maleo-foundation 0.2.7__tar.gz → 0.2.8__tar.gz

{maleo_foundation-0.2.7 → maleo_foundation-0.2.8}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: maleo_foundation
-Version: 0.2.7
+Version: 0.2.8
 Summary: Foundation package for Maleo
 Author-email: Agra Bima Yuda <agra@nexmedis.com>
 License: MIT

{maleo_foundation-0.2.7 → maleo_foundation-0.2.8}/maleo_foundation/authentication.py

@@ -1,25 +1,26 @@
 from pydantic import BaseModel, Field
 from starlette.authentication import AuthCredentials, BaseUser
 from typing import Optional, Sequence
+from maleo_foundation.enums import BaseEnums
 from maleo_foundation.models.transfers.general.token import MaleoFoundationTokenGeneralTransfers
 from maleo_foundation.types import BaseTypes
 
 class Credentials(AuthCredentials):
     def __init__(
         self,
-        key:BaseTypes.OptionalString = None,
+        token_type:Optional[BaseEnums.TokenType] = None,
         token:BaseTypes.OptionalString = None,
         payload:Optional[MaleoFoundationTokenGeneralTransfers.DecodePayload] = None,
         scopes:Optional[Sequence[str]] = None
     ) -> None:
-        self._key = key
+        self._token_type = token_type
         self._token = token
         self._payload = payload
         super().__init__(scopes)
 
     @property
-    def key(self) -> BaseTypes.OptionalString:
-        return self._key
+    def token_type(self) -> Optional[BaseEnums.TokenType]:
+        return self._token_type
 
     @property
     def token(self) -> BaseTypes.OptionalString:

{maleo_foundation-0.2.7 → maleo_foundation-0.2.8}/maleo_foundation/managers/service.py

@@ -261,7 +261,7 @@ class ServiceManager:
         raise NotImplementedError()
 
     @property
-    def token(self) -> str:
+    def token(self) -> BaseTypes.OptionalString:
         payload = MaleoFoundationTokenGeneralTransfers.BaseEncodePayload(
             iss=None,
             sub=str(self._maleo_credentials.id),
@@ -272,9 +272,7 @@ class ServiceManager:
         )
         parameters = MaleoFoundationTokenParametersTransfers.Encode(key=self._keys.private, password=self._keys.password, payload=payload)
         result = self._foundation.services.token.encode(parameters=parameters)
-        if not result.success:
-            raise RuntimeError("Failed encoding payload into token")
-        return result.data.token
+        return result.data.token if result.success else None
 
     def create_app(self, router:APIRouter, lifespan:Optional[Lifespan[AppType]] = None) -> FastAPI:
         self._loggers.application.info("Creating FastAPI application")

