PyPI - pypomes-iam - Versions diffs - 0.5.4__py3-none-any.whl → 0.5.6__py3-none-any.whl - Mend

pypomes-iam 0.5.4py3-none-any.whl → 0.5.6py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of pypomes-iam might be problematic. Click here for more details.

Files changed (13) hide show

pypomes_iam/__init__.py +14 -6
pypomes_iam/iam_actions.py +511 -0
pypomes_iam/iam_common.py +1 -1
pypomes_iam/iam_pomes.py +2 -506
pypomes_iam/iam_services.py +23 -23
pypomes_iam/jusbr_pomes.py +5 -5
pypomes_iam/keycloak_pomes.py +5 -5
pypomes_iam/provider_pomes.py +3 -3
{pypomes_iam-0.5.4.dist-info → pypomes_iam-0.5.6.dist-info}/METADATA +1 -1
pypomes_iam-0.5.6.dist-info/RECORD +13 -0
pypomes_iam-0.5.4.dist-info/RECORD +0 -12
{pypomes_iam-0.5.4.dist-info → pypomes_iam-0.5.6.dist-info}/WHEEL +0 -0
{pypomes_iam-0.5.4.dist-info → pypomes_iam-0.5.6.dist-info}/licenses/LICENSE +0 -0

pypomes_iam/__init__.py CHANGED Viewed

@@ -1,7 +1,12 @@
+from .iam_actions import (
+    action_callback, action_exchange,
+    action_login, action_logout, action_token
+)
+from .iam_common import (
+    IamServer
+)
 from .iam_pomes import (
-    IamServer,
-    login_callback, token_exchange,
-    user_login, user_logout, user_token
+    jwt_required
 )
 from .iam_services import (
      logger_register
@@ -20,10 +25,13 @@ from .token_pomes import (
 )
 __all__ = [
-    # iam_pomes
+    # iam_actions
+    "action_callback", "action_exchange",
+    "action_login", "action_logout", "action_token",
+    # iam_commons
     "IamServer",
-    "login_callback", "token_exchange",
-    "user_login", "user_logout", "user_token",
+    # iam_pomes
+    "jwt_required",
     # iam_services
     "logger_register",
     # jusbr_pomes

