pkg-auth 3.0.0__py3-none-any.whl

pkg_auth/integrations/fastapi/identity_dep.py

@@ -0,0 +1,41 @@
+"""Token extraction helpers and identity dependency for FastAPI."""
+from __future__ import annotations
+
+from typing import Optional
+
+from fastapi import HTTPException, Request, status
+from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
+
+DEFAULT_COOKIE_NAME = "access_token"
+
+bearer_scheme = HTTPBearer(auto_error=False)
+
+
+def extract_token_from_request(
+    request: Request,
+    credentials: Optional[HTTPAuthorizationCredentials] = None,
+    cookie_name: str = DEFAULT_COOKIE_NAME,
+) -> str:
+    """Extract a bearer token from the Authorization header or a cookie.
+
+    Raises ``HTTPException(401)`` if no token is found.
+    """
+    if credentials is not None:
+        token = (credentials.credentials or "").strip()
+        if token:
+            return token
+
+    auth_header = request.headers.get("Authorization")
+    if auth_header and auth_header.startswith("Bearer "):
+        token = auth_header.removeprefix("Bearer ").strip()
+        if token:
+            return token
+
+    cookie_token = request.cookies.get(cookie_name)
+    if cookie_token:
+        return cookie_token
+
+    raise HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Not authenticated",
+    )

pkg_auth/integrations/strawberry/__init__.py

@@ -0,0 +1,20 @@
+"""Strawberry GraphQL integration for pkg_auth (identity + ACL)."""
+from __future__ import annotations
+
+try:
+    import strawberry  # noqa: F401
+except ImportError as exc:  # pragma: no cover
+    raise ImportError(
+        "pkg_auth.integrations.strawberry requires strawberry-graphql. "
+        "Install with: pip install pkg-auth[strawberry]"
+    ) from exc
+
+from .auth import StrawberryContext, make_context_getter
+from .permissions import IsAuthenticated, RequirePermission
+
+__all__ = [
+    "StrawberryContext",
+    "make_context_getter",
+    "IsAuthenticated",
+    "RequirePermission",
+]

pkg_auth/integrations/strawberry/auth.py

@@ -0,0 +1,137 @@
+"""Strawberry context getter producing ``(IdentityContext, AuthContext)``."""
+from __future__ import annotations
+
+from dataclasses import dataclass, field
+from typing import Awaitable, Callable
+from uuid import UUID
+
+from starlette.requests import Request
+
+from ...authentication import (
+    AuthenticateTokenUseCase,
+    AuthenticationError,
+    IdentityContext,
+    InvalidTokenError,
+    TokenExpiredError,
+)
+from ...authorization import (
+    AuthContext,
+    NotAMember,
+    OrgId,
+    UserNotProvisioned,
+)
+from ...authorization.application.use_cases.resolve_auth_context import (
+    ResolveAuthContextUseCase,
+)
+from ...authorization.application.use_cases.resolve_user_from_jwt import (
+    ResolveUserFromJwtUseCase,
+)
+from ...authorization.application.use_cases.sync_user_from_jwt import (
+    SyncUserFromJwtUseCase,
+)
+from ...authorization.domain.entities import User
+from ...authorization.domain.ports import OrganizationRepository
+
+DEFAULT_HEADER_NAME = "X-Organization-Id"
+DEFAULT_COOKIE_NAME = "access_token"
+
+
+@dataclass(slots=True)
+class StrawberryContext:
+    """Context object exposed to every Strawberry resolver via ``info.context``.
+
+    Carries the request, the validated identity (``None`` for anonymous
+    queries), and the per-organization authorization context (``None``
+    if no ``X-Organization-Id`` header was provided).
+    """
+
+    request: Request
+    identity: IdentityContext | None = None
+    auth_context: AuthContext | None = None
+    extra: dict[str, object] = field(default_factory=dict)
+
+
+def _extract_token(request: Request, cookie_name: str) -> str | None:
+    auth_header = request.headers.get("Authorization")
+    if auth_header and auth_header.startswith("Bearer "):
+        token = auth_header.removeprefix("Bearer ").strip()
+        if token:
+            return token
+    return request.cookies.get(cookie_name)
+
+
+def make_context_getter(
+    *,
+    authenticate_use_case: AuthenticateTokenUseCase,
+    resolve_use_case: ResolveAuthContextUseCase,
+    organization_repo: OrganizationRepository,
+    sync_user_use_case: SyncUserFromJwtUseCase | None = None,
+    resolve_user_use_case: ResolveUserFromJwtUseCase | None = None,
+    header_name: str = DEFAULT_HEADER_NAME,
+    cookie_name: str = DEFAULT_COOKIE_NAME,
+) -> Callable[[Request], Awaitable[StrawberryContext]]:
+    """Build an async ``context_getter`` for ``strawberry.fastapi.GraphQLRouter``.
+
+    Exactly one of ``sync_user_use_case`` (Mode A — source-of-truth) or
+    ``resolve_user_use_case`` (Mode B — consumer) must be supplied.
+
+    The returned function is permissive: token errors, missing headers,
+    and ``UserNotProvisioned`` degrade the context fields to ``None``
+    rather than raising. Permission classes (``IsAuthenticated``,
+    ``RequirePermission``) are responsible for rejecting under-privileged
+    queries.
+    """
+    if (sync_user_use_case is None) == (resolve_user_use_case is None):
+        raise ValueError(
+            "make_context_getter: pass exactly one of "
+            "sync_user_use_case (Mode A) or resolve_user_use_case (Mode B)."
+        )
+
+    async def _context_getter(request: Request) -> StrawberryContext:
+        ctx = StrawberryContext(request=request)
+
+        token = _extract_token(request, cookie_name)
+        if token is not None:
+            try:
+                ctx.identity = authenticate_use_case.execute(token)
+            except (TokenExpiredError, InvalidTokenError, AuthenticationError):
+                ctx.identity = None
+
+        if ctx.identity is None:
+            return ctx
+
+        raw = request.headers.get(header_name)
+        if raw is None:
+            return ctx
+
+        user: User
+        try:
+            if sync_user_use_case is not None:
+                user = await sync_user_use_case.execute(
+                    sub=ctx.identity.subject_str,
+                    email=ctx.identity.email_str or "",
+                    full_name=ctx.identity.full_name,
+                )
+            else:
+                assert resolve_user_use_case is not None
+                user = await resolve_user_use_case.execute(
+                    sub=ctx.identity.subject_str,
+                )
+        except UserNotProvisioned:
+            return ctx
+
+        try:
+            org = await organization_repo.get(OrgId(UUID(raw)))
+        except ValueError:
+            org = await organization_repo.get_by_slug(raw)
+        if org is None:
+            return ctx
+
+        try:
+            ctx.auth_context = await resolve_use_case.execute(user.id, org.id)
+        except NotAMember:
+            ctx.auth_context = None
+
+        return ctx
+
+    return _context_getter