maleo_foundation-0.2.8/maleo_foundation/middlewares/authentication.py

@@ -0,0 +1,99 @@
+from fastapi import FastAPI
+from starlette.authentication import AuthenticationBackend, AuthenticationError
+from starlette.middleware.authentication import AuthenticationMiddleware
+from starlette.requests import HTTPConnection
+from typing import Tuple
+from maleo_foundation.authentication import Credentials, User
+from maleo_foundation.enums import BaseEnums
+from maleo_foundation.client.manager import MaleoFoundationClientManager
+from maleo_foundation.models.schemas import BaseGeneralSchemas
+from maleo_foundation.models.transfers.parameters.token import MaleoFoundationTokenParametersTransfers
+from maleo_foundation.utils.exceptions import BaseExceptions
+from maleo_foundation.utils.logging import MiddlewareLogger
+
+class Backend(AuthenticationBackend):
+    def __init__(self, keys:BaseGeneralSchemas.RSAKeys, logger:MiddlewareLogger, maleo_foundation:MaleoFoundationClientManager):
+        super().__init__()
+        self._keys = keys
+        self._logger = logger
+        self._maleo_foundation = maleo_foundation
+
+    async def authenticate(self, conn:HTTPConnection) -> Tuple[Credentials, User]:
+        if "Authorization" in conn.headers:
+            auth = conn.headers["Authorization"]
+            parts = auth.split()
+            if len(parts) != 2 or parts[0] != "Bearer":
+                raise AuthenticationError("Invalid Authorization header format")
+            scheme, token = parts
+            if scheme != 'Bearer':
+                raise AuthenticationError("Authorization scheme must be Bearer token")
+            
+            #* Decode token
+            decode_token_parameters = MaleoFoundationTokenParametersTransfers.Decode(key=self._keys.public, token=token)
+            decode_token_result = self._maleo_foundation.services.token.decode(parameters=decode_token_parameters)
+            if decode_token_result.success:
+                payload = decode_token_result.data
+                return (
+                    Credentials(
+                        token_type=BaseEnums.TokenType.ACCESS,
+                        token=token,
+                        payload=payload,
+                        scopes=["authenticated", payload.sr]
+                    ),
+                    User(
+                        authenticated=True,
+                        username=payload.u_u,
+                        email=payload.u_e
+                    )
+                )
+
+        if "token" in conn.cookies:
+            token = conn.cookies["token"]
+            #* Decode token
+            decode_token_parameters = MaleoFoundationTokenParametersTransfers.Decode(key=self._keys.public, token=token)
+            decode_token_result = self._maleo_foundation.services.token.decode(parameters=decode_token_parameters)
+            if decode_token_result.success:
+                payload = decode_token_result.data
+                return (
+                    Credentials(
+                        token_type=BaseEnums.TokenType.REFRESH,
+                        token=token,
+                        payload=payload,
+                        scopes=["authenticated", payload.sr]
+                    ),
+                    User(
+                        authenticated=True,
+                        username=payload.u_u,
+                        email=payload.u_e
+                    )
+                )
+
+        return Credentials(), User(authenticated=False)
+
+def add_authentication_middleware(app:FastAPI, keys:BaseGeneralSchemas.RSAKeys, logger:MiddlewareLogger, maleo_foundation:MaleoFoundationClientManager) -> None:
+    """
+    Adds Authentication middleware to the FastAPI application.
+
+    Args:
+        app: FastAPI
+            The FastAPI application instance to which the middleware will be added.
+
+        logger: MiddlewareLogger
+            Authentication middleware logger to be used.
+
+        key: str
+            Public key to be used for token decoding.
+
+    Returns:
+        None: The function modifies the FastAPI app by adding Base middleware.
+
+    Note:
+        FastAPI applies middleware in reverse order of registration, so this middleware
+        will execute after any middleware added subsequently.
+
+    Example:
+    ```python
+    add_authentication_middleware(app=app, limit=10, window=1, cleanup_interval=60, ip_timeout=300)
+    ```
+    """
+    app.add_middleware(AuthenticationMiddleware, backend=Backend(keys, logger, maleo_foundation), on_error=BaseExceptions.authentication_error_handler)

{maleo_foundation-0.2.7 → maleo_foundation-0.2.8}/maleo_foundation/middlewares/base.py

@@ -8,10 +8,13 @@ from fastapi import FastAPI, Request, Response, status
 from fastapi.responses import JSONResponse
 from starlette.middleware.base import BaseHTTPMiddleware, RequestResponseEndpoint
 from typing import Awaitable, Callable, Optional, Sequence
-from maleo_foundation.authentication import Credentials, User
+from maleo_foundation.authentication import Authentication
+from maleo_foundation.enums import BaseEnums
 from maleo_foundation.client.manager import MaleoFoundationClientManager
 from maleo_foundation.models.schemas import BaseGeneralSchemas
 from maleo_foundation.models.responses import BaseResponses
+from maleo_foundation.models.transfers.general.token import MaleoFoundationTokenGeneralTransfers
+from maleo_foundation.models.transfers.parameters.token import MaleoFoundationTokenParametersTransfers
 from maleo_foundation.models.transfers.parameters.signature import MaleoFoundationSignatureParametersTransfers
 from maleo_foundation.utils.extractor import BaseExtractors
 from maleo_foundation.utils.logging import MiddlewareLogger
@@ -117,6 +120,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
     def _add_response_headers(
         self,
         request:Request,
+        authentication:Authentication,
         response:Response,
         request_timestamp:datetime,
         response_timestamp:datetime,
@@ -132,11 +136,22 @@ class BaseMiddleware(BaseHTTPMiddleware):
         if sign_result.success:
             response.headers["X-Signature"] = sign_result.data.signature
         response = self._append_cors_headers(request=request, response=response) #* Re-append CORS headers
+        if authentication.user.is_authenticated \
+            and authentication.credentials.token_type == BaseEnums.TokenType.REFRESH \
+            and authentication.credentials.payload is not None \
+            and (response.status_code >= 200 and response.status_code < 300):
+            #* Regenerate new authorization
+            payload = MaleoFoundationTokenGeneralTransfers.BaseEncodePayload.model_validate(authentication.credentials.payload.model_dump())
+            parameters = MaleoFoundationTokenParametersTransfers.Encode(key=self._keys.private, password=self._keys.password, payload=payload)
+            result = self._maleo_foundation.services.token.encode(parameters=parameters)
+            if result.success:
+                response.headers["X-New-Authorization"] = result.data.token
         return response
 