pypomes_iam/iam_actions.py ADDED Viewed

@@ -0,0 +1,511 @@
+import json
+import requests
+import secrets
+import string
+import sys
+from datetime import datetime
+from logging import Logger
+from pypomes_core import TZ_LOCAL, exc_format
+from typing import Any
+from .iam_common import (
+    IamServer, _iam_lock,
+    _get_iam_users, _get_iam_registry,  # _get_public_key,
+    _get_login_timeout, _get_user_data
+)
+from .token_pomes import token_validate
+def action_login(iam_server: IamServer,
+                 args: dict[str, Any],
+                 errors: list[str] = None,
+                 logger: Logger = None) -> str:
+    """
+    Build the URL for redirecting the request to *iam_server*'s authentication page.
+    These are the expected attributes in *args*:
+        - user-id: optional, identifies the reference user (alias: 'login')
+        - redirect-uri: a parameter to be added to the query part of the returned URL
+    If provided, the user identification will be validated against the authorization data
+    returned by *iam_server* upon login. On success, the appropriate URL for invoking
+    the IAM server's authentication page is returned.
+    :param iam_server: the reference registered *IAM* server
+    :param args: the arguments passed when requesting the service
+    :param errors: incidental error messages
+    :param logger: optional logger
+    :return: the callback URL, with the appropriate parameters, of *None* if error
+    """
+    # initialize the return variable
+    result: str | None = None
+    # obtain the optional user's identification
+    user_id: str = args.get("user-id") or args.get("login")
+    # build the user data
+    # ('oauth_state' is a randomly-generated string, thus 'user_data' is always a new entry)
+    oauth_state: str = "".join(secrets.choice(string.ascii_letters + string.digits) for _ in range(16))
+    with _iam_lock:
+        # retrieve the user data from the IAM server's registry
+        user_data: dict[str, Any] = _get_user_data(iam_server=iam_server,
+                                                   user_id=oauth_state,
+                                                   errors=errors,
+                                                   logger=logger)
+        if user_data:
+            user_data["login-id"] = user_id
+            timeout: int = _get_login_timeout(iam_server=iam_server,
+                                              errors=errors,
+                                              logger=logger)
+            if not errors:
+                user_data["login-expiration"] = int(datetime.now(tz=TZ_LOCAL).timestamp()) + timeout \
+                    if timeout else None
+                redirect_uri: str = args.get("redirect-uri")
+                user_data["redirect-uri"] = redirect_uri
+                # build the login url
+                registry: dict[str, Any] = _get_iam_registry(iam_server=iam_server,
+                                                             errors=errors,
+                                                             logger=logger)
+                if registry:
+                    result = (f"{registry["base-url"]}/protocol/openid-connect/auth"
+                              f"?response_type=code&scope=openid"
+                              f"&client_id={registry["client-id"]}"
+                              f"&redirect_uri={redirect_uri}"
+                              f"&state={oauth_state}")
+    return result
+def action_logout(iam_server: IamServer,
+                  args: dict[str, Any],
+                  errors: list[str] = None,
+                  logger: Logger = None) -> None:
+    """
+    Logout the user, by removing all data associating it from *iam_server*'s registry.
+    The user is identified by the attribute *user-id* or "login", provided in *args*.
+    If successful, remove all data relating to the user from the *IAM* server's registry.
+    Otherwise, this operation fails silently, unless an error has ocurred.
+    :param iam_server: the reference registered *IAM* server
+    :param args: the arguments passed when requesting the service
+    :param errors: incidental error messages
+    :param logger: optional logger
+    """
+    # obtain the user's identification
+    user_id: str = args.get("user-id") or args.get("login")
+    if user_id:
+        with _iam_lock:
+            # retrieve the data for all users in the IAM server's registry
+            users: dict[str, dict[str, Any]] = _get_iam_users(iam_server=iam_server,
+                                                              errors=errors,
+                                                              logger=logger) or {}
+            if user_id in users:
+                users.pop(user_id)
+                if logger:
+                    logger.debug(msg=f"User '{user_id}' removed from {iam_server}'s registry")
+def action_token(iam_server: IamServer,
+                 args: dict[str, Any],
+                 errors: list[str] = None,
+                 logger: Logger = None) -> str:
+    """
+    Retrieve the authentication token for the user, from *iam_server*.
+    The user is identified by the attribute *user-id* or *login*, provided in *args*.
+    :param iam_server: the reference registered *IAM* server
+    :param args: the arguments passed when requesting the service
+    :param errors: incidental error messages
+    :param logger: optional logger
+    :return: the token for user indicated, or *None* if error
+    """
+    # initialize the return variable
+    result: str | None = None
+    # obtain the user's identification
+    user_id: str = args.get("user-id") or args.get("login")
+    err_msg: str | None = None
+    if user_id:
+        with _iam_lock:
+            # retrieve the user data in the IAM server's registry
+            user_data: dict[str, Any] = _get_user_data(iam_server=iam_server,
+                                                       user_id=user_id,
+                                                       errors=errors,
+                                                       logger=logger)
+            token: str = user_data["access-token"] if user_data else None
+            if token:
+                access_expiration: int = user_data.get("access-expiration")
+                now: int = int(datetime.now(tz=TZ_LOCAL).timestamp())
+                if now < access_expiration:
+                    result = token
+                else:
+                    # access token has expired
+                    refresh_token: str = user_data["refresh-token"]
+                    if refresh_token:
+                        refresh_expiration = user_data["refresh-expiration"]
+                        if now < refresh_expiration:
+                            body_data: dict[str, str] = {
+                                "grant_type": "refresh_token",
+                                "refresh_token": refresh_token
+                            }
+                            now: int = int(datetime.now(tz=TZ_LOCAL).timestamp())
+                            token_data: dict[str, Any] = __post_for_token(iam_server=iam_server,
+                                                                          body_data=body_data,
+                                                                          errors=errors,
+                                                                          logger=logger)
+                            # validate and store the token data
+                            if token_data:
+                                token_info: tuple[str, str] = __validate_and_store(iam_server=iam_server,
+                                                                                   user_data=user_data,
+                                                                                   token_data=token_data,
+                                                                                   now=now,
+                                                                                   errors=errors,
+                                                                                   logger=logger)
+                                result = token_info[1]
+                            else:
+                                # refresh token is no longer valid
+                                user_data["refresh-token"] = None
+                        else:
+                            # refresh token has expired
+                            err_msg = "Access and refresh tokens expired"
+                            if logger:
+                                logger.error(msg=err_msg)
+                    else:
+                        err_msg = "Access token expired, no refresh token available"
+                        if logger:
+                            logger.error(msg=err_msg)
+            else:
+                err_msg = f"User '{user_id}' not authenticated"
+                if logger:
+                    logger.error(msg=err_msg)
+    else:
+        err_msg = "User identification not provided"
+        if logger:
+            logger.error(msg=err_msg)
+    if err_msg and isinstance(errors, list):
+        errors.append(err_msg)
+    return result
+def action_callback(iam_server: IamServer,
+                    args: dict[str, Any],
+                    errors: list[str] = None,
+                    logger: Logger = None) -> tuple[str, str] | None:
+    """
+    Entry point for the callback from *iam_server* via the front-end application, on authentication operations.
+    The relevant expected arguments in *args* are:
+        - *state*: used to enhance security during the authorization process, typically to provide *CSRF* protection
+        - *code*: the temporary authorization code provided by *iam_server*, to be exchanged for the token
+    :param iam_server: the reference registered *IAM* server
+    :param args: the arguments passed when requesting the service
+    :param errors: incidental errors
+    :param logger: optional logger
+    :return: a tuple containing the reference user identification and the token obtained, or *None* if error
+    """
+    # initialize the return variable
+    result: tuple[str, str] | None = None
+    with _iam_lock:
+        # retrieve the IAM server's data for all users
+        users: dict[str, dict[str, Any]] = _get_iam_users(iam_server=iam_server,
+                                                          errors=errors,
+                                                          logger=logger) or {}
+        # retrieve the OAuth2 state
+        oauth_state: str = args.get("state")
+        user_data: dict[str, Any] | None = None
+        if oauth_state:
+            for user, data in users.items():
+                if user == oauth_state:
+                    user_data = data
+                    break
+        # exchange 'code' received for the token
+        if user_data:
+            expiration: int = user_data["login-expiration"] or sys.maxsize
+            if int(datetime.now(tz=TZ_LOCAL).timestamp()) > expiration:
+                errors.append("Operation timeout")
+            else:
+                users.pop(oauth_state)
+                code: str = args.get("code")
+                body_data: dict[str, Any] = {
+                    "grant_type": "authorization_code",
+                    "code": code,
+                    "redirect_uri": user_data.pop("redirect-uri")
+                }
+                now: int = int(datetime.now(tz=TZ_LOCAL).timestamp())
+                token_data: dict[str, Any] = __post_for_token(iam_server=iam_server,
+                                                              body_data=body_data,
+                                                              errors=errors,
+                                                              logger=logger)
+                # validate and store the token data
+                if token_data:
+                    result = __validate_and_store(iam_server=iam_server,
+                                                  user_data=user_data,
