pypomes-jwt 1.1.7__tar.gz → 1.1.8__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of pypomes-jwt might be problematic. Click here for more details.

Files changed (9) hide show
  1. {pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/PKG-INFO +3 -2
  2. {pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/pyproject.toml +3 -2
  3. {pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/src/pypomes_jwt/jwt_pomes.py +23 -27
  4. {pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/src/pypomes_jwt/jwt_registry.py +8 -6
  5. {pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/.gitignore +0 -0
  6. {pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/LICENSE +0 -0
  7. {pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/README.md +0 -0
  8. {pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/src/pypomes_jwt/__init__.py +0 -0
  9. {pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/src/pypomes_jwt/jwt_config.py +0 -0
{pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: pypomes_jwt
3
- Version: 1.1.7
3
+ Version: 1.1.8
4
4
  Summary: A collection of Python pomes, penyeach (JWT module)
5
5
  Project-URL: Homepage, https://github.com/TheWiseCoder/PyPomes-JWT
6
6
  Project-URL: Bug Tracker, https://github.com/TheWiseCoder/PyPomes-JWT/issues
@@ -13,4 +13,5 @@ Requires-Python: >=3.12
13
13
  Requires-Dist: cryptography>=44.0.2
14
14
  Requires-Dist: pyjwt>=2.10.1
15
15
  Requires-Dist: pypomes-core>=2.0.5
16
- Requires-Dist: pypomes-db>=2.1.1
16
+ Requires-Dist: pypomes-db>=2.1.3
17
+ Requires-Dist: pypomes-logging>=0.6.1
{pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/pyproject.toml RENAMED
@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
6
6
 
7
7
  [project]
8
8
  name = "pypomes_jwt"
9
- version = "1.1.7"
9
+ version = "1.1.8"
10
10
  authors = [
11
11
  { name="GT Nunes", email="wisecoder01@gmail.com" }
12
12
  ]
@@ -22,7 +22,8 @@ dependencies = [
22
22
  "PyJWT>=2.10.1",
23
23
  "cryptography>=44.0.2",
24
24
  "pypomes_core>=2.0.5",
25
- "pypomes_db>=2.1.1"
25
+ "pypomes_db>=2.1.3",
26
+ "pypomes_logging>=0.6.1"
26
27
  ]
27
28
 
28
29
  [project.urls]
{pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/src/pypomes_jwt/jwt_pomes.py RENAMED
@@ -8,6 +8,7 @@ from pypomes_db import (
8
8
  DbEngine, db_connect, db_commit,
9
9
  db_rollback, db_select, db_delete
10
10
  )
11
+ from pypomes_logging import PYPOMES_LOGGER
11
12
  from typing import Any
12
13
 
13
14
  from .jwt_config import JwtConfig, JwtDbConfig
@@ -38,8 +39,6 @@ def jwt_verify_request(request: Request) -> Response:
38
39
  """
39
40
  Verify whether the HTTP *request* has the proper authorization, as per the JWT standard.
40
41
 
41
- This implementation assumes that HTTP requests are handled with the *Flask* framework.
42
-
43
42
  :param request: the *request* to be verified
44
43
  :return: *None* if the *request* is valid, otherwise a *Response* reporting the error
45
44
  """
@@ -49,19 +48,15 @@ def jwt_verify_request(request: Request) -> Response:
49
48
  # retrieve the authorization from the request header
50
49
  auth_header: str = request.headers.get("Authorization")
51
50
 
52
- # validate the authorization token
51
+ # was a 'Bearer' authorization obtained ?
53
52
  bad_token: bool = True
54
53
  if auth_header and auth_header.startswith("Bearer "):
55
54
  # yes, extract and validate the JWT access token
56
55
  token: str = auth_header.split(" ")[1]
57
- claims: dict[str, Any] = jwt_validate_token(errors=None,
58
- token=token,
59
- nature="A")
60
- if claims:
61
- login: str = request.values.get("login")
62
- subject: str = claims["payload"].get("sub")
63
- if not login or not subject or login == subject:
64
- bad_token = False
56
+ if jwt_validate_token(errors=None,
57
+ nature="A",
58
+ token=token):
59
+ bad_token = False
65
60
 
