pypomes-jwt 0.4.5__tar.gz → 0.4.7__tar.gz

{pypomes_jwt-0.4.5 → pypomes_jwt-0.4.7}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: pypomes_jwt
-Version: 0.4.5
+Version: 0.4.7
 Summary: A collection of Python pomes, penyeach (JWT module)
 Project-URL: Homepage, https://github.com/TheWiseCoder/PyPomes-JWT
 Project-URL: Bug Tracker, https://github.com/TheWiseCoder/PyPomes-JWT/issues

{pypomes_jwt-0.4.5 → pypomes_jwt-0.4.7}/pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "pypomes_jwt"
-version = "0.4.5"
+version = "0.4.7"
 authors = [
   { name="GT Nunes", email="wisecoder01@gmail.com" }
 ]

{pypomes_jwt-0.4.5 → pypomes_jwt-0.4.7}/src/pypomes_jwt/jwt_data.py

@@ -68,6 +68,9 @@ class JwtData:
         """
         Add to storage the parameters needed to obtain and validate JWT tokens.
 
+        Protocol indication in *service_url* (typically *http:* or *https:*), is disregarded, to guarantee
+        that processing herein will not be affected by in-transit protocol changes.
+
         Presently, the *refresh_max_age* data is not relevant, as the authorization parameters in *claims*
         (typically, an acess-key/secret-key pair), have been previously validated elsewhere.
         This situation might change in the future.
@@ -84,8 +87,9 @@ class JwtData:
         :param local_provider: whether 'service_url' is a local endpoint
         :param logger: optional logger
         """
-        # obtain the item in s"torage
-        item_data: dict[str, dict[str, Any]] = self.retrieve_access_data(service_url=service_url)
+        # obtain the item in storage
+        item_data: dict[str, dict[str, Any]] = self.retrieve_access_data(service_url=service_url,
+                                                                         logger=logger)
         if not item_data:
             # build control data
             control_data: dict[str, Any] = {
@@ -122,9 +126,9 @@ class JwtData:
             with self.access_lock:
                 self.access_data.append(item_data)
             if logger:
-                logger.debug(f"JWT token data added to storage for '{service_url}'")
+                logger.debug(f"JWT data added for '{service_url}': {item_data}")
         elif logger:
-            logger.warning(f"JWT token data already exists for '{service_url}'")
+            logger.warning(f"JWT data already exists for '{service_url}'")
 
     def remove_access_data(self,
                            service_url: str,
@@ -136,33 +140,15 @@ class JwtData:
         :param logger: optional logger
         """
         # obtain the item in storage
-        item_data: dict[str, dict[str, Any]] = self.retrieve_access_data(service_url=service_url)
+        item_data: dict[str, dict[str, Any]] = self.retrieve_access_data(service_url=service_url,
+                                                                         logger=logger)
         if item_data:
             with self.access_lock:
                 self.access_data.remove(item_data)
             if logger:
-                logger.debug(f"Removed access data for  '{service_url}'")
+                logger.debug(f"Removed JWT data for '{service_url}'")
         elif logger:
-            logger.warning(f"No access data found for  '{service_url}'")
-
-    def retrieve_access_data(self,
-                             service_url: str) -> dict[str, dict[str, Any]]:
-        """
-        Retrieve and return the access data in storage corresponding to the given parameters.
-
-        :param service_url: the reference URL for obtaining JWT tokens
-        :return: the corresponding item in storage, or 'None' if not found
-        """
-        # initialize the return variable
-        result: dict[str, dict[str, Any]] | None = None
-
-        with self.access_lock:
-            for item_data in self.access_data:
-                if service_url == item_data.get("control-data").get("service-url"):
-                    result = item_data
-                    break
-
-        return result
+            logger.warning(f"No JWT data found for '{service_url}'")
 
     def get_token_data(self,
                        service_url: str,
@@ -196,7 +182,8 @@ class JwtData:
         result: dict[str, Any]
 
         # obtain the item in storage
-        item_data: dict[str, Any] = self.retrieve_access_data(service_url=service_url)
+        item_data: dict[str, Any] = self.retrieve_access_data(service_url=service_url,
+                                                              logger=logger)
         # was the JWT data obtained ?
         if item_data:
             # yes, proceed
@@ -250,7 +237,7 @@ class JwtData:
             }
         else:
             # JWT data not found
-            err_msg: str = f"No access data found for {service_url}"
+            err_msg: str = f"No JWT data found for {service_url}"
             if logger:
                 logger.error(err_msg)
             raise RuntimeError(err_msg)
@@ -258,11 +245,13 @@ class JwtData:
         return result
 
     def get_token_claims(self,
-                         token: str) -> dict[str, Any]:
+                         token: str,
+                         logger: Logger = None) -> dict[str, Any]:
         """
         Obtain and return the claims of a JWT *token*.
 