+                                                  token_data=token_data,
+                                                  now=now,
+                                                  errors=errors,
+                                                  logger=logger)
+        else:
+            msg: str = f"State '{oauth_state}' not found in {iam_server}'s registry"
+            if logger:
+                logger.error(msg=msg)
+            if isinstance(errors, list):
+                errors.append(msg)
+    return result
+def action_exchange(iam_server: IamServer,
+                    args: dict[str, Any],
+                    errors: list[str] = None,
+                    logger: Logger = None) -> dict[str, Any]:
+    """
+    Request *iam_server* to issue a token in exchange for the token obtained from another *IAM* server.
+    The expected parameters in *args* are:
+        - user-id: identification for the reference user (alias: 'login')
+        - token: the token to be exchanged
+    The typical data set returned contains the following attributes:
+        {
+            "token_type": "Bearer",
+            "access_token": <str>,
+            "expires_in": <number-of-seconds>,
+            "refresh_token": <str>,
+            "refesh_expires_in": <number-of-seconds>
+        }
+    :param iam_server: the reference registered *IAM* server
+    :param args: the arguments passed when requesting the service
+    :param errors: incidental errors
+    :param logger: optional logger
+    :return: the data for the new token, or *None* if error
+    """
+    # initialize the return variable
+    result: dict[str, Any] | None = None
+    # obtain the user's identification
+    user_id: str = args.get("user-id") or args.get("login")
+    # obtain the token to be exchanged
+    token: str = args.get("access-token")
+    if user_id and token:
+        # HAZARD: only 'IAM_KEYCLOAK' is currently supported
+        with _iam_lock:
+            # retrieve the IAM server's registry
+            registry: dict[str, Any] = _get_iam_registry(iam_server=iam_server,
+                                                         errors=errors,
+                                                         logger=logger)
+            if registry:
+                body_data: dict[str, str] = {
+                    "grant_type": "urn:ietf:params:oauth:grant-type:token-exchange",
+                    "subject_token": token,
+                    "subject_token_type": "urn:ietf:params:oauth:token-type:access_token",
+                    "requested_token_type": "urn:ietf:params:oauth:token-type:access_token",
+                    "audience": registry["client-id"],
+                    "subject_issuer": "oidc"
+                }
+                now: int = int(datetime.now(tz=TZ_LOCAL).timestamp())
+                token_data: dict[str, Any] = __post_for_token(iam_server=IamServer.IAM_KEYCLOAK,
+                                                              body_data=body_data,
+                                                              errors=errors,
+                                                              logger=logger)
+                # validate and store the token data
+                if token_data:
+                    user_data: dict[str, Any] = {}
+                    result = __validate_and_store(iam_server=iam_server,
+                                                  user_data=user_data,
+                                                  token_data=token_data,
+                                                  now=now,
+                                                  errors=errors,
+                                                  logger=logger)
+    else:
+        msg: str = "User identification or token not provided"
+        if logger:
+            logger.error(msg=msg)
+        if isinstance(errors, list):
+            errors.append(msg)
+    return result
+def __post_for_token(iam_server: IamServer,
+                     body_data: dict[str, Any],
+                     errors: list[str] | None,
+                     logger: Logger | None) -> dict[str, Any] | None:
+    """
+    Send a POST request to obtain the authentication token data, and return the data received.
+    For token acquisition, *body_data* will have the attributes:
+        - "grant_type": "authorization_code"
+        - "code": <16-character-random-code>
+        - "redirect_uri": <redirect-uri>
+    For token refresh, *body_data* will have the attributes:
+        - "grant_type": "refresh_token"
+        - "refresh_token": <current-refresh-token>
+    For token exchange, *body_data* will have the attributes:
+        - "grant_type": "urn:ietf:params:oauth:grant-type:token-exchange",
+        - "subject_token": <token-to-be-exchanged>,
+        - "subject_token_type": "urn:ietf:params:oauth:token-type:access_token",
+        - "requested_token_type": "urn:ietf:params:oauth:token-type:access_token",
+        - "audience": <client-id>,
+        - "subject_issuer": "oidc"
+    These attributes are then added to *body_data*:
+        - "client_id": <client-id>,
+        - "client_secret": <client-secret>,
+    If the operation is successful, the token data is stored in the *IAM* server's registry, and returned.
+    Otherwise, *errors* will contain the appropriate error message.
+    The typical data set returned contains the following attributes:
+        {
+            "token_type": "Bearer",
+            "access_token": <str>,
+            "expires_in": <number-of-seconds>,
+            "refresh_token": <str>,
+            "refesh_expires_in": <number-of-seconds>
+        }
+    :param iam_server: the reference registered *IAM* server
+    :param body_data: the data to send in the body of the request
+    :param errors: incidental errors
+    :param logger: optional logger
+    :return: the token data, or *None* if error
+    """
+    # initialize the return variable
+    result: dict[str, Any] | None = None
+    err_msg: str | None = None
+    with _iam_lock:
+        # retrieve the IAM server's registry
+        registry: dict[str, Any] = _get_iam_registry(iam_server=iam_server,
+                                                     errors=errors,
+                                                     logger=logger)
+        if registry:
+            # complete the data to send in body of request
+            body_data["client_id"] = registry["client-id"]
+            client_secret: str = registry["client-secret"]
+            # obtain the token
+            url: str = registry["base-url"] + "/protocol/openid-connect/token"
+            # log the POST ('client_secret' data must not be shown in log)
+            if logger:
+                logger.debug(msg=f"POST {url}, {json.dumps(obj=body_data,
+                                                           ensure_ascii=False)}")
+            if client_secret:
+                body_data["client_secret"] = client_secret
+            try:
+                # typical return on a token request:
+                # {
+                #   "token_type": "Bearer",
+                #   "access_token": <str>,
+                #   "expires_in": <number-of-seconds>,
+                #   "refresh_token": <str>,
+                #   "refesh_expires_in": <number-of-seconds>
+                # }
+                response: requests.Response = requests.post(url=url,
+                                                            data=body_data)
+                if response.status_code == 200:
+                    # request succeeded
+                    result = response.json()
+                    if logger:
+                        logger.debug(msg=f"POST success, {json.dumps(obj=result,
+                                                                     ensure_ascii=False)}")
+                else:
+                    # request resulted in error
+                    err_msg = f"POST failure, status {response.status_code}, reason {response.reason}"
+                    if hasattr(response, "content") and response.content:
+                        err_msg += f", content '{response.content}'"
+                    if logger:
+                        logger.error(msg=err_msg)
+            except Exception as e:
+                # the operation raised an exception
+                err_msg = exc_format(exc=e,
+                                     exc_info=sys.exc_info())
+                if logger:
+                    logger.error(msg=err_msg)
+    if err_msg and isinstance(errors, list):
+        errors.append(err_msg)
+    return result
+def __validate_and_store(iam_server: IamServer,
+                         user_data: dict[str, Any],
+                         token_data: dict[str, Any],
+                         now: int,
+                         errors: list[str] | None,
+                         logger: Logger) -> tuple[str, str] | None:
+    """
+    Validate and store the token data.
+    The typical *token_data* contains the following attributes:
+        {
+            "token_type": "Bearer",
+            "access_token": <str>,
+            "expires_in": <number-of-seconds>,
+            "refresh_token": <str>,
+            "refesh_expires_in": <number-of-seconds>
+        }
+    :param iam_server: the reference registered *IAM* server
+    :param user_data: the aurthentication data kepth in *iam_server*'s registry
+    :param token_data: the token data
+    :param errors: incidental errors
+    :param logger: optional logger
+    :return: tuple containing the user identification and the validated and stored token, or *None* if error
+    """
+    # initialize the return variable
+    result: tuple[str, str] | None = None
+    with _iam_lock:
+        # retrieve the IAM server's registry
+        registry: dict[str, Any] = _get_iam_registry(iam_server=iam_server,
+                                                     errors=errors,
+                                                     logger=logger)
+        if registry:
+            token: str = token_data.get("access_token")
+            user_data["access-token"] = token
+            # keep current refresh token if a new one is not provided
+            if token_data.get("refresh_token"):
+                user_data["refresh-token"] = token_data.get("refresh_token")
+            user_data["access-expiration"] = now + token_data.get("expires_in")
+            refresh_exp: int = user_data.get("refresh_expires_in")
+            user_data["refresh-expiration"] = (now + refresh_exp) if refresh_exp else sys.maxsize
+            # public_key: str = _get_public_key(iam_server=iam_server,
+            #                                   errors=errors,
+            #                                   logger=logger)
+            recipient_attr = registry["recipient-attr"]
+            login_id = user_data.pop("login-id", None)
+            claims: dict[str, dict[str, Any]] = token_validate(token=token,
+                                                               issuer=registry["base-url"],
+                                                               recipient_id=login_id,
+                                                               recipient_attr=recipient_attr,
+                                                               # public_key=public_key,
+                                                               errors=errors,
+                                                               logger=logger)
+            if claims:
+                users: dict[str, dict[str, Any]] = _get_iam_users(iam_server=iam_server,
+                                                                  errors=errors,
+                                                                  logger=logger)
+                # must test with 'not errors'
+                if not errors:
+                    user_id: str = login_id if login_id else claims["payload"][recipient_attr]
+                    users[user_id] = user_data
+                    result = (user_id, token)
+    return result

