pypomes-jwt 1.0.1__py3-none-any.whl → 1.0.3__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of pypomes-jwt might be problematic. Click here for more details.
- pypomes_jwt/jwt_pomes.py +5 -5
- pypomes_jwt/jwt_registry.py +24 -18
- {pypomes_jwt-1.0.1.dist-info → pypomes_jwt-1.0.3.dist-info}/METADATA +3 -3
- pypomes_jwt-1.0.3.dist-info/RECORD +8 -0
- pypomes_jwt-1.0.1.dist-info/RECORD +0 -8
- {pypomes_jwt-1.0.1.dist-info → pypomes_jwt-1.0.3.dist-info}/WHEEL +0 -0
- {pypomes_jwt-1.0.1.dist-info → pypomes_jwt-1.0.3.dist-info}/licenses/LICENSE +0 -0
pypomes_jwt/jwt_pomes.py
CHANGED
|
@@ -436,11 +436,11 @@ def jwt_refresh_tokens(errors: list[str] | None,
|
|
|
436
436
|
# assert the refresh token
|
|
437
437
|
if refresh_token:
|
|
438
438
|
# is the refresh token valid ?
|
|
439
|
-
account_claims = jwt_validate_token(errors=op_errors,
|
|
440
|
-
|
|
441
|
-
|
|
442
|
-
|
|
443
|
-
|
|
439
|
+
account_claims = (jwt_validate_token(errors=op_errors,
|
|
440
|
+
token=refresh_token,
|
|
441
|
+
nature="R",
|
|
442
|
+
account_id=account_id,
|
|
443
|
+
logger=logger) or {}).get("payload")
|
|
444
444
|
# if it is, revoke current refresh token
|
|
445
445
|
if account_claims and jwt_revoke_token(errors=op_errors,
|
|
446
446
|
account_id=account_id,
|
pypomes_jwt/jwt_registry.py
CHANGED
|
@@ -5,7 +5,9 @@ from base64 import urlsafe_b64encode
|
|
|
5
5
|
from datetime import datetime, timezone
|
|
6
6
|
from logging import Logger
|
|
7
7
|
from pypomes_core import str_random
|
|
8
|
-
from pypomes_db import
|
|
8
|
+
from pypomes_db import (
|
|
9
|
+
db_connect, db_commit, db_select, db_insert, db_update, db_delete
|
|
10
|
+
)
|
|
9
11
|
from threading import Lock
|
|
10
12
|
from typing import Any
|
|
11
13
|
|
|
@@ -275,12 +277,11 @@ class JwtRegistry:
|
|
|
275
277
|
key=JWT_ENCODING_KEY,
|
|
276
278
|
algorithm=JWT_DEFAULT_ALGORITHM,
|
|
277
279
|
headers={"kid": "R0"})
|
|
278
|
-
# obtain a DB connection
|
|
280
|
+
# obtain a DB connection
|
|
279
281
|
db_conn: Any = db_connect(errors=errors,
|
|
280
282
|
logger=logger)
|
|
281
283
|
# persist the candidate token (may raise an exception)
|
|
282
|
-
token_id: int = _jwt_persist_token(
|
|
283
|
-
account_id=account_id,
|
|
284
|
+
token_id: int = _jwt_persist_token(account_id=account_id,
|
|
284
285
|
jwt_token=refresh_token,
|
|
285
286
|
db_conn=db_conn,
|
|
286
287
|
logger=logger)
|
|
@@ -297,9 +298,10 @@ class JwtRegistry:
|
|
|
297
298
|
connection=db_conn,
|
|
298
299
|
logger=logger)
|
|
299
300
|
# commit the transaction
|
|
300
|
-
|
|
301
|
-
|
|
302
|
-
|
|
301
|
+
if not errors:
|
|
302
|
+
db_commit(errors=errors,
|
|
303
|
+
connection=db_conn,
|
|
304
|
+
logger=logger)
|
|
303
305
|
if errors:
|
|
304
306
|
raise RuntimeError("; ".join(errors))
|
|
305
307
|
|
|
@@ -339,8 +341,7 @@ class JwtRegistry:
|
|
|
339
341
|
return result
|
|
340
342
|
|
|
341
343
|
|
|
342
|
-
def _jwt_persist_token(
|
|
343
|
-
account_id: str,
|
|
344
|
+
def _jwt_persist_token(account_id: str,
|
|
344
345
|
jwt_token: str,
|
|
345
346
|
db_conn: Any = None,
|
|
346
347
|
logger: Logger = None) -> int:
|
|
@@ -354,7 +355,6 @@ def _jwt_persist_token(errors: list[str],
|
|
|
354
355
|
|
|
355
356
|
If *db_conn* is provided, then all DB operations will be carried out in the scope of a single transaction.