66
61
  # deny the authorization
67
62
  if bad_token:
@@ -85,7 +80,7 @@ def jwt_set_account(account_id: str,
85
80
  access_max_age: int = JwtConfig.ACCESS_MAX_AGE.value,
86
81
  refresh_max_age: int = JwtConfig.REFRESH_MAX_AGE.value,
87
82
  lead_interval: int = None,
88
- logger: Logger = None) -> None:
83
+ logger: Logger = PYPOMES_LOGGER) -> None:
89
84
  """
90
85
  Establish the data needed to obtain JWT tokens for *account_id*.
91
86
 
@@ -114,7 +109,7 @@ def jwt_set_account(account_id: str,
114
109
 
115
110
 
116
111
  def jwt_remove_account(account_id: str,
117
- logger: Logger = None) -> bool:
112
+ logger: Logger = PYPOMES_LOGGER) -> bool:
118
113
  """
119
114
  Remove from storage the JWT access data for *account_id*.
120
115
 
@@ -133,25 +128,26 @@ def jwt_validate_token(errors: list[str] | None,
133
128
  token: str,
134
129
  nature: str = None,
135
130
  account_id: str = None,
136
- logger: Logger = None) -> dict[str, Any] | None:
131
+ logger: Logger = PYPOMES_LOGGER) -> dict[str, Any] | None:
137
132
  """
138
133
  Verify if *token* ia a valid JWT token.
139
134
 
140
- Raise an appropriate exception if validation failed. Attempt to validate non locally issued tokens
141
- will not succeed. if *nature* is provided, validate whether *token* is of that nature.
142
- A token issued locally has the header claim *kid* starting with *A* (for *Access*) or *R* (for *Refresh*),
143
- followed by its id in the token database, or as a single letter in the range *[B-Z]*, less *R*.
144
- If the *kid* claim contains such an id, then the cryptographic key needed for validation
145
- will be obtained from the token database. Otherwise, the current decoding key is used.
135
+ Attempt to validate non locally issued tokens will not succeed. if *nature* is provided,
136
+ validate whether *token* is of that nature. A token issued locally has the header claim *kid*
137
+ starting with *A* (for *Access*) or *R* (for *Refresh*), followed by its id in the token database,
138
+ or as a single letter in the range *[B-Z]*, less *R*. If the *kid* claim contains such an id,
139
+ then the cryptographic key needed for validation will be obtained from the token database.
140
+ Otherwise, the current decoding key is used.
146
141
 
147
- On success, return the token's claims (header and payload), as documented in *jwt_get_claims()*
142
+ On success, return the token's claims (*header* and *payload*), as documented in *jwt_get_claims()*
143
+ On failure, *errors* will contain the reason(s) for rejecting *token*.
148
144
 
149
145
  :param errors: incidental error messages
150
146
  :param token: the token to be validated
151
147
  :param nature: prefix identifying the nature of locally issued tokens
152
148
  :param account_id: optionally, validate the token's account owner
153
149
  :param logger: optional logger
154
- :return: The token's claims (header and payload) if if is valid, *None* otherwise
150
+ :return: The token's claims (*header* and *payload*) if is valid, *None* otherwise
155
151
  """
156
152
  # initialize the return variable
157
153
  result: dict[str, Any] | None = None
@@ -257,7 +253,7 @@ def jwt_validate_token(errors: list[str] | None,
257
253
  def jwt_revoke_token(errors: list[str] | None,
258
254
  account_id: str,
259
255
  token: str,
260
- logger: Logger = None) -> bool:
256
+ logger: Logger = PYPOMES_LOGGER) -> bool:
261
257
  """
262
258
  Revoke the *refresh_token* associated with *account_id*.
263
259
 
@@ -310,7 +306,7 @@ def jwt_issue_token(errors: list[str] | None,
310
306
  duration: int,
311
307
  lead_interval: int = None,
312
308
  claims: dict[str, Any] = None,
313
- logger: Logger = None) -> str:
309
+ logger: Logger = PYPOMES_LOGGER) -> str:
314
310
  """
315
311
  Issue or refresh, and return, a JWT token associated with *account_id*, of the specified *nature*.
316
312
 
@@ -361,7 +357,7 @@ def jwt_issue_token(errors: list[str] | None,
361
357
  def jwt_issue_tokens(errors: list[str] | None,
362
358
  account_id: str,
363
359
  account_claims: dict[str, Any] = None,
364
- logger: Logger = None) -> dict[str, Any]:
360
+ logger: Logger = PYPOMES_LOGGER) -> dict[str, Any]:
365
361
  """
366
362
  Issue the JWT token pair associated with *account_id*, for access and refresh operations.
367
363
 