pypomes_iam/iam_common.py CHANGED Viewed

@@ -50,7 +50,7 @@ class IamServer(StrEnum):
 # }
 _IAM_SERVERS: Final[dict[IamServer, dict[str, Any]]] = {}
-# the lock protecting the data in '_IAM_SERVER'
+# the lock protecting the data in '_IAM_SERVERS'
 # (because it is 'Final' and set at declaration time, it can be accessed through simple imports)
 _iam_lock: Final[RLock] = RLock()

pypomes_iam/iam_pomes.py CHANGED Viewed

@@ -1,18 +1,9 @@
-import json
-import requests
-import secrets
-import string
-import sys
-from datetime import datetime
 from flask import Request, Response, request
-from logging import Logger
-from pypomes_core import TZ_LOCAL, exc_format
 from typing import Any
 from .iam_common import (
-    IamServer, _iam_lock,
-    _get_iam_users, _get_iam_registry,  # _get_public_key,
-    _get_login_timeout, _get_user_data, _iam_server_from_issuer
+    IamServer, _iam_lock, _get_iam_registry,
+    _iam_server_from_issuer  # _get_public_key
 )
 from .token_pomes import token_get_claims, token_validate
@@ -34,329 +25,6 @@ def jwt_required(func: callable) -> callable:
     return wrapper
-def user_login(iam_server: IamServer,
-               args: dict[str, Any],
-               errors: list[str] = None,
-               logger: Logger = None) -> str:
-    """
-    Build the URL for redirecting the request to *iam_server*'s authentication page.
-    These are the expected attributes in *args*:
-        - user-id: optional, identifies the reference user (alias: 'login')
-        - redirect-uri: a parameter to be added to the query part of the returned URL
-    If provided, the user identification will be validated against the authorization data
-    returned by *iam_server* upon login. On success, the appropriate URL for invoking
-    the IAM server's authentication page is returned.
-    :param iam_server: the reference registered *IAM* server
-    :param args: the arguments passed when requesting the service
-    :param errors: incidental error messages
-    :param logger: optional logger
-    :return: the callback URL, with the appropriate parameters, of *None* if error
-    """
-    # initialize the return variable
-    result: str | None = None
-    # obtain the optional user's identification
-    user_id: str = args.get("user-id") or args.get("login")
-    # build the user data
-    # ('oauth_state' is a randomly-generated string, thus 'user_data' is always a new entry)
-    oauth_state: str = "".join(secrets.choice(string.ascii_letters + string.digits) for _ in range(16))
-    with _iam_lock:
-        # retrieve the user data from the IAM server's registry
-        user_data: dict[str, Any] = _get_user_data(iam_server=iam_server,
-                                                   user_id=oauth_state,
-                                                   errors=errors,
-                                                   logger=logger)
-        if user_data:
-            user_data["login-id"] = user_id
-            timeout: int = _get_login_timeout(iam_server=iam_server,
-                                              errors=errors,
-                                              logger=logger)
-            if not errors:
-                user_data["login-expiration"] = int(datetime.now(tz=TZ_LOCAL).timestamp()) + timeout \
-                    if timeout else None
-                redirect_uri: str = args.get("redirect-uri")
-                user_data["redirect-uri"] = redirect_uri
-                # build the login url
-                registry: dict[str, Any] = _get_iam_registry(iam_server=iam_server,
-                                                             errors=errors,
-                                                             logger=logger)
-                if registry:
-                    result = (f"{registry["base-url"]}/protocol/openid-connect/auth"
-                              f"?response_type=code&scope=openid"
-                              f"&client_id={registry["client-id"]}"
-                              f"&redirect_uri={redirect_uri}"
-                              f"&state={oauth_state}")
-    return result
-def user_logout(iam_server: IamServer,
-                args: dict[str, Any],
-                errors: list[str] = None,
-                logger: Logger = None) -> None:
-    """
-    Logout the user, by removing all data associating it from *iam_server*'s registry.
-    The user is identified by the attribute *user-id* or "login", provided in *args*.
-    If successful, remove all data relating to the user from the *IAM* server's registry.
-    Otherwise, this operation fails silently, unless an error has ocurred.
-    :param iam_server: the reference registered *IAM* server
-    :param args: the arguments passed when requesting the service
-    :param errors: incidental error messages
-    :param logger: optional logger
-    """
-    # obtain the user's identification
-    user_id: str = args.get("user-id") or args.get("login")
-    if user_id:
-        with _iam_lock:
-            # retrieve the data for all users in the IAM server's registry
-            users: dict[str, dict[str, Any]] = _get_iam_users(iam_server=iam_server,
-                                                              errors=errors,
-                                                              logger=logger) or {}
-            if user_id in users:
-                users.pop(user_id)
-                if logger:
-                    logger.debug(msg=f"User '{user_id}' removed from {iam_server}'s registry")
-def user_token(iam_server: IamServer,
-               args: dict[str, Any],
-               errors: list[str] = None,
-               logger: Logger = None) -> str:
-    """
-    Retrieve the authentication token for the user, from *iam_server*.
-    The user is identified by the attribute *user-id* or *login*, provided in *args*.
-    :param iam_server: the reference registered *IAM* server
-    :param args: the arguments passed when requesting the service
-    :param errors: incidental error messages
-    :param logger: optional logger
-    :return: the token for user indicated, or *None* if error
-    """
-    # initialize the return variable
-    result: str | None = None
-    # obtain the user's identification
-    user_id: str = args.get("user-id") or args.get("login")
-    err_msg: str | None = None
-    if user_id:
-        with _iam_lock:
-            # retrieve the user data in the IAM server's registry
-            user_data: dict[str, Any] = _get_user_data(iam_server=iam_server,
-                                                       user_id=user_id,
-                                                       errors=errors,
-                                                       logger=logger)
-            token: str = user_data["access-token"] if user_data else None
-            if token:
-                access_expiration: int = user_data.get("access-expiration")
-                now: int = int(datetime.now(tz=TZ_LOCAL).timestamp())
-                if now < access_expiration:
-                    result = token
-                else:
-                    # access token has expired
-                    refresh_token: str = user_data["refresh-token"]
-                    if refresh_token:
-                        refresh_expiration = user_data["refresh-expiration"]
-                        if now < refresh_expiration:
-                            body_data: dict[str, str] = {
-                                "grant_type": "refresh_token",
-                                "refresh_token": refresh_token
-                            }
-                            now: int = int(datetime.now(tz=TZ_LOCAL).timestamp())
-                            token_data: dict[str, Any] = __post_for_token(iam_server=iam_server,
-                                                                          body_data=body_data,
-                                                                          errors=errors,
-                                                                          logger=logger)
-                            # validate and store the token data
-                            if token_data:
-                                token_info: tuple[str, str] = __validate_and_store(iam_server=iam_server,
-                                                                                   user_data=user_data,