pkg_auth/integrations/strawberry/permissions.py

@@ -0,0 +1,56 @@
+"""Strawberry permission classes built on ``StrawberryContext``."""
+from __future__ import annotations
+
+from typing import Any
+
+from strawberry.permission import BasePermission
+from strawberry.types import Info
+
+from .auth import StrawberryContext
+
+
+class IsAuthenticated(BasePermission):
+    """Permission class: require a valid identity (any organization or none)."""
+
+    message = "Authentication required"
+
+    async def has_permission(
+        self, source: Any, info: Info, **kwargs: Any
+    ) -> bool:
+        ctx: StrawberryContext = info.context
+        return ctx.identity is not None
+
+
+class RequirePermission(BasePermission):
+    """Permission class: require a specific perm in the active org context.
+
+    Usage::
+
+        @strawberry.type
+        class Query:
+            @strawberry.field(
+                permission_classes=[RequirePermission("course:view")],
+            )
+            async def course(self, id: strawberry.ID) -> Course: ...
+
+    Returns ``False`` (and a meaningful ``message``) when:
+        - the request has no identity → "Authentication required"
+        - the request has identity but no auth_context → "Missing X-Organization-Id"
+        - the role does not grant ``perm`` → "Permission denied: <perm>"
+    """
+
+    def __init__(self, perm: str) -> None:
+        self.perm = perm
+        self.message = f"Permission denied: {perm}"
+
+    async def has_permission(
+        self, source: Any, info: Info, **kwargs: Any
+    ) -> bool:
+        ctx: StrawberryContext = info.context
+        if ctx.identity is None:
+            self.message = "Authentication required"
+            return False
+        if ctx.auth_context is None:
+            self.message = "Missing X-Organization-Id header"
+            return False
+        return ctx.auth_context.has(self.perm)