|
|
356
357
|
|
|
357
|
-
:param errors: incidental errors
|
|
358
358
|
:param account_id: the account identification
|
|
359
359
|
:param jwt_token: the JWT token to persist
|
|
360
360
|
:param db_conn: the database connection to use
|
|
@@ -362,17 +362,19 @@ def _jwt_persist_token(errors: list[str],
|
|
|
362
362
|
:return: the storage id of the inserted token
|
|
363
363
|
:raises RuntimeError: error accessing the token database
|
|
364
364
|
"""
|
|
365
|
-
from pypomes_db import db_select, db_insert, db_delete
|
|
366
365
|
from .jwt_pomes import jwt_get_claims
|
|
367
366
|
|
|
368
367
|
# retrieve the account's tokens
|
|
368
|
+
errors: list[str] = []
|
|
369
369
|
# noinspection PyTypeChecker
|
|
370
370
|
recs: list[tuple[int, str, str, str]] = \
|
|
371
371
|
db_select(errors=errors,
|
|
372
372
|
sel_stmt=f"SELECT {JWT_DB_COL_KID}, {JWT_DB_COL_TOKEN} "
|
|
373
373
|
f"FROM {JWT_DB_TABLE}",
|
|
374
374
|
where_data={JWT_DB_COL_ACCOUNT: account_id},
|
|
375
|
-
connection=db_conn
|
|
375
|
+
connection=db_conn,
|
|
376
|
+
committable=False,
|
|
377
|
+
logger=logger)
|
|
376
378
|
if errors:
|
|
377
379
|
raise RuntimeError("; ".join(errors))
|
|
378
380
|
|
|
@@ -386,21 +388,21 @@ def _jwt_persist_token(errors: list[str],
|
|
|
386
388
|
for rec in recs:
|
|
387
389
|
token: str = rec[1]
|
|
388
390
|
token_id: int = rec[0]
|
|
389
|
-
|
|
390
|
-
|
|
391
|
-
|
|
391
|
+
token_payload: dict[str, Any] = (jwt_get_claims(errors=errors,
|
|
392
|
+
token=token,
|
|
393
|
+
logger=logger) or {}).get("payload")
|
|
392
394
|
if errors:
|
|
393
395
|
raise RuntimeError("; ".join(errors))
|
|
394
396
|
|
|
395
397
|
# find expired tokens
|
|
396
|
-
exp: int =
|
|
398
|
+
exp: int = token_payload.get("exp", sys.maxsize)
|
|
397
399
|
if exp < just_now:
|
|
398
400
|
expired.append(token_id)
|
|
399
401
|
|
|
400
402
|
# find oldest token
|
|
401
|
-
iat: int =
|
|
403
|
+
iat: int = token_payload.get("iat", sys.maxsize)
|
|
402
404
|
if iat < oldest_ts:
|
|
403
|
-
oldest_ts =
|
|
405
|
+
oldest_ts = iat
|
|
404
406
|
oldest_id = token_id
|
|
405
407
|
|
|
406
408
|
# remove expired tokens from persistence
|
|
@@ -409,6 +411,7 @@ def _jwt_persist_token(errors: list[str],
|
|
|
409
411
|
delete_stmt=f"DELETE FROM {JWT_DB_TABLE}",
|
|
410
412
|
where_data={JWT_DB_COL_KID: expired},
|
|
411
413
|
connection=db_conn,
|
|
414
|
+
committable=False,
|
|
412
415
|
logger=logger)
|
|
413
416
|
if errors:
|
|
414
417
|
raise RuntimeError("; ".join(errors))
|
|
@@ -422,6 +425,7 @@ def _jwt_persist_token(errors: list[str],
|
|
|
422
425
|
delete_stmt=f"DELETE FROM {JWT_DB_TABLE}",
|
|
423
426
|
where_data={JWT_DB_COL_KID: oldest_id},
|
|
424
427
|
connection=db_conn,
|
|
428
|
+
committable=False,
|
|
425
429
|
logger=logger)
|
|
426
430
|
if errors:
|
|
427
431
|
raise RuntimeError("; ".join(errors))
|
|
@@ -436,6 +440,7 @@ def _jwt_persist_token(errors: list[str],
|
|
|
436
440
|
JWT_DB_COL_ALGORITHM: JWT_DEFAULT_ALGORITHM,
|
|
437
441
|
JWT_DB_COL_DECODER: urlsafe_b64encode(JWT_DECODING_KEY).decode()},
|
|
438
442
|
connection=db_conn,
|
|
443
|
+
committable=False,
|
|
439
444
|
logger=logger)
|
|
440
445
|
if errors:
|
|
441
446
|
raise RuntimeError("; ".join(errors))
|
|
@@ -446,6 +451,7 @@ def _jwt_persist_token(errors: list[str],
|
|
|
446
451
|
f"FROM {JWT_DB_TABLE}",
|
|
447
452
|
where_data={JWT_DB_COL_TOKEN: jwt_token},
|
|
448
453
|
connection=db_conn,
|
|
454
|
+
committable=False,
|
|
449
455
|
logger=logger)
|
|
450
456
|
if errors:
|
|
451
457
|
raise RuntimeError("; ".join(errors))
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: pypomes_jwt
|
|
3
|
-
Version: 1.0.