-                                                                                   token_data=token_data,
-                                                                                   now=now,
-                                                                                   errors=errors,
-                                                                                   logger=logger)
-                                result = token_info[1]
-                            else:
-                                # refresh token is no longer valid
-                                user_data["refresh-token"] = None
-                        else:
-                            # refresh token has expired
-                            err_msg = "Access and refresh tokens expired"
-                            if logger:
-                                logger.error(msg=err_msg)
-                    else:
-                        err_msg = "Access token expired, no refresh token available"
-                        if logger:
-                            logger.error(msg=err_msg)
-            else:
-                err_msg = f"User '{user_id}' not authenticated"
-                if logger:
-                    logger.error(msg=err_msg)
-    else:
-        err_msg = "User identification not provided"
-        if logger:
-            logger.error(msg=err_msg)
-    if err_msg and isinstance(errors, list):
-        errors.append(err_msg)
-    return result
-def login_callback(iam_server: IamServer,
-                   args: dict[str, Any],
-                   errors: list[str] = None,
-                   logger: Logger = None) -> tuple[str, str] | None:
-    """
-    Entry point for the callback from *iam_server* via the front-end application, on authentication operations.
-    The relevant expected arguments in *args* are:
-        - *state*: used to enhance security during the authorization process, typically to provide *CSRF* protection
-        - *code*: the temporary authorization code provided by *iam_server*, to be exchanged for the token
-    :param iam_server: the reference registered *IAM* server
-    :param args: the arguments passed when requesting the service
-    :param errors: incidental errors
-    :param logger: optional logger
-    :return: a tuple containing the reference user identification and the token obtained, or *None* if error
-    """
-    # initialize the return variable
-    result: tuple[str, str] | None = None
-    with _iam_lock:
-        # retrieve the IAM server's data for all users
-        users: dict[str, dict[str, Any]] = _get_iam_users(iam_server=iam_server,
-                                                          errors=errors,
-                                                          logger=logger) or {}
-        # retrieve the OAuth2 state
-        oauth_state: str = args.get("state")
-        user_data: dict[str, Any] | None = None
-        if oauth_state:
-            for user, data in users.items():
-                if user == oauth_state:
-                    user_data = data
-                    break
-        # exchange 'code' received for the token
-        if user_data:
-            expiration: int = user_data["login-expiration"] or sys.maxsize
-            if int(datetime.now(tz=TZ_LOCAL).timestamp()) > expiration:
-                errors.append("Operation timeout")
-            else:
-                users.pop(oauth_state)
-                code: str = args.get("code")
-                body_data: dict[str, Any] = {
-                    "grant_type": "authorization_code",
-                    "code": code,
-                    "redirect_uri": user_data.pop("redirect-uri")
-                }
-                now: int = int(datetime.now(tz=TZ_LOCAL).timestamp())
-                token_data: dict[str, Any] = __post_for_token(iam_server=iam_server,
-                                                              body_data=body_data,
-                                                              errors=errors,
-                                                              logger=logger)
-                # validate and store the token data
-                if token_data:
-                    result = __validate_and_store(iam_server=iam_server,
-                                                  user_data=user_data,
-                                                  token_data=token_data,
-                                                  now=now,
-                                                  errors=errors,
-                                                  logger=logger)
-        else:
-            msg: str = f"State '{oauth_state}' not found in {iam_server}'s registry"
-            if logger:
-                logger.error(msg=msg)
-            if isinstance(errors, list):
-                errors.append(msg)
-    return result
-def token_exchange(iam_server: IamServer,
-                   args: dict[str, Any],
-                   errors: list[str] = None,
-                   logger: Logger = None) -> dict[str, Any]:
-    """
-    Request *iam_server* to issue a token in exchange for the token obtained from another *IAM* server.
-    The expected parameters in *args* are:
-        - user-id: identification for the reference user (alias: 'login')
-        - token: the token to be exchanged
-    The typical data set returned contains the following attributes:
-        {
-            "token_type": "Bearer",
-            "access_token": <str>,
-            "expires_in": <number-of-seconds>,
-            "refresh_token": <str>,
-            "refesh_expires_in": <number-of-seconds>
-        }
-    :param iam_server: the reference registered *IAM* server
-    :param args: the arguments passed when requesting the service
-    :param errors: incidental errors
-    :param logger: optional logger
-    :return: the data for the new token, or *None* if error
-    """
-    # initialize the return variable
-    result: dict[str, Any] | None = None
-    # obtain the user's identification
-    user_id: str = args.get("user-id") or args.get("login")
-    # obtain the token to be exchanged
-    token: str = args.get("access-token")
-    if user_id and token:
-        # HAZARD: only 'IAM_KEYCLOAK' is currently supported
-        with _iam_lock:
-            # retrieve the IAM server's registry
-            registry: dict[str, Any] = _get_iam_registry(iam_server=iam_server,
-                                                         errors=errors,
-                                                         logger=logger)
-            if registry:
-                body_data: dict[str, str] = {
-                    "grant_type": "urn:ietf:params:oauth:grant-type:token-exchange",
-                    "subject_token": token,
-                    "subject_token_type": "urn:ietf:params:oauth:token-type:access_token",
-                    "requested_token_type": "urn:ietf:params:oauth:token-type:access_token",
-                    "audience": registry["client-id"],
-                    "subject_issuer": "oidc"
-                }
-                now: int = int(datetime.now(tz=TZ_LOCAL).timestamp())
-                token_data: dict[str, Any] = __post_for_token(iam_server=IamServer.IAM_KEYCLOAK,
-                                                              body_data=body_data,
-                                                              errors=errors,
-                                                              logger=logger)
-                # validate and store the token data
-                if token_data:
-                    user_data: dict[str, Any] = {}
-                    result = __validate_and_store(iam_server=iam_server,
-                                                  user_data=user_data,
-                                                  token_data=token_data,
-                                                  now=now,
-                                                  errors=errors,
-                                                  logger=logger)
-    else:
-        msg: str = "User identification or token not provided"
-        if logger:
-            logger.error(msg=msg)
-        if isinstance(errors, list):
-            errors.append(msg)
-    return result
 def __request_validate(request: Request) -> Response:
     """
