pypomes-jwt 0.6.5__py3-none-any.whl → 0.6.7__py3-none-any.whl

pypomes_jwt/__init__.py

@@ -5,8 +5,8 @@ from .jwt_pomes import (
     JWT_ENDPOINT_URL,
     JWT_ACCESS_MAX_AGE, JWT_REFRESH_MAX_AGE,
     JWT_HS_SECRET_KEY, JWT_RSA_PRIVATE_KEY, JWT_RSA_PUBLIC_KEY,
-    jwt_needed, jwt_verify_request, jwt_service,
-    jwt_get_token_claims, jwt_get_token, jwt_get_token_data,
+    jwt_needed, jwt_verify_request, jwt_claims, jwt_token,
+    jwt_get_token_data, jwt_get_token_claims,
     jwt_assert_access, jwt_set_access, jwt_remove_access
 )
 
@@ -17,8 +17,8 @@ __all__ = [
     "JWT_ENDPOINT_URL",
     "JWT_ACCESS_MAX_AGE", "JWT_REFRESH_MAX_AGE",
     "JWT_HS_SECRET_KEY", "JWT_RSA_PRIVATE_KEY", "JWT_RSA_PUBLIC_KEY",
-    "jwt_needed", "jwt_verify_request", "jwt_service",
-    "jwt_get_token_claims", "jwt_get_token", "jwt_get_token_data",
+    "jwt_needed", "jwt_verify_request", "jwt_claims", "jwt_token",
+    "jwt_get_token_data", "jwt_get_token_claims",
     "jwt_assert_access", "jwt_set_access", "jwt_remove_access"
 ]
 

pypomes_jwt/jwt_data.py

@@ -199,14 +199,14 @@ class JwtData:
         result: dict[str, Any]
 
         # obtain the item in storage
-        item_data: dict[str, Any] = self.get_access_data(account_id=account_id,
-                                                         logger=logger)
+        access_data: dict[str, Any] = self.get_access_data(account_id=account_id,
+                                                           logger=logger)
         # was the JWT data obtained ?
-        if item_data:
+        if access_data:
             # yes, proceed
-            control_data: dict[str, Any] = item_data.get("control-data")
-            reserved_claims: dict[str, Any] = item_data.get("reserved-claims")
-            custom_claims: dict[str, Any] = item_data.get("custom-claims")
+            control_data: dict[str, Any] = access_data.get("control-data")
+            reserved_claims: dict[str, Any] = access_data.get("reserved-claims")
+            custom_claims: dict[str, Any] = access_data.get("custom-claims")
             if superceding_claims:
                 custom_claims = custom_claims.copy()
                 custom_claims.update(m=superceding_claims)
@@ -240,7 +240,7 @@ class JwtData:
                         raise RuntimeError(" - ".join(errors))
                 else:
                     # JWT service is being provided locally
-                    claims: dict[str, Any] = item_data.get("public-claims").copy()
+                    claims: dict[str, Any] = access_data.get("public-claims").copy()
                     claims.update(m=reserved_claims)
                     claims.update(m=custom_claims)
                     # may raise an exception
@@ -280,6 +280,7 @@ class JwtData:
         :return: the token's claimset, or *None* if error
         :raises InvalidTokenError: token is not valid
         :raises ExpiredSignatureError: token has expired
+        :raises InvalidAlgorithmError: the specified algorithm is not recognized
         """
         # declare the return variable
         result: dict[str, Any]
@@ -287,14 +288,15 @@ class JwtData:
         if logger:
             logger.debug(msg=f"Retrieve claims for JWT token '{token}'")
 
-        control_data: dict[str, Any] = self.get_access_data(access_token=token,
-                                                            logger=logger)
-        if control_data:
+        access_data: dict[str, Any] = self.get_access_data(access_token=token,
+                                                           logger=logger)
+        if access_data:
+            control_data: dict[str, Any] = access_data.get("control-data")
             if control_data.get("remote-provider"):
                 # provider is remote
                 result = control_data.get("custom-claims")
             else:
-                # may raise InvalidTokenError or ExpiredSignatureError
+                # may raise an exception
                 result = jwt.decode(jwt=token,
                                     key=(control_data.get("hs-secret-key") or
                                          control_data.get("rsa-public-key")),

pypomes_jwt/jwt_pomes.py

@@ -19,7 +19,6 @@ JWT_REFRESH_MAX_AGE: Final[int] = env_get_int(key=f"{APP_PREFIX}_JWT_REFRESH_MAX
                                               def_value=43200)
 JWT_HS_SECRET_KEY: Final[bytes] = env_get_bytes(key=f"{APP_PREFIX}_JWT_HS_SECRET_KEY",
                                                 def_value=token_bytes(nbytes=32))
-# the endpoint must invoke 'jwt_service()' below
 JWT_ENDPOINT_URL: Final[str] = env_get_str(key=f"{APP_PREFIX}_JWT_ENDPOINT_URL")
 