pkg_auth-3.0.0.dist-info/METADATA

@@ -0,0 +1,147 @@
+Metadata-Version: 2.4
+Name: pkg-auth
+Version: 3.0.0
+Summary: Clean-architecture auth core for multiple Python frameworks
+Author-email: Fritill <info@fritill.ae>
+License: MIT
+Project-URL: Homepage, https://github.com/fritill-team/fri_pkg_auth
+Project-URL: Repository, https://github.com/fritill-team/fri_pkg_auth
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+Requires-Dist: httpx>=0.28.1
+Requires-Dist: pyjwt[crypto]>=2.10.1
+Requires-Dist: requests>=2.32.3
+Provides-Extra: dev
+Requires-Dist: pytest<9.0.0,>=8.0.0; extra == "dev"
+Requires-Dist: pytest-asyncio<1.0.0,>=0.23.0; extra == "dev"
+Requires-Dist: mypy<2.0.0,>=1.11.0; extra == "dev"
+Requires-Dist: types-requests<3.0.0.0,>=2.32.0.0; extra == "dev"
+Requires-Dist: types-PyJWT<2.0.0,>=1.7.0; extra == "dev"
+Requires-Dist: testcontainers[postgres,redis]>=4.0; extra == "dev"
+Provides-Extra: acl-sqlalchemy
+Requires-Dist: sqlalchemy<3.0,>=2.0; extra == "acl-sqlalchemy"
+Requires-Dist: asyncpg>=0.29; extra == "acl-sqlalchemy"
+Requires-Dist: alembic>=1.13; extra == "acl-sqlalchemy"
+Provides-Extra: acl-django
+Requires-Dist: django>=4.2; extra == "acl-django"
+Requires-Dist: psycopg[binary]>=3.1; extra == "acl-django"
+Provides-Extra: cache-redis
+Requires-Dist: redis>=5.0; extra == "cache-redis"
+Provides-Extra: fastapi
+Requires-Dist: fastapi>=0.115; extra == "fastapi"
+Requires-Dist: starlette>=0.37; extra == "fastapi"
+Provides-Extra: django
+Requires-Dist: django>=4.2; extra == "django"
+Provides-Extra: strawberry
+Requires-Dist: strawberry-graphql>=0.255; extra == "strawberry"
+Provides-Extra: all
+Requires-Dist: django>=6.0; extra == "all"
+Requires-Dist: fastapi>=0.115; extra == "all"
+Requires-Dist: starlette>=0.37; extra == "all"
+Requires-Dist: django>=4.2; extra == "all"
+Requires-Dist: psycopg[binary]>=3.1; extra == "all"
+Requires-Dist: strawberry-graphql>=0.255; extra == "all"
+Requires-Dist: sqlalchemy<3.0,>=2.0; extra == "all"
+Requires-Dist: asyncpg>=0.29; extra == "all"
+Requires-Dist: alembic>=1.13; extra == "all"
+Requires-Dist: redis>=5.0; extra == "all"
+
+# pkg-auth
+
+Clean-architecture **identity + ACL** for multi-framework Python services. Handles JWT authentication (via Keycloak) and database-backed authorization (users, organizations, roles, permissions, memberships) in a single package with first-class support for **FastAPI**, **Django**, and **Strawberry GraphQL**.
+
+> **v1.0 is a breaking change from v0.x.** The old claim-based authorization model (`AccessContext`, `AccessRights`, `require_permissions`) is replaced by a real ACL database. See [`docs/MIGRATION_v1.md`](docs/MIGRATION_v1.md) for the upgrade guide.
+
+## Install
+
+```bash
+# Core (identity only — no DB deps)
+pip install pkg-auth
+
+# With ACL + FastAPI (most common for itqadem services)
+pip install pkg-auth[acl-sqlalchemy,fastapi]
+
+# With ACL + Django
+pip install pkg-auth[acl-django,django]
+
+# With optional Redis cache
+pip install pkg-auth[cache-redis]
+```
+
+## Quickstart (FastAPI)
+
+```python
+from fastapi import Depends, FastAPI
+from pkg_auth.authentication import IdentityContext
+from pkg_auth.authorization import AuthContext
+from pkg_auth.integrations.fastapi import (
+    create_authentication,
+    make_get_auth_context,
+    require_permission,
+)
+
+# --- Wire authentication + authorization ---
+
+auth = create_authentication(
+    keycloak_base_url="https://auth.example.com",
+    realm="itqadem",
+    audience="courses-service",
+)
+
+# Mode B (consumer — the common case): pass resolve_user_use_case.
+# Mode A (source-of-truth): pass sync_user_use_case instead. Exactly
+# one of the two is required; passing both raises ValueError.
+get_auth_context = make_get_auth_context(
+    get_identity=auth.get_identity,
+    resolve_user_use_case=resolve_user,   # or: sync_user_use_case=sync_user (Mode A)
+    resolve_use_case=resolve,
+    organization_repo=org_repo,
+)
+
+app = FastAPI()
+
+# --- Use in routes ---
+
+@app.get("/courses/{id}")
+async def get_course(
+    id: str,
+    bundle: tuple[IdentityContext, AuthContext] = Depends(
+        require_permission("course:view", get_auth_context=get_auth_context)
+    ),
+):
+    identity, auth_ctx = bundle
+    return {"course_id": id, "role": str(auth_ctx.role_name)}
+```
+
+See [`examples/itqadem_courses_app`](examples/itqadem_courses_app) for a complete working example.
+
+## Architecture
+
+```
+pkg_auth/
+  authentication/             JWT validation → IdentityContext (identity only)
+  authorization/              Full ACL (users, orgs, roles, perms, memberships)
+    domain/                   Pure entities, ports (Protocol), exceptions
+    application/use_cases/    Business logic (13 use cases)
+    adapters/
+      sqlalchemy/             Canonical schema + Alembic migration + repos
+      django_orm/             Mirror models (managed=False) + repos
+      cache/                  InMemoryTTLCache / RedisCache + decorator
+  integrations/
+    fastapi/                  Deps + require_permission + exception handlers
+    django/                   Middleware + decorators
+    strawberry/               Context getter + permission classes
+  admin/                      Keycloak admin client (user provisioning)
+```
+
+**Layering rules**: domain has zero external imports; application imports only domain; adapters import their framework; integrations import everything.
+
+## Documentation
+
+- [Authorization model](docs/Authorization.md) — schema, permission catalog, roles, memberships
+- [Caching](docs/Caching.md) — InMemoryTTLCache, RedisCache, invalidation contract
+- [FastAPI Integration](docs/FastAPI.md)
+- [Django Integration](docs/Django.md)
+- [Strawberry Integration](docs/Strawberry.md)
+- [Keycloak Admin](docs/Keycloak-Admin.md)
+- [Migration from v0.x](docs/MIGRATION_v1.md)