     Verify whether the HTTP *request* has the proper authorization, as per the JWT standard.
@@ -412,175 +80,3 @@ def __request_validate(request: Request) -> Response:
         result = Response(response="Authorization failed",
                           status=401)
     return result
-def __post_for_token(iam_server: IamServer,
-                     body_data: dict[str, Any],
-                     errors: list[str] | None,
-                     logger: Logger | None) -> dict[str, Any] | None:
-    """
-    Send a POST request to obtain the authentication token data, and return the data received.
-    For token acquisition, *body_data* will have the attributes:
-        - "grant_type": "authorization_code"
-        - "code": <16-character-random-code>
-        - "redirect_uri": <redirect-uri>
-    For token refresh, *body_data* will have the attributes:
-        - "grant_type": "refresh_token"
-        - "refresh_token": <current-refresh-token>
-    For token exchange, *body_data* will have the attributes:
-        - "grant_type": "urn:ietf:params:oauth:grant-type:token-exchange",
-        - "subject_token": <token-to-be-exchanged>,
-        - "subject_token_type": "urn:ietf:params:oauth:token-type:access_token",
-        - "requested_token_type": "urn:ietf:params:oauth:token-type:access_token",
-        - "audience": <client-id>,
-        - "subject_issuer": "oidc"
-    These attributes are then added to *body_data*:
-        - "client_id": <client-id>,
-        - "client_secret": <client-secret>,
-    If the operation is successful, the token data is stored in the *IAM* server's registry, and returned.
-    Otherwise, *errors* will contain the appropriate error message.
-    The typical data set returned contains the following attributes:
-        {
-            "token_type": "Bearer",
-            "access_token": <str>,
-            "expires_in": <number-of-seconds>,
-            "refresh_token": <str>,
-            "refesh_expires_in": <number-of-seconds>
-        }
-    :param iam_server: the reference registered *IAM* server
-    :param body_data: the data to send in the body of the request
-    :param errors: incidental errors
-    :param logger: optional logger
-    :return: the token data, or *None* if error
-    """
-    # initialize the return variable
-    result: dict[str, Any] | None = None
-    err_msg: str | None = None
-    with _iam_lock:
-        # retrieve the IAM server's registry
-        registry: dict[str, Any] = _get_iam_registry(iam_server=iam_server,
-                                                     errors=errors,
-                                                     logger=logger)
-        if registry:
-            # complete the data to send in body of request
-            body_data["client_id"] = registry["client-id"]
-            client_secret: str = registry["client-secret"]
-            # obtain the token
-            url: str = registry["base-url"] + "/protocol/openid-connect/token"
-            # log the POST ('client_secret' data must not be shown in log)
-            if logger:
-                logger.debug(msg=f"POST {url}, {json.dumps(obj=body_data,
-                                                           ensure_ascii=False)}")
-            if client_secret:
-                body_data["client_secret"] = client_secret
-            try:
-                # typical return on a token request:
-                # {
-                #   "token_type": "Bearer",
-                #   "access_token": <str>,
-                #   "expires_in": <number-of-seconds>,
-                #   "refresh_token": <str>,
-                #   "refesh_expires_in": <number-of-seconds>
-                # }
-                response: requests.Response = requests.post(url=url,
-                                                            data=body_data)
-                if response.status_code == 200:
-                    # request succeeded
-                    result = response.json()
-                    if logger:
-                        logger.debug(msg=f"POST success, {json.dumps(obj=result,
-                                                                     ensure_ascii=False)}")
-                else:
-                    # request resulted in error
-                    err_msg = f"POST failure, status {response.status_code}, reason {response.reason}"
-                    if hasattr(response, "content") and response.content:
-                        err_msg += f", content '{response.content}'"
-                    if logger:
-                        logger.error(msg=err_msg)
-            except Exception as e:
-                # the operation raised an exception
-                err_msg = exc_format(exc=e,
-                                     exc_info=sys.exc_info())
-                if logger:
-                    logger.error(msg=err_msg)
-    if err_msg and isinstance(errors, list):
-        errors.append(err_msg)
-    return result
-def __validate_and_store(iam_server: IamServer,
-                         user_data: dict[str, Any],
-                         token_data: dict[str, Any],
-                         now: int,
-                         errors: list[str] | None,
-                         logger: Logger) -> tuple[str, str] | None:
-    """
-    Validate and store the token data.
-    The typical *token_data* contains the following attributes:
-        {
-            "token_type": "Bearer",
-            "access_token": <str>,
-            "expires_in": <number-of-seconds>,
-            "refresh_token": <str>,
-            "refesh_expires_in": <number-of-seconds>
-        }
-    :param iam_server: the reference registered *IAM* server
-    :param user_data: the aurthentication data kepth in *iam_server*'s registry
-    :param token_data: the token data
-    :param errors: incidental errors
-    :param logger: optional logger
-    :return: tuple containing the user identification and the validated and stored token, or *None* if error
-    """
-    # initialize the return variable
-    result: tuple[str, str] | None = None
-    with _iam_lock:
-        # retrieve the IAM server's registry
-        registry: dict[str, Any] = _get_iam_registry(iam_server=iam_server,
-                                                     errors=errors,
-                                                     logger=logger)
-        if registry:
-            token: str = token_data.get("access_token")
-            user_data["access-token"] = token
-            # keep current refresh token if a new one is not provided
-            if token_data.get("refresh_token"):
-                user_data["refresh-token"] = token_data.get("refresh_token")
-            user_data["access-expiration"] = now + token_data.get("expires_in")
-            refresh_exp: int = user_data.get("refresh_expires_in")
-            user_data["refresh-expiration"] = (now + refresh_exp) if refresh_exp else sys.maxsize
-            # public_key: str = _get_public_key(iam_server=iam_server,
-            #                                   errors=errors,
-            #                                   logger=logger)
-            recipient_attr = registry["recipient-attr"]
-            login_id = user_data.pop("login-id", None)
-            claims: dict[str, dict[str, Any]] = token_validate(token=token,
-                                                               issuer=registry["base-url"],
-                                                               recipient_id=login_id,
-                                                               recipient_attr=recipient_attr,
-                                                               # public_key=public_key,
-                                                               errors=errors,
-                                                               logger=logger)
-            if claims:
-                users: dict[str, dict[str, Any]] = _get_iam_users(iam_server=iam_server,
-                                                                  errors=errors,
-                                                                  logger=logger)
-                # must test with 'not errors'
-                if not errors:
-                    user_id: str = login_id if login_id else claims["payload"][recipient_attr]
-                    users[user_id] = user_data
-                    result = (user_id, token)
-    return result