     def _build_response(
         self,
         request:Request,
+        authentication:Authentication,
         authentication_info:str,
         response:Response,
         request_timestamp:datetime,
@@ -145,7 +160,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
         log_level:str = "info",
         client_ip:str = "unknown"
     ) -> Response:
-        response = self._add_response_headers(request, response, request_timestamp, response_timestamp, process_time)
+        response = self._add_response_headers(request, authentication, response, request_timestamp, response_timestamp, process_time)
         log_func = getattr(self._logger, log_level)
         log_func(
             f"Request {authentication_info} | IP: {client_ip} | Host: {request.client.host} | Port: {request.client.port} | Method: {request.method} | URL: {request.url.path} | "
@@ -156,6 +171,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
     def _handle_exception(
         self,
         request:Request,
+        authentication:Authentication,
         authentication_info:str,
         error,
         request_timestamp:datetime,
@@ -183,7 +199,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
             f"Headers: {dict(request.headers)} - Response | Status: 500 | Exception:\n{json.dumps(error_details, indent=4)}"
         )
 
-        return self._add_response_headers(request, response, request_timestamp, response_timestamp, process_time)
+        return self._add_response_headers(request, authentication, response, request_timestamp, response_timestamp, process_time)
 
     async def _request_processor(self, request:Request) -> Optional[Response]:
         return None
@@ -193,17 +209,21 @@ class BaseMiddleware(BaseHTTPMiddleware):
         request_timestamp = datetime.now(tz=timezone.utc) #* Record the request timestamp
         start_time = time.perf_counter() #* Record the start time
         client_ip = BaseExtractors.extract_client_ip(request) #* Get request IP with improved extraction
-        user:User = request.user
-        if not user.is_authenticated:
+        authentication = Authentication(
+            credentials=request.auth,
+            user=request.user
+        )
+        if not authentication.user.is_authenticated:
             authentication_info = "| Unauthenticated"
         else:
-            authentication_info = f"| Username: {user.display_name} | Email:{user.identity}"
+            authentication_info = f"| Username: {authentication.user.display_name} | Email:{authentication.user.identity}"
 
         try:
             #* 1. Rate limit check
             if self._check_rate_limit(client_ip):
                 return self._build_response(
                     request=request,
+                    authentication=authentication,
                     authentication_info=authentication_info,
                     response=JSONResponse(
                         content=BaseResponses.RateLimitExceeded().model_dump(),
@@ -221,6 +241,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
             if pre_response is not None:
                 return self._build_response(
                     request=request,
+                    authentication=authentication,
                     authentication_info=authentication_info,
                     response=pre_response,
                     request_timestamp=request_timestamp,
@@ -234,6 +255,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
             response = await call_next(request)
             response = self._build_response(
                 request=request,
+                authentication=authentication,
                 authentication_info=authentication_info,
                 response=response,
                 request_timestamp=request_timestamp,
@@ -248,6 +270,7 @@ class BaseMiddleware(BaseHTTPMiddleware):
         except Exception as e:
             return self._handle_exception(
                 request=request,
+                authentication=authentication,
                 authentication_info=authentication_info,
                 error=e,
                 request_timestamp=request_timestamp,