pkg_auth-3.0.0.dist-info/RECORD

@@ -0,0 +1,110 @@
+pkg_auth/__init__.py,sha256=Ncdh3MFgxrBDZ_mm0tvRwEtd6NCRdGUrdroUYZ1Rojg,501
+pkg_auth/admin/__init__.py,sha256=3rhV9qexqMKgBmtlz5EeTsjh4Big1M0n0gTMbO8i56M,1053
+pkg_auth/admin/cli.py,sha256=Zqa9arZSDWOgnnC5gIyUOZpsebaplwkZdJOlybm3HUI,2654
+pkg_auth/admin/client.py,sha256=Zv-T0Z9mtD-OKi0KlWqe4rWHMXUIo7rE3OpxjPgUnCM,15640
+pkg_auth/admin/env.py,sha256=y5ojrPwdbsTIpa8TKE1PNT_qbMCIUjbjjIDGwgOJEhI,2456
+pkg_auth/admin/helpers.py,sha256=Zqq01HZChHcQsaDsWOIznqLRnC2rDoxKzabahonT0dE,3659
+pkg_auth/admin/provision_client.py,sha256=tHqTXNCwD3Q-VqdUgEB6hbyxGYs8EEH15rtGtaAyk3g,2874
+pkg_auth/admin/settings.py,sha256=qFQGl12zgt0O5wfAhXlRJ-uWxFelm-AR7keXRQnkJbE,907
+pkg_auth/authentication/__init__.py,sha256=tC11N5chlpilu9keLJCPqciHhJswMEsfpfOsSNAoeCE,1003
+pkg_auth/authentication/adapters/__init__.py,sha256=zT2tSG-CunLGX5-B_nH1VwUbiah78dXP4jjUmotstyE,46
+pkg_auth/authentication/adapters/keycloak/__init__.py,sha256=jT6EGZ2hJvIubi_lDZP383gbV7-mJwRu4tgjE7e51Kw,144
+pkg_auth/authentication/adapters/keycloak/jwt_decoder.py,sha256=ntsA6Rl5RkQxJaFn8uS53qsEKD-tP784wTE9pMIpSOc,3278
+pkg_auth/authentication/application/__init__.py,sha256=Hds19u1CgNfI00uL9fkYmWF2O71IjIcy4VamMnbSjQ4,52
+pkg_auth/authentication/application/use_cases/__init__.py,sha256=MHUxj-iDbSDzjFHgUgy6PAV6fy2-GJjyeWqGYuZRAX4,32
+pkg_auth/authentication/application/use_cases/authenticate.py,sha256=ahXhfwpdCDNrAMNLYRdJPoGYRYkFdnYG_bKX3FYK9mE,3262
+pkg_auth/authentication/domain/__init__.py,sha256=Lv-UUicaWH5_wTUk3Wq2rHy2ndWSSv6CPkk-kORfk4w,80
+pkg_auth/authentication/domain/entities.py,sha256=hXsoN7kmrEXrDb8DOCkv0HGnHfPwedydc6Y7xtBsmBQ,1650
+pkg_auth/authentication/domain/exceptions.py,sha256=u6Fd6pQfSU3ese0BIs7v6DsyZT7D0xnm24rXgxfJ2ak,486
+pkg_auth/authentication/domain/ports.py,sha256=G3a2Et9QYkSW3muSgflb1hdJDHO6OV4dO9RmlVL_i7Y,785
+pkg_auth/authentication/domain/value_objects.py,sha256=aiMEoD8n8Ij1FBL8txXqYzfcvHctlI4ONUIPBchnBxc,936
+pkg_auth/authorization/__init__.py,sha256=Q79hWDxqH9yjupKzZBchJ9ONR99Pk9m6TyMkixhamFs,2941
+pkg_auth/authorization/config.py,sha256=AGEYfwh19cVZ64yQXTL-_FBzfG2RCngRhCOH-QArKcM,662
+pkg_auth/authorization/platform.py,sha256=_emk0vDEGjBtKlbHs0TLokLj4HLqMSHlVZ2zztkP-ek,2034
+pkg_auth/authorization/adapters/__init__.py,sha256=5HHRX7dlZqqgtoJ0UoMqIbE9ayESEvb0DpdbczzDLWo,77
+pkg_auth/authorization/adapters/cache/__init__.py,sha256=8T8HA1albF1m_aMKtb6_ueXgW37KAM2vBsb1StRdJ3w,966
+pkg_auth/authorization/adapters/cache/decorators.py,sha256=9a1H9G9o6cWA5YwfGcZAKrMCreG01zS8IFsNzwYMHPA,6115