pypomes_iam/iam_services.py CHANGED Viewed

@@ -4,9 +4,9 @@ from logging import Logger
 from typing import Any
 from .iam_common import IamServer, _iam_lock, _iam_server_from_endpoint
-from .iam_pomes import (
-    user_login, user_logout,
-    user_token, token_exchange, login_callback
+from .iam_actions import (
+    action_login, action_logout,
+    action_token, action_exchange, action_callback
 )
 # the logger for IAM service operations
@@ -60,10 +60,10 @@ def service_login() -> Response:
                                                           logger=__IAM_LOGGER)
         if iam_server:
             # obtain the login URL
-            login_url: str = user_login(iam_server=iam_server,
-                                        args=request.args,
-                                        errors=errors,
-                                        logger=__IAM_LOGGER)
+            login_url: str = action_login(iam_server=iam_server,
+                                          args=request.args,
+                                          errors=errors,
+                                          logger=__IAM_LOGGER)
             if login_url:
                 result = jsonify({"login-url": login_url})
     if errors:
@@ -106,10 +106,10 @@ def service_logout() -> Response:
                                                           logger=__IAM_LOGGER)
         if iam_server:
             # logout the user
-            user_logout(iam_server=iam_server,
-                        args=request.args,
-                        errors=errors,
-                        logger=__IAM_LOGGER)
+            action_logout(iam_server=iam_server,
+                          args=request.args,
+                          errors=errors,
+                          logger=__IAM_LOGGER)
     if errors:
         result = Response(response="; ".join(errors),
                           status=400)
@@ -160,10 +160,10 @@ def service_callback() -> Response:
                                                           logger=__IAM_LOGGER)
         if iam_server:
             # process the callback operation
-            token_data = login_callback(iam_server=iam_server,
-                                        args=request.args,
-                                        errors=errors,
-                                        logger=__IAM_LOGGER)
+            token_data = action_callback(iam_server=iam_server,
+                                         args=request.args,
+                                         errors=errors,
+                                         logger=__IAM_LOGGER)
     result: Response
     if errors:
         result = jsonify({"errors": "; ".join(errors)})
@@ -215,10 +215,10 @@ def service_token() -> Response:
             if iam_server:
                 # retrieve the token
                 errors: list[str] = []
-                token: str = user_token(iam_server=iam_server,
-                                        args=args,
-                                        errors=errors,
-                                        logger=__IAM_LOGGER)
+                token: str = action_token(iam_server=iam_server,
+                                          args=args,
+                                          errors=errors,
+                                          logger=__IAM_LOGGER)
     else:
         msg: str = "User identification not provided"
         errors.append(msg)
@@ -278,10 +278,10 @@ def service_exchange() -> Response:
         token_data: dict[str, Any] | None = None
         if iam_server:
             errors: list[str] = []
-            token_data = token_exchange(iam_server=iam_server,
-                                        args=request.args,
-                                        errors=errors,
-                                        logger=__IAM_LOGGER)
+            token_data = action_exchange(iam_server=iam_server,
+                                         args=request.args,
+                                         errors=errors,
+                                         logger=__IAM_LOGGER)
     result: Response
     if errors:
         result = Response(response="; ".join(errors),

pypomes_iam/jusbr_pomes.py CHANGED Viewed

@@ -7,7 +7,7 @@ from pypomes_core import (
 from typing import Any, Final
 from .iam_common import _IAM_SERVERS, IamServer, _iam_lock
-from .iam_pomes import user_token
+from .iam_actions import action_token
 JUSBR_CLIENT_ID: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_CLIENT_ID")
 JUSBR_CLIENT_SECRET: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_CLIENT_SECRET")
@@ -118,8 +118,8 @@ def jusbr_get_token(user_id: str,
     # retrieve the token
     args: dict[str, Any] = {"user-id": user_id}
     with _iam_lock:
-        result = user_token(iam_server=IamServer.IAM_JUSRBR,
-                            args=args,
-                            errors=errors,
-                            logger=logger)
+        result = action_token(iam_server=IamServer.IAM_JUSRBR,
+                              args=args,
+                              errors=errors,
+                              logger=logger)
     return result

pypomes_iam/keycloak_pomes.py CHANGED Viewed

@@ -7,7 +7,7 @@ from pypomes_core import (
 from typing import Any, Final
 from .iam_common import _IAM_SERVERS, IamServer, _iam_lock
-from .iam_pomes import user_token
+from .iam_actions import action_token
 KEYCLOAK_CLIENT_ID: Final[str] = env_get_str(key=f"{APP_PREFIX}_KEYCLOAK_CLIENT_ID")
 KEYCLOAK_CLIENT_SECRET: Final[str] = env_get_str(key=f"{APP_PREFIX}_KEYCLOAK_CLIENT_SECRET")
@@ -129,8 +129,8 @@ def keycloak_get_token(user_id: str,
     # retrieve the token
     args: dict[str, Any] = {"user-id": user_id}
     with _iam_lock:
-        result = user_token(iam_server=IamServer.IAM_KEYCLOAK,
-                            args=args,
-                            errors=errors,
-                            logger=logger)
+        result = action_token(iam_server=IamServer.IAM_KEYCLOAK,
+                              args=args,
+                              errors=errors,
+                              logger=logger)
     return result

