pypomes-jwt 1.1.7__tar.gz → 1.1.9__tar.gz

{pypomes_jwt-1.1.7 → pypomes_jwt-1.1.9}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pypomes_jwt
-Version: 1.1.7
+Version: 1.1.9
 Summary: A collection of Python pomes, penyeach (JWT module)
 Project-URL: Homepage, https://github.com/TheWiseCoder/PyPomes-JWT
 Project-URL: Bug Tracker, https://github.com/TheWiseCoder/PyPomes-JWT/issues
@@ -12,5 +12,6 @@ Classifier: Programming Language :: Python :: 3
 Requires-Python: >=3.12
 Requires-Dist: cryptography>=44.0.2
 Requires-Dist: pyjwt>=2.10.1
-Requires-Dist: pypomes-core>=2.0.5
-Requires-Dist: pypomes-db>=2.1.1
+Requires-Dist: pypomes-core>=2.0.6
+Requires-Dist: pypomes-db>=2.1.5
+Requires-Dist: pypomes-logging>=0.6.1

{pypomes_jwt-1.1.7 → pypomes_jwt-1.1.9}/pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "pypomes_jwt"
-version = "1.1.7"
+version = "1.1.9"
 authors = [
   { name="GT Nunes", email="wisecoder01@gmail.com" }
 ]
@@ -21,8 +21,9 @@ classifiers = [
 dependencies = [
     "PyJWT>=2.10.1",
     "cryptography>=44.0.2",
-    "pypomes_core>=2.0.5",
-    "pypomes_db>=2.1.1"
+    "pypomes_core>=2.0.6",
+    "pypomes_db>=2.1.5",
+    "pypomes_logging>=0.6.1"
 ]
 
 [project.urls]

{pypomes_jwt-1.1.7 → pypomes_jwt-1.1.9}/src/pypomes_jwt/jwt_pomes.py

@@ -8,6 +8,7 @@ from pypomes_db import (
     DbEngine, db_connect, db_commit,
     db_rollback, db_select, db_delete
 )
+from pypomes_logging import PYPOMES_LOGGER
 from typing import Any
 
 from .jwt_config import JwtConfig, JwtDbConfig
@@ -36,7 +37,7 @@ def jwt_needed(func: callable) -> callable:
 
 def jwt_verify_request(request: Request) -> Response:
     """
-    Verify whether the HTTP *request* has the proper authorization, as per the JWT standard.
+    Verify whether the HTTP *request* has the proper authorization, as per the JWT standard..
 
     This implementation assumes that HTTP requests are handled with the *Flask* framework.
 
@@ -85,7 +86,7 @@ def jwt_set_account(account_id: str,
                     access_max_age: int = JwtConfig.ACCESS_MAX_AGE.value,
                     refresh_max_age: int = JwtConfig.REFRESH_MAX_AGE.value,
                     lead_interval: int = None,
-                    logger: Logger = None) -> None:
+                    logger: Logger = PYPOMES_LOGGER) -> None:
     """
     Establish the data needed to obtain JWT tokens for *account_id*.
 
@@ -114,7 +115,7 @@ def jwt_set_account(account_id: str,
 
 
 def jwt_remove_account(account_id: str,
-                       logger: Logger = None) -> bool:
+                       logger: Logger = PYPOMES_LOGGER) -> bool:
     """
     Remove from storage the JWT access data for *account_id*.
 
@@ -133,25 +134,26 @@ def jwt_validate_token(errors: list[str] | None,
                        token: str,
                        nature: str = None,
                        account_id: str = None,
-                       logger: Logger = None) -> dict[str, Any] | None:
+                       logger: Logger = PYPOMES_LOGGER) -> dict[str, Any] | None:
     """
     Verify if *token* ia a valid JWT token.
 
-    Raise an appropriate exception if validation failed. Attempt to validate non locally issued tokens
-    will not succeed. if *nature* is provided, validate whether *token* is of that nature.
-    A token issued locally has the header claim *kid* starting with *A* (for *Access*) or *R* (for *Refresh*),
-    followed by its id in the token database, or as a single letter in the range *[B-Z]*, less *R*.
-    If the *kid* claim contains such an id, then the cryptographic key needed for validation
-    will be obtained from the token database. Otherwise, the current decoding key is used.
+    Attempt to validate non locally issued tokens will not succeed. If *nature* is provided,
+    validate whether *token* is of that nature. A token issued locally has the header claim *kid*
+    starting with *A* (for *Access*) or *R* (for *Refresh*), followed by its id in the token database,
+    or as a single letter in the range *[B-Z]*, less *R*. If the *kid* claim contains such an id,
+    then the cryptographic key needed for validation will be obtained from the token database.
+    Otherwise, the current decoding key is used.
 
-    On success, return the token's claims (header and payload), as documented in *jwt_get_claims()*
+    On success, return the token's claims