+pkg_auth/authorization/adapters/cache/memory.py,sha256=L6JjCJlN-JVwpGmzt2a3Y536HuH0ylkgIYfE23u-vRE,2060
+pkg_auth/authorization/adapters/cache/protocol.py,sha256=qgBMuBiIuLEfgW6JL9QyafuZlWfYVOyv5n7nl5ry7gs,1159
+pkg_auth/authorization/adapters/cache/redis.py,sha256=OmKKmR5q0nLAh0GklFCqz8_NZ8OwIqjU928GNT3gCL8,1879
+pkg_auth/authorization/adapters/django_orm/__init__.py,sha256=K0yp8LPavqds8wIcn3XpHr5BOocCrirsLKCUC05gd04,1419
+pkg_auth/authorization/adapters/django_orm/apps.py,sha256=POt9oMuHd6ZhyzwOuFTsVOjaOq4DNeLsZrzoSV8Of2o,990
+pkg_auth/authorization/adapters/django_orm/mixins.py,sha256=OVxrD38eQlgjOWoZ8GOCgUPHuJB460cg9Q_kAqLWfx8,4810
+pkg_auth/authorization/adapters/django_orm/models.py,sha256=tPfu7UXEMuGueQsEiruMivX8ZPCW9E7Xahjpy1VEU94,6633
+pkg_auth/authorization/adapters/django_orm/repositories/__init__.py,sha256=StguAKeqZXOuVDhmzm6dfeN7wp8swz74O6Kd7idz-F8,720
+pkg_auth/authorization/adapters/django_orm/repositories/membership.py,sha256=r0dJ9Jk56dFtvNmJz-41qgXsoeS8Y5-fDIwXirGwnrg,3839
+pkg_auth/authorization/adapters/django_orm/repositories/organization.py,sha256=9MLUugCqsae4spQpPQ-cQ-brmKv99DlDC0aTNQgfZRo,2631
+pkg_auth/authorization/adapters/django_orm/repositories/organization_service.py,sha256=N-OLsHVGyy8_Fx92cGAheqnGFHjeecMTN096zpJrujM,2376
+pkg_auth/authorization/adapters/django_orm/repositories/permission_catalog.py,sha256=Tl6u-jKVVXrbODFBsLo-nYGbsJBVg_rqL5dn6miPo-E,3231
+pkg_auth/authorization/adapters/django_orm/repositories/role.py,sha256=pXdsKG004M_26g-FXMeAoM_c5pEKPOaQeJQxaF-6FEY,3896
+pkg_auth/authorization/adapters/django_orm/repositories/service.py,sha256=EfIxJAEvvnlbTfvq4ZLrT_DgK5MDv7-gBa9L_x69fQI,2101
+pkg_auth/authorization/adapters/django_orm/repositories/user.py,sha256=mSw3TU3cIfzvp8devH4zaDZxwjXitCBfV6wG0h5rGUQ,2467
+pkg_auth/authorization/adapters/sqlalchemy/__init__.py,sha256=YrYsBwOCp-XxTlwmd_wsD43DAybvklUXGbJQhrk86C4,2621
+pkg_auth/authorization/adapters/sqlalchemy/base.py,sha256=e3-OeqT_lSNMFzsJMhcfusKjahUVEfCjZL-m0VWAdi8,1988
+pkg_auth/authorization/adapters/sqlalchemy/mixins.py,sha256=CSf9Uo2POfQq72nprHlsSUAe4mW-E7kw8EZxQAe4AWc,6324
+pkg_auth/authorization/adapters/sqlalchemy/models.py,sha256=5ywCymfzzL6qhzFDRLvY5w9IYK3tKcApy8oHQm-Jjbk,8003
+pkg_auth/authorization/adapters/sqlalchemy/migrations/__init__.py,sha256=vPLhCk568lV86IasOo4rEbHaXETwTN8gxYA1dhVLNwg,45
+pkg_auth/authorization/adapters/sqlalchemy/migrations/versions/20260410_0001_initial_schema.py,sha256=f3xZGEqRLdtwzW1V83MQAa2JSL7AJ8-ezml5dXlA0WE,10029