pypomes_iam/provider_pomes.py CHANGED Viewed

@@ -5,7 +5,7 @@ from base64 import b64encode
 from datetime import datetime
 from logging import Logger
 from pypomes_core import TZ_LOCAL, exc_format
-from threading import RLock
+from threading import Lock
 from typing import Any, Final
 # structure:
@@ -25,7 +25,7 @@ _provider_registry: Final[dict[str, dict[str, Any]]] = {}
 # the lock protecting the data in '_provider_registry'
 # (because it is 'Final' and set at declaration time, it can be accessed through simple imports)
-_provider_lock: Final[RLock] = RLock()
+_provider_lock: Final[Lock] = Lock()
 def provider_register(provider_id: str,
@@ -133,7 +133,7 @@ def provider_get_token(provider_id: str,
                         provider["access-token"] = reply.get("access_token")
                         provider["access-expiration"] = now + int(reply.get("expires_in"))
                         if reply.get("refresh_token"):
-                            provider["refresh-token"] = reply["refesh_token"]
+                            provider["refresh-token"] = reply["refresh_token"]
                             if reply.get("refresh_expires_in"):
                                 provider["refresh-expiration"] = now + int(reply.get("refresh_expires_in"))
                             else:

{pypomes_iam-0.5.4.dist-info → pypomes_iam-0.5.6.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pypomes_iam
-Version: 0.5.4
+Version: 0.5.6
 Summary: A collection of Python pomes, penyeach (IAM modules)
 Project-URL: Homepage, https://github.com/TheWiseCoder/PyPomes-IAM
 Project-URL: Bug Tracker, https://github.com/TheWiseCoder/PyPomes-IAM/issues

pypomes_iam-0.5.6.dist-info/RECORD ADDED Viewed

@@ -0,0 +1,13 @@
+pypomes_iam/__init__.py,sha256=ip9p9-0qCaRPuMVae2JTLZHq6-OPgNKBIL6t6PaSHWg,1180
+pypomes_iam/iam_actions.py,sha256=0x5kPaDor2rHiOznyF9DLzsNRGLleB66K6RJBPaJkBc,24178
+pypomes_iam/iam_common.py,sha256=Xu3Jz-wXzYtEk1hi06lFJ997e9n77I_eeRbpRQ2qCy4,10365
+pypomes_iam/iam_pomes.py,sha256=yA0ZRaD-fp7aZZ-yDnFlh6CvCsEWd-Tf123twQoTPGg,3456
+pypomes_iam/iam_services.py,sha256=ZwSwCiA3XssjG_HgTdkkKtdnQg9UjuqlvFhWVPQfSH8,11871
+pypomes_iam/jusbr_pomes.py,sha256=X_YgY45122tflAzQdAMEcEyVbPvzFigjHLal0qL1v_M,5916
+pypomes_iam/keycloak_pomes.py,sha256=FGdkPjVGEDp5Pwfav4EIc9uSbT4_pG7oPqaiHeJBSLU,6763
+pypomes_iam/provider_pomes.py,sha256=CdEjYjepGXsehn_ujljUQKs0Ws7xNOzBYG6wKp9C7-E,7233
+pypomes_iam/token_pomes.py,sha256=Bz9pT2oU6jTEr_ZEZEJ3kUjH3TfxRyY1_vR319v6CEo,6692
+pypomes_iam-0.5.6.dist-info/METADATA,sha256=ZowLxR_xl3hWHutcz_hGAhvW0B1vsIyIIrrCnwF5uXg,694
+pypomes_iam-0.5.6.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+pypomes_iam-0.5.6.dist-info/licenses/LICENSE,sha256=YvUELgV8qvXlaYsy9hXG5EW3Bmsrkw-OJmmILZnonAc,1086
+pypomes_iam-0.5.6.dist-info/RECORD,,

pypomes_iam-0.5.4.dist-info/RECORD DELETED Viewed

@@ -1,12 +0,0 @@
-pypomes_iam/__init__.py,sha256=KX_QLdqAD-dNUl3G1mDeutxL9e58S9OsMoJlrgM9R28,1027
-pypomes_iam/iam_common.py,sha256=xRMVPIDxbVPoudPDKFCqGCA7Klt9HsZM61dSGfEy7Tw,10364
-pypomes_iam/iam_pomes.py,sha256=sB2DDCaN5nN6ehZH4HCsWxPM9IbP5IRt42UhIRtn07Q,27436
-pypomes_iam/iam_services.py,sha256=fdpOc6EmCLcMtkhZU5OX9gYJIA1RNyM3JcoMX0RqwXA,11829
-pypomes_iam/jusbr_pomes.py,sha256=cuQWB5OTeAHarmUqAGIU4udSEJA1C6W6lOtauWA7gqw,5904
-pypomes_iam/keycloak_pomes.py,sha256=OvPhfUXpqxll-p6CdRq2j5jp5ST9Z0feXg6TVbqC2cY,6751
-pypomes_iam/provider_pomes.py,sha256=1Jki3hHBt5SRQB8f9MU7hQ-WApJ5LCuj7QRJFdrALbw,7235
-pypomes_iam/token_pomes.py,sha256=Bz9pT2oU6jTEr_ZEZEJ3kUjH3TfxRyY1_vR319v6CEo,6692
-pypomes_iam-0.5.4.dist-info/METADATA,sha256=rMdeh8lld9QGoNKpzFF0Uc-x1OuUYhn3TkDY3Nzk1NQ,694
-pypomes_iam-0.5.4.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-pypomes_iam-0.5.4.dist-info/licenses/LICENSE,sha256=YvUELgV8qvXlaYsy9hXG5EW3Bmsrkw-OJmmILZnonAc,1086
-pypomes_iam-0.5.4.dist-info/RECORD,,

{pypomes_iam-0.5.4.dist-info → pypomes_iam-0.5.6.dist-info}/WHEEL RENAMED Viewed

File without changes

{pypomes_iam-0.5.4.dist-info → pypomes_iam-0.5.6.dist-info}/licenses/LICENSE RENAMED Viewed

File without changes

pypomes-iam 0.5.4__py3-none-any.whl → 0.5.6__py3-none-any.whl

Potentially problematic release.

pypomes-iam 0.5.4py3-none-any.whl → 0.5.6py3-none-any.whl