@@ -415,7 +411,7 @@ def jwt_issue_tokens(errors: list[str] | None,
415
411
  def jwt_refresh_tokens(errors: list[str] | None,
416
412
  account_id: str,
417
413
  refresh_token: str,
418
- logger: Logger = None) -> dict[str, Any]:
414
+ logger: Logger = PYPOMES_LOGGER) -> dict[str, Any]:
419
415
  """
420
416
  Refresh the JWT token pair associated with *account_id*, for access and refresh operations.
421
417
 
@@ -513,7 +509,7 @@ def jwt_refresh_tokens(errors: list[str] | None,
513
509
 
514
510
  def jwt_get_claims(errors: list[str] | None,
515
511
  token: str,
516
- logger: Logger = None) -> dict[str, Any] | None:
512
+ logger: Logger = PYPOMES_LOGGER) -> dict[str, Any] | None:
517
513
  """
518
514
  Retrieve and return the claims set of a JWT *token*.
519
515
 
{pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/src/pypomes_jwt/jwt_registry.py RENAMED
@@ -9,6 +9,7 @@ from pypomes_db import (
9
9
  DbEngine, db_connect, db_commit, db_rollback,
10
10
  db_select, db_insert, db_update, db_delete
11
11
  )
12
+ from pypomes_logging import PYPOMES_LOGGER
12
13
  from threading import Lock
13
14
  from typing import Any
14
15
 
@@ -88,7 +89,7 @@ class JwtRegistry:
88
89
  access_max_age: int,
89
90
  refresh_max_age: int,
90
91
  lead_interval: int | None,
91
- logger: Logger = None) -> None:
92
+ logger: Logger = PYPOMES_LOGGER) -> None:
92
93
  """
93
94
  Add to storage the parameters needed to produce and validate JWT tokens for *account_id*.
94
95
 
@@ -152,7 +153,7 @@ class JwtRegistry:
152
153
  duration: int,
153
154
  lead_interval: int = None,
154
155
  claims: dict[str, Any] = None,
155
- logger: Logger = None) -> str:
156
+ logger: Logger = PYPOMES_LOGGER) -> str:
156
157
  """
157
158
  Issue an return a JWT token associated with *account_id*.
158
159
 
@@ -212,7 +213,7 @@ class JwtRegistry:
212
213
  account_id: str,
213
214
  account_claims: dict[str, Any] = None,
214
215
  db_conn: Any = None,
215
- logger: Logger = None) -> dict[str, Any]:
216
+ logger: Logger = PYPOMES_LOGGER) -> dict[str, Any]:
216
217
  """
217
218
  Issue and return a JWT token pair associated with *account_id*.
218
219
 
@@ -319,7 +320,7 @@ class JwtRegistry:
319
320
 
320
321
  def __get_account_data(self,
321
322
  account_id: str,
322
- logger: Logger = None) -> dict[str, Any]:
323
+ logger: Logger = PYPOMES_LOGGER) -> dict[str, Any]:
323
324
  """
324
325
  Retrieve the JWT access data associated with *account_id*.
325
326
 
@@ -341,7 +342,7 @@ class JwtRegistry:
341
342
  def _jwt_persist_token(account_id: str,
342
343
  jwt_token: str,
343
344
  db_conn: Any,
344
- logger: Logger = None) -> int:
345
+ logger: Logger = PYPOMES_LOGGER) -> int:
345
346
  """
346
347
  Persist the given token, making sure that the account limit is complied with.
347
348
 
@@ -462,7 +463,8 @@ def _jwt_persist_token(account_id: str,
462
463
  f"FROM {JwtDbConfig.TABLE}",
463
464
  where_clause=where_clause,
464
465
  where_data={JwtDbConfig.COL_ACCOUNT: account_id},
465
- require_count=1,
466
+ min_count=1,
467
+ max_count=1,
466
468
  engine=DbEngine(JwtDbConfig.ENGINE),
467
469
  connection=db_conn,
468
470
  committable=False,
{pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/.gitignore RENAMED
File without changes
{pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/LICENSE RENAMED
File without changes
{pypomes_jwt-1.1.7 → pypomes_jwt-1.1.8}/README.md RENAMED
File without changes