         :param token: the token to be inspected for claims
+        :param logger: optional logger
         :return: the token's claimset, or 'None' if error
         :raises InvalidTokenError: token is not valid
         :raises ExpiredSignatureError: token has expired
@@ -278,11 +267,50 @@ class JwtData:
                     break
 
         if not algorithm or not key:
-            raise InvalidTokenError("Token is not valid")
+            raise InvalidTokenError("JWT token is not valid")
 
-        return jwt.decode(jwt=token,
-                          key=key,
-                          algorithms=[algorithm])
+        if logger:
+            logger.debug(msg=f"Retrieve claims for JWT token '{token}'")
+        result: dict[str, Any] = jwt.decode(jwt=token,
+                                            key=key,
+                                            algorithms=[algorithm])
+        if logger:
+            logger.debug(f"Retrieved claims for JWT token '{token}': {result}")
+
+        return result
+
+    def retrieve_access_data(self,
+                             service_url: str,
+                             logger: Logger = None) -> dict[str, dict[str, Any]]:
+        """
+        Retrieve and return the access data in storage corresponding to *service_url*.
+
+        Protocol indication in *service_url* (typically *http:* or *https:*), is disregarded, to guarantee
+        that processing herein will not be affected by in-transit protocol changes.
+
+        :param service_url: the reference URL for obtaining JWT tokens
+        :param logger: optional logger
+        :return: the corresponding item in storage, or 'None' if not found
+        """
+        # initialize the return variable
+        result: dict[str, dict[str, Any]] | None = None
+
+        # disregard protocol
+        if service_url.find("://") > 0:
+            service_url = service_url[service_url.index("://")+3:]
+
+        with self.access_lock:
+            for item_data in self.access_data:
+                item_url: str = item_data.get("control-data").get("service-url")
+                if item_url.find("://") > 0:
+                    item_url = item_url[item_url.index("://")+3:]
+                if service_url == item_url:
+                    result = item_data
+                    break
+        if logger:
+            logger.debug(f"JWT data for '{service_url}': {result}")
+
+        return result
 
 
 def jwt_request_token(errors: list[str],
@@ -312,7 +340,7 @@ def jwt_request_token(errors: list[str],
 
     # request the JWT token
     if logger:
-        logger.debug(f"POST requesting JWT token to {service_url}")
+        logger.debug(f"POST request JWT token to '{service_url}'")
     response: Response = requests.post(
         url=service_url,
         json=claims,
@@ -324,7 +352,7 @@ def jwt_request_token(errors: list[str],
         # yes, save the access token data returned
         result = response.json()
         if logger:
-            logger.debug(f"Access token obtained: {result}")
+            logger.debug(f"JWT token obtained: {result}")
     else:
         # no, report the problem
         err_msg: str = f"POST request of '{service_url}' failed: {response.reason}"
@@ -339,7 +367,8 @@ def jwt_request_token(errors: list[str],
 
 def jwt_validate_token(token: str,
                        key: bytes | str,
-                       algorithm: str) -> None:
+                       algorithm: str,
+                       logger: Logger = None) -> None:
     """
     Verify if *token* ia a valid JWT token.
 
@@ -348,11 +377,14 @@ def jwt_validate_token(token: str,
     :param token: the token to be validated
     :param key: the secret or public key used to create the token (HS or RSA authentication, respectively)
     :param algorithm: the algorithm used to to sign the token with
+    :param logger: optional logger
     :raises InvalidTokenError: token is invalid
     :raises InvalidKeyError: authentication key is not in the proper format
     :raises ExpiredSignatureError: token and refresh period have expired
     :raises InvalidSignatureError: signature does not match the one provided as part of the token
     """
+    if logger:
+        logger.debug(msg=f"Verify request for JWT token '{token}'")
     jwt.decode(jwt=token,
                key=key,
                algorithms=[algorithm])

{pypomes_jwt-0.4.5 → pypomes_jwt-0.4.7}/src/pypomes_jwt/jwt_pomes.py

@@ -44,6 +44,9 @@ def jwt_set_service_access(service_url: str,
     """
     Set the data needed to obtain JWT tokens from *service_url*.
 
+    Protocol indication in *service_url* (typically *http:* or *https:*), is disregarded, to guarantee
+    that processing herein will not be affected by in-transit protocol changes.
+
     :param service_url: the reference URL
     :param claims: the JWT claimset, as key-value pairs
     :param algorithm: the authentication type