD8,90
-latch_asgi-1.0.4.dist-info/licenses/COPYING,sha256=ogEPNDSH0_dhiv_lT3ifVIdgIzHAqNA_SemnxUfPBJk,7048
+latch_asgi-1.0.6.dev0.dist-info/METADATA,sha256=hJHoLhTi2KXISTVAbtwa1g-F2n7j9zXWsi5NWBccygY,585
+latch_asgi-1.0.6.dev0.dist-info/WHEEL,sha256=9P2ygRxDrTJz3gsagc0Z96ukrxjr-LFBGOgv3AuKlCA,90
+latch_asgi-1.0.6.dev0.dist-info/entry_points.txt,sha256=6OYgBcLyFCUgeqLgnvMyOJxPCWzgy7se4rLPKtNonMs,34
+latch_asgi-1.0.6.dev0.dist-info/licenses/COPYING,sha256=ogEPNDSH0_dhiv_lT3ifVIdgIzHAqNA_SemnxUfPBJk,7048
 latch_asgi/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 latch_asgi/asgi_iface.py,sha256=JSmp9YnbcU7MymDcqo7DvIGGyP5wZWe-8QNtAtkgJnc,2199
-latch_asgi/auth.py,sha256=wbsdN7n9eDZBvuiPp7_Z4t_kdDeFvGGeSEZn8VKoCUI,5824
+latch_asgi/auth.py,sha256=XG4lfgpiu88bAcXa_brGeadDn6BlQH8f_swKwv7Jqag,5874
 latch_asgi/config.py,sha256=Tt3fj4sOz6TENfSIWI5_1fZM1aomIu9xQk4kfw4xDXA,276
 latch_asgi/context/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 latch_asgi/context/common.py,sha256=8Mc1kaQoD0JUAkxD9URFOK4SFE8deJgJ1CroytbuV_Y,2654
 latch_asgi/context/http.py,sha256=dz9bB6ZDG7yMP3cVQVFBw-fXu5Nt2ErDhRPXGFy6GS0,959
-latch_asgi/context/websocket.py,sha256=ERyy3CXhXwNMuMVo2sUNrYAga5nt9847BrEAMox2Ga0,1486
+latch_asgi/context/websocket.py,sha256=eiJyHZtRoQPU8uswx1XgLiM4QsMzngupm5-pjFerpZQ,2573
 latch_asgi/datadog_propagator.py,sha256=tmFWHhsVZ9ClNDWkAz2SLym0almUekz9AwCrdzQaLU4,3346
 latch_asgi/framework/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-latch_asgi/framework/common.py,sha256=GylhWwlwjF15qAN_ZYn8QC2Dtn7hyd8HnT77Ktba0w4,815
+latch_asgi/framework/common.py,sha256=YUd15n0wCj4REIePwu68qohPfDN5AEfav9qbaxiKVa8,847
 latch_asgi/framework/http.py,sha256=mAZJrsYUPyh3PHt-IL3AEc4bNG1z3Sq8a7mA4o3fPZ0,4853
 latch_asgi/framework/websocket.py,sha256=KaRiGGXb635R0U3m_dm9nIT5iWYEWel1IH000MHN3t0,8017
 latch_asgi/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 latch_asgi/server.py,sha256=Gg1ZUm7LCRgYXUjyIDn6TuZTXSGYk1jUM20ZWC-fseY,18418
-latch_asgi-1.0.4.dist-info/RECORD,,
+latch_asgi-1.0.6.dev0.dist-info/RECORD,,

{latch_asgi-1.0.4.dist-info → latch_asgi-1.0.6.dev0.dist-info}/WHEEL

@@ -1,4 +1,4 @@
 Wheel-Version: 1.0
-Generator: pdm-backend (2.3.1)
+Generator: pdm-backend (2.4.5)
 Root-Is-Purelib: true
 Tag: py3-none-any

latch_asgi-1.0.6.dev0.dist-info/entry_points.txt

@@ -0,0 +1,4 @@
+[console_scripts]
+
+[gui_scripts]
+