+pkg_auth/authorization/adapters/sqlalchemy/migrations/versions/20260412_0002_add_permission_is_platform.py,sha256=ykew9uG3vQvxMyH6TTTnuS6hnySMbWeJ_h9rIvYpVRU,1056
+pkg_auth/authorization/adapters/sqlalchemy/migrations/versions/20260620_0003_permission_visibility.py,sha256=s2J8X-RIHQM8wSATmclBl0aHUv9bMceSVbabt9hJF1Q,1874
+pkg_auth/authorization/adapters/sqlalchemy/migrations/versions/20260620_0004_permission_description_jsonb.py,sha256=HojPzi79eDc0NMTqOrBIzxBl8wVr_BOX4jVFFodWOpk,1578
+pkg_auth/authorization/adapters/sqlalchemy/migrations/versions/20260620_0005_services_tables.py,sha256=CSDVMKpAYIRtsikPNQow6APQtbx_LWbGs2YSQ3zVsuw,3440
+pkg_auth/authorization/adapters/sqlalchemy/migrations/versions/__init__.py,sha256=Lc0QV0ti8nqP6Z0nCsWRDmK5TEWaeJRz9DR88VbcyY4,73
+pkg_auth/authorization/adapters/sqlalchemy/repositories/__init__.py,sha256=duKdKkcbZn2gIqOy5vYiXQuuSVUtgcN_6tswSpMMVuM,571
+pkg_auth/authorization/adapters/sqlalchemy/repositories/membership.py,sha256=LgXpvvw099VioEFJQSpgYgKVk5vOQCcaeM44VPtI5Po,5143
+pkg_auth/authorization/adapters/sqlalchemy/repositories/organization.py,sha256=Gw5WUuuWoa3XMN7TVhd1aTVMshT-T5fFWwx2R3ZHtD4,3556
+pkg_auth/authorization/adapters/sqlalchemy/repositories/organization_service.py,sha256=huNY2Q9Jg0Dy1tBO7cSUNWTflHXuOV4VVuVil7d4j4w,3731
+pkg_auth/authorization/adapters/sqlalchemy/repositories/permission_catalog.py,sha256=ECTdXKaWvuK7VGQgS8Ms8VXehzotpue9aLf5a-XXRgw,4489
+pkg_auth/authorization/adapters/sqlalchemy/repositories/role.py,sha256=jxS6DCBfLo4jtf65Y3YI81_0Ex_3ob3YAFZzougofW4,5925
+pkg_auth/authorization/adapters/sqlalchemy/repositories/service.py,sha256=vP5fSoEC1eT26ZwsjcUkd2CFlReDj9pIp_Va5VrnTz4,3534
+pkg_auth/authorization/adapters/sqlalchemy/repositories/user.py,sha256=04tS9cdKAgj4MEoOBuxYFepNd1NMtSCEsbmAmrlKmes,2430
+pkg_auth/authorization/application/__init__.py,sha256=clRG0-N0xMg7AONQR4_sMGHFnqjPYefzO0qezvcDaZ0,51
+pkg_auth/authorization/application/use_cases/__init__.py,sha256=0Hh6G-ojeIPJ5coQRp-16vhAOlkofUPflzEX6xDPZBw,31
+pkg_auth/authorization/application/use_cases/_helpers.py,sha256=e0NehT0LNEXx7wc2re4wWQjW9EqRe3j5ho6M8fCXTHI,2786
+pkg_auth/authorization/application/use_cases/check_permission.py,sha256=GrFA7UgIeUFZfolptcEAaIlO74xkvl1IKMXNTWrNucU,699
+pkg_auth/authorization/application/use_cases/create_organization.py,sha256=GBGnDe8g4T0ZIQqaaO4aRrC9ZARx_pis5P_4kOet3-0,1570
+pkg_auth/authorization/application/use_cases/create_role.py,sha256=Y5X-KNQCDibb2mTXAj3U4rNQE0vf-p_ILeQVE5mgmvk,2333
+pkg_auth/authorization/application/use_cases/delete_membership.py,sha256=_m_XXCT7k3bfrZj49zbJVLztwU880HmdiN2iOBdUQhw,613