{maleo_foundation-0.2.7 → maleo_foundation-0.2.8}/maleo_foundation.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: maleo_foundation
-Version: 0.2.7
+Version: 0.2.8
 Summary: Foundation package for Maleo
 Author-email: Agra Bima Yuda <agra@nexmedis.com>
 License: MIT

{maleo_foundation-0.2.7 → maleo_foundation-0.2.8}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "maleo_foundation"
-version = "0.2.7"
+version = "0.2.8"
 description = "Foundation package for Maleo"
 authors = [
     { name = "Agra Bima Yuda", email = "agra@nexmedis.com" }

maleo_foundation-0.2.7/maleo_foundation/middlewares/authentication.py

@@ -1,80 +0,0 @@
-from datetime import datetime, timezone
-from fastapi import FastAPI
-from starlette.authentication import AuthenticationBackend, AuthenticationError
-from starlette.middleware.authentication import AuthenticationMiddleware
-from starlette.requests import HTTPConnection
-from typing import Tuple
-from maleo_foundation.authentication import Credentials, User
-from maleo_foundation.client.manager import MaleoFoundationClientManager
-from maleo_foundation.models.schemas import BaseGeneralSchemas
-from maleo_foundation.models.transfers.parameters.token import MaleoFoundationTokenParametersTransfers
-from maleo_foundation.utils.exceptions import BaseExceptions
-from maleo_foundation.utils.logging import MiddlewareLogger
-
-class Backend(AuthenticationBackend):
-    def __init__(self, keys:BaseGeneralSchemas.RSAKeys, logger:MiddlewareLogger, maleo_foundation:MaleoFoundationClientManager):
-        super().__init__()
-        self._keys = keys
-        self._logger = logger
-        self._maleo_foundation = maleo_foundation
-
-    async def authenticate(self, conn:HTTPConnection) -> Tuple[Credentials, User]:
-        if "Authorization" not in conn.headers:
-            return Credentials(), User(authenticated=False)
-
-        auth = conn.headers["Authorization"]
-        scheme, token = auth.split()
-        if scheme != 'Bearer':
-            # raise AuthenticationError("Authorization scheme must be Bearer token")
-            return Credentials(), User(authenticated=False)
-
-        decode_token_parameters = MaleoFoundationTokenParametersTransfers.Decode(key=self._keys.public, token=token)
-        decode_token_result = self._maleo_foundation.services.token.decode(parameters=decode_token_parameters)
-        if not decode_token_result.success:
-            # raise AuthenticationError("Invalid Bearer token, unable to decode token")
-            return Credentials(), User(authenticated=False)
-        if decode_token_result.data.exp_dt <= datetime.now(tz=timezone.utc):
-            # raise AuthenticationError("Expired Bearer token, request new or refresh token")
-            return Credentials(), User(authenticated=False)
-
-        payload = decode_token_result.data
-        return (
-            Credentials(
-                token=token,
-                payload=payload,
-                scopes=["authenticated", payload.sr]
-            ),
-            User(
-                authenticated=True,
-                username=payload.u_u,
-                email=payload.u_e
-            )
-        )
-
-def add_authentication_middleware(app:FastAPI, keys:BaseGeneralSchemas.RSAKeys, logger:MiddlewareLogger, maleo_foundation:MaleoFoundationClientManager) -> None:
-    """
-    Adds Authentication middleware to the FastAPI application.
-
-    Args:
-        app: FastAPI
-            The FastAPI application instance to which the middleware will be added.
-
-        logger: MiddlewareLogger
-            Authentication middleware logger to be used.
-
-        key: str
-            Public key to be used for token decoding.
-
-    Returns:
-        None: The function modifies the FastAPI app by adding Base middleware.
-
-    Note:
-        FastAPI applies middleware in reverse order of registration, so this middleware
-        will execute after any middleware added subsequently.
-
-    Example:
-    ```python
-    add_authentication_middleware(app=app, limit=10, window=1, cleanup_interval=60, ip_timeout=300)
-    ```
-    """
-    app.add_middleware(AuthenticationMiddleware, backend=Backend(keys, logger, maleo_foundation), on_error=BaseExceptions.authentication_error_handler)