 # obtain a RSA private/public key pair
@@ -49,7 +48,7 @@ def jwt_needed(func: callable) -> callable:
     """
     # ruff: noqa: ANN003
     def wrapper(*args, **kwargs) -> Response:
-        response: Response = jwt_verify_request(request=request) if JWT_ENDPOINT_URL else None
+        response: Response = jwt_verify_request(request=request)
         return response if response else func(*args, **kwargs)
 
     # prevent a rogue error ("View function mapping is overwriting an existing endpoint function")
@@ -137,42 +136,12 @@ def jwt_remove_access(account_id: str,
                                   logger=logger)
 
 
-def jwt_get_token(errors: list[str],
-                  account_id: str,
-                  logger: Logger = None) -> str:
-    """
-    Obtain and return a JWT token for *account_id*.
-
-    :param errors: incidental error messages
-    :param account_id: the account identification
-    :param logger: optional logger
-    :return: the JWT token, or *None* if an error ocurred
-    """
-    # inicialize the return variable
-    result: str | None = None
-
-    if logger:
-        logger.debug(msg=f"Obtain a JWT token for '{account_id}'")
-
-    try:
-        token_data: dict[str, Any] = __jwt_data.get_token_data(account_id=account_id,
-                                                               logger=logger)
-        result = token_data.get("access_token")
-        if logger:
-            logger.debug(f"Token is '{result}'")
-    except Exception as e:
-        if logger:
-            logger.error(msg=str(e))
-        errors.append(str(e))
-
-    return result
-
-
 def jwt_get_token_data(errors: list[str],
                        account_id: str,
+                       superceding_claims: dict[str, Any] = None,
                        logger: Logger = None) -> dict[str, Any]:
     """
-    Obtain and return the JWT token associated with *account_id*, along with its duration.
+    Obtain and return the JWT token data associated with *account_id*.
 
     Structure of the return data:
     {
@@ -183,6 +152,7 @@ def jwt_get_token_data(errors: list[str],
 
     :param errors: incidental error messages
     :param account_id: the account identification
+    :param superceding_claims: if provided, may supercede registered custom claims
     :param logger: optional logger
     :return: the JWT token data, or *None* if error
     """
@@ -193,6 +163,7 @@ def jwt_get_token_data(errors: list[str],
         logger.debug(msg=f"Retrieve JWT token data for '{account_id}'")
     try:
         result = __jwt_data.get_token_data(account_id=account_id,
+                                           superceding_claims=superceding_claims,
                                            logger=logger)
         if logger:
             logger.debug(msg=f"Data is '{result}'")
@@ -213,7 +184,7 @@ def jwt_get_token_claims(errors: list[str],
     :param errors: incidental error messages
     :param token: the token to be inspected for claims
     :param logger: optional logger
-    :return: the token's claimset, or 'None' if error
+    :return: the token's claimset, or *None* if error
     """
     # initialize the return variable
     result: dict[str, Any] | None = None
@@ -290,14 +261,54 @@ def jwt_verify_request(request: Request,
     return result
 
 
-def jwt_service(account_id: str = None,
-                service_params: dict[str, Any] = None,
-                logger: Logger = None) -> Response:
+def jwt_claims(token: str = None) -> Response:
+    """
+    REST service entry point for retrieving the claims of a JWT token.
+
+    Structure of the return data:
+    {
+      "<claim-1>": <value-of-claim-1>,
+      ...
+      "<claim-n>": <value-of-claim-n>
+    }
+
+    :param token: the JWT token
+    :return: a *Response* containing the requested JWT token claims, or reporting an error
+    """
+    # declare the return variable
+    result: Response
+
+    # retrieve the token
+    # noinspection PyUnusedLocal
+    if not token:
+        token = request.values.get("token")
+        if not token:
+            with contextlib.suppress(Exception):
+                token = request.get_json().get("token")
+
+    # has the token been obtained ?
+    if token:
+        # yes, obtain the token data
+        try:
+            token_claims: dict[str, Any] = __jwt_data.get_token_claims(token=token)
+            result = jsonify(token_claims)
+        except Exception as e:
+            # claims extraction failed
+            result = Response(response=str(e),
+                              status=400)
+    else:
+        # no, report the problem
+        result = Response(response="Invalid parameters",
+                          status=400)
+
+    return result
+
+
+def jwt_token(service_params: dict[str, Any] = None) -> Response:
     """
-    Entry point for obtaining JWT tokens.
+    REST service entry point for obtaining JWT tokens.
 