|
|
3
|
+
Version: 1.0.3
|
|
4
4
|
Summary: A collection of Python pomes, penyeach (JWT module)
|
|
5
5
|
Project-URL: Homepage, https://github.com/TheWiseCoder/PyPomes-JWT
|
|
6
6
|
Project-URL: Bug Tracker, https://github.com/TheWiseCoder/PyPomes-JWT/issues
|
|
@@ -12,5 +12,5 @@ Classifier: Programming Language :: Python :: 3
|
|
|
12
12
|
Requires-Python: >=3.12
|
|
13
13
|
Requires-Dist: cryptography>=44.0.2
|
|
14
14
|
Requires-Dist: pyjwt>=2.10.1
|
|
15
|
-
Requires-Dist: pypomes-core>=1.8.
|
|
16
|
-
Requires-Dist: pypomes-db>=
|
|
15
|
+
Requires-Dist: pypomes-core>=1.8.7
|
|
16
|
+
Requires-Dist: pypomes-db>=2.0.0
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
pypomes_jwt/__init__.py,sha256=fLr_M8yXlcmSTNPMdJOJQlMmtaiK5YKh0vKjOp3z2E4,1446
|
|
2
|
+
pypomes_jwt/jwt_constants.py,sha256=IQV39AiZKGuU8XxZBgJ-KJZQZ_mmnxyOnRZeuxlqDRk,4045
|
|
3
|
+
pypomes_jwt/jwt_pomes.py,sha256=0JvWQaVgGXMfvvck_ZI6EW5diech7DabBFYskPU7jmE,21215
|
|
4
|
+
pypomes_jwt/jwt_registry.py,sha256=t2adiHGg04RRwrLvX2XUgRwOtwtH8p2Ir2uAbsc2CoQ,21593
|
|
5
|
+
pypomes_jwt-1.0.3.dist-info/METADATA,sha256=ayr8d8ZmUyAHGDHKMeXNW0-zbhyU62HBZwdIj69nlM0,632
|
|
6
|
+
pypomes_jwt-1.0.3.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
|
|
7
|
+
pypomes_jwt-1.0.3.dist-info/licenses/LICENSE,sha256=NdakochSXm_H_-DSL_x2JlRCkYikj3snYYvTwgR5d_c,1086
|
|
8
|
+
pypomes_jwt-1.0.3.dist-info/RECORD,,
|
|
@@ -1,8 +0,0 @@
|
|
|
1
|
-
pypomes_jwt/__init__.py,sha256=fLr_M8yXlcmSTNPMdJOJQlMmtaiK5YKh0vKjOp3z2E4,1446
|
|
2
|
-
pypomes_jwt/jwt_constants.py,sha256=IQV39AiZKGuU8XxZBgJ-KJZQZ_mmnxyOnRZeuxlqDRk,4045
|
|
3
|
-
pypomes_jwt/jwt_pomes.py,sha256=UHDmdgmo_1XmHfLvrcxLNRrib6En_XlNEXElDiHlwlI,21188
|
|
4
|
-
pypomes_jwt/jwt_registry.py,sha256=5L6n4ue7YEkGT60U69WvoobKR9ziHkqdIgeOmYEn2gU,21472
|
|
5
|
-
pypomes_jwt-1.0.1.dist-info/METADATA,sha256=VgxvMpAJrWmoW5713vx2od7bYwvEyfaEjlGXTWjv-Vo,632
|
|
6
|
-
pypomes_jwt-1.0.1.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
|
|
7
|
-
pypomes_jwt-1.0.1.dist-info/licenses/LICENSE,sha256=NdakochSXm_H_-DSL_x2JlRCkYikj3snYYvTwgR5d_c,1086
|
|
8
|
-
pypomes_jwt-1.0.1.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|