+pkg_auth/authorization/application/use_cases/delete_organization.py,sha256=SVWqCdUWOJ6-bX135gB_aqMpCeZL-NhFvxRY81-KwU8,621
+pkg_auth/authorization/application/use_cases/delete_role.py,sha256=aWdeE19dkqorvqEMR3JnmG76cb-VyI2FQd7xTXstFFQ,715
+pkg_auth/authorization/application/use_cases/list_user_organizations.py,sha256=ycfsKh5Iof7RbmYS81EyU1IyUsH9SlFWGwHgVVS3lOI,626
+pkg_auth/authorization/application/use_cases/provision_default_services.py,sha256=o27wgHvouvJ7_y6nuZnZ2ik3fQ1t410hKijWZJPfU1g,1369
+pkg_auth/authorization/application/use_cases/register_permission_catalog.py,sha256=V7woKRAyKfHWV_TkfwL_G5rYtT6_AaI-adVR12dhwQU,4369
+pkg_auth/authorization/application/use_cases/resolve_auth_context.py,sha256=rPRnZaV7lKo5YABiv-MC419PdR6U740qN3P_3bfADY0,2841
+pkg_auth/authorization/application/use_cases/resolve_user_from_jwt.py,sha256=kjBr0Qwwy0ObLcoH6CsBuYXoGh8Ae3a9CULqJ64AhUo,1242
+pkg_auth/authorization/application/use_cases/set_organization_service.py,sha256=XQeb-TAIoIK80bMuS6EW5pBLl45z2CIbR5Yhg_nkvqk,1725
+pkg_auth/authorization/application/use_cases/sync_permission_catalog.py,sha256=wNSaBxPgB9TIaoW1eB9xXZkptF_dV28BjvNEc6m7Oaw,2789
+pkg_auth/authorization/application/use_cases/sync_service_catalog.py,sha256=Sqr--6wpDCo-joFvMz7Hubm3b15ceyjas743pcEslmw,2893
+pkg_auth/authorization/application/use_cases/sync_user_from_jwt.py,sha256=eGy78u3PGyFmT3FbQxZETyqmn2-uVSmcwi1frZq010w,871
+pkg_auth/authorization/application/use_cases/update_organization.py,sha256=N2yYeW2GgVdg2mNbvhP4m6rHocmYupyU8_d4w9Z3_QI,967
+pkg_auth/authorization/application/use_cases/update_role.py,sha256=KbDQRo2NrOceOR5ikqGn1qlE1goHVaJbjwj17Ut0X-c,2087
+pkg_auth/authorization/application/use_cases/upsert_membership.py,sha256=HkCXI0nEy1INsex5wou_6JvWNey6sDv7Hr6-nCqPLII,1559
+pkg_auth/authorization/cli/__init__.py,sha256=yegbFIXOk-DLPjGQJuQtTfL_PTmC2TZglAnsLQZ1b78,53
+pkg_auth/authorization/cli/sync_catalog.py,sha256=JJvJ907aSe41VLAEgP2Cup1dkZ6QBS0r3rYxAyjWCRc,5820
+pkg_auth/authorization/cli/sync_services.py,sha256=HG60WlruD5aiXt3QSLmHQG0Cyts-1HmVYvVI_UIEaQI,4964
+pkg_auth/authorization/domain/__init__.py,sha256=iCXr9ZV7LqKZr0pNcyiggcPPGr7T_-Eg4UY0qnywQlo,79
+pkg_auth/authorization/domain/entities.py,sha256=ImjlwLaxnz0ptWj0zWe1c20pKf8n3JLk5m8Gj6r07pQ,6249
+pkg_auth/authorization/domain/exceptions.py,sha256=abJucoInylc5EGyInYsLrIbp90UHg24NliJvdv90PXo,2145
+pkg_auth/authorization/domain/ports.py,sha256=tNt1j7gQ7wL4UtoBsfbgKl2C78no7qvwbPFwwLFlYlw,7327