-    Access might be through direct invocation, or through a REST request. In either case,
-    the invoker must send, as parameter *service_params* or in the body of the request:
+    The requester must send, as parameter *service_params* or in the body of the request:
     {
       "account-id": "<string>"                              - required account identification
       "<custom-claim-key-1>": "<custom-claim-value-1>",     - optional superceding custom claims
@@ -315,48 +326,33 @@ def jwt_service(account_id: str = None,
       "expires_in": <seconds-to-expiration>
     }
 
-    :param account_id: the account identification, alternatively passed in JSON
     :param service_params: the optional JSON containing the request parameters (defaults to JSON in body)
-    :param logger: optional logger
-    :return: a *Response* containing the requested JWT token and its duration, or reporting an error
+    :return: a *Response* containing the requested JWT token data, or reporting an error
     """
     # declare the return variable
     result: Response
 
-    if logger:
-        logger.debug(msg="Service a JWT request")
-
     # retrieve the parameters
     # noinspection PyUnusedLocal
     params: dict[str, Any] = service_params or {}
     if not params:
         with contextlib.suppress(Exception):
             params = request.get_json()
-    if not account_id:
-        account_id = params.pop("account-id", None)
+    account_id: str | None = params.pop("account-id", None)
 
     # has the account been identified ?
     if account_id:
-        # yes, proceed
-        if logger:
-            logger.debug(msg=f"Account identification is '{account_id}'")
-
-        # obtain the token data
+        # yes, obtain the token data
         try:
             token_data: dict[str, Any] = __jwt_data.get_token_data(account_id=account_id,
-                                                                   superceding_claims=params,
-                                                                   logger=logger)
+                                                                   superceding_claims=params)
             result = jsonify(token_data)
         except Exception as e:
             # token validation failed
-            if logger:
-                logger.error(msg=str(e))
             result = Response(response=str(e),
                               status=401)
     else:
         # no, report the problem
-        if logger:
-            logger.debug(msg=f"Invalid parameters {service_params}")
         result = Response(response="Invalid parameters",
                           status=401)
 

{pypomes_jwt-0.6.5.dist-info → pypomes_jwt-0.6.7.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pypomes_jwt
-Version: 0.6.5
+Version: 0.6.7
 Summary: A collection of Python pomes, penyeach (JWT module)
 Project-URL: Homepage, https://github.com/TheWiseCoder/PyPomes-JWT
 Project-URL: Bug Tracker, https://github.com/TheWiseCoder/PyPomes-JWT/issues

pypomes_jwt-0.6.7.dist-info/RECORD

@@ -0,0 +1,7 @@
+pypomes_jwt/__init__.py,sha256=CwpFtZEi1Yo1i4ulyR65yvo_fJpSRMJsXwzV75E3K0A,988
+pypomes_jwt/jwt_data.py,sha256=icnNzfCBPN94z3saT_fhDSEpj_GGBeSW59ychNfkxA8,19680
+pypomes_jwt/jwt_pomes.py,sha256=rhYoqD57yXayJoePdjbB3RfPAIg23o6YQKkdnD4tz0c,14222
+pypomes_jwt-0.6.7.dist-info/METADATA,sha256=8j6R2ZgQXHbw7Wyziiv7BfGAQdlld2bGHcDL14ijpn4,599
+pypomes_jwt-0.6.7.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+pypomes_jwt-0.6.7.dist-info/licenses/LICENSE,sha256=NdakochSXm_H_-DSL_x2JlRCkYikj3snYYvTwgR5d_c,1086
+pypomes_jwt-0.6.7.dist-info/RECORD,,

pypomes_jwt-0.6.5.dist-info/RECORD

@@ -1,7 +0,0 @@
-pypomes_jwt/__init__.py,sha256=m0USOMlGVUfofwukykKf6DAPq7CRn4SiY6CeNOOiqJ8,998
-pypomes_jwt/jwt_data.py,sha256=skSwtbBemyanuWyngu0lq2Yw3-hONytt1AwXZpSlILg,19541
-pypomes_jwt/jwt_pomes.py,sha256=pWYjCRKIcaG-yN64IgJ54L-YHw3Jhhnmsvb6xMipQsY,14515
-pypomes_jwt-0.6.5.dist-info/METADATA,sha256=KZBLb8BEdIDaFQMoCxvkQ-ZBzIN97RaVXV49uAizNvo,599
-pypomes_jwt-0.6.5.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-pypomes_jwt-0.6.5.dist-info/licenses/LICENSE,sha256=NdakochSXm_H_-DSL_x2JlRCkYikj3snYYvTwgR5d_c,1086
-pypomes_jwt-0.6.5.dist-info/RECORD,,