+pkg_auth/authorization/domain/value_objects.py,sha256=HSDUCticFuLl-gIA2xtLAR4LSO6uKfTGLsnaR0bkI_0,6693
+pkg_auth/integrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+pkg_auth/integrations/django/__init__.py,sha256=ViunP2eC1KUCbYlsagKpfpcOJEKg99SCwyDdVoQGfe4,1093
+pkg_auth/integrations/django/apps.py,sha256=vNXF6vqstShEpXtDTA4HMGK4FdYOiO5gNx65nPgH_7Q,292
+pkg_auth/integrations/django/auth_context_middleware.py,sha256=iHXfUtATAUmECC6a2Pua6rjvqs81Ke5m9pZprD5v_4s,3863
+pkg_auth/integrations/django/decorators.py,sha256=LU7OcVzQrezzDS6sGIqXZTzhFJOepQVGeibAUT1n5hU,2320
+pkg_auth/integrations/django/install.py,sha256=DpSwSZ40DwNe6rAHYl0JCK2Q-u2ZlrAIvyLXIBS0cf4,5076
+pkg_auth/integrations/django/middleware.py,sha256=tUNRnFkHxsvHkqtgr4hH17OUOTX0uBhGsJ0PiexIERQ,2268
+pkg_auth/integrations/fastapi/__init__.py,sha256=4SBK9gZdFh9ZXhu1dy7swvqB7-G6VAxPblHQ5rnQqs4,814
+pkg_auth/integrations/fastapi/auth_context_dep.py,sha256=T3384N7Ex5fNyBUWCf_o9Sv6_NcXz-eJV2x9BBBMWnU,5733
+pkg_auth/integrations/fastapi/auth_factory.py,sha256=G8enX_hisGItbLBkSd9dMXp4cTxazuEzHIy5E_IG0Hc,2804
+pkg_auth/integrations/fastapi/decorators.py,sha256=vgME0__QrZwWtFTsyve6vL3NxMp9pGANxN4OEobIHeo,1653
+pkg_auth/integrations/fastapi/errors.py,sha256=mhcpBYrkmrwuaHoiRvBIiA73Eps9EbV1em1E8e7kXTw,2383
+pkg_auth/integrations/fastapi/identity_dep.py,sha256=9pHY9GEIT6jo0XEtbP8FsP-_0LHZ5YZaEbxJj9JDh-A,1218
+pkg_auth/integrations/strawberry/__init__.py,sha256=3nOveRw8rOGQsiCaKvWO4Vtfxt6Ft23QuqJN_6HHzEQ,593
+pkg_auth/integrations/strawberry/auth.py,sha256=DE3wPKa1i1sfyIJUzMg2fnyKQnWIBu76290y0jkX2Z4,4642
+pkg_auth/integrations/strawberry/permissions.py,sha256=MmD8_RuQz7MUk1j_bmVBWY2XL4J6uuWSZRaR0ztGvnI,1806
+pkg_auth-3.0.0.dist-info/METADATA,sha256=eYMYwFJNjLqJ9tjR2_qGuePfJufHTzfLs4SxPYo95p4,5699
+pkg_auth-3.0.0.dist-info/WHEEL,sha256=aeYiig01lYGDzBgS8HxWXOg3uV61G9ijOsup-k9o1sk,91
+pkg_auth-3.0.0.dist-info/entry_points.txt,sha256=cbN-pxVE5BuYAb5LVfurD84I9S1gBe9_Zdd2jGnvtyY,205
+pkg_auth-3.0.0.dist-info/top_level.txt,sha256=xEdLnVj1Gbyv7q5dJSiWASWs-soG3RKfSuP2HHdcUNY,9
+pkg_auth-3.0.0.dist-info/RECORD,,

pkg_auth-3.0.0.dist-info/WHEEL

@@ -0,0 +1,5 @@
+Wheel-Version: 1.0
+Generator: setuptools (82.0.1)
+Root-Is-Purelib: true
+Tag: py3-none-any
+

pkg_auth-3.0.0.dist-info/entry_points.txt

@@ -0,0 +1,4 @@
+[console_scripts]
+keycloak-init-client = pkg_auth.admin.cli:main
+pkg-auth-sync-catalog = pkg_auth.authorization.cli.sync_catalog:main
+pkg-auth-sync-services = pkg_auth.authorization.cli.sync_services:main

pkg_auth-3.0.0.dist-info/top_level.txt

@@ -0,0 +1 @@
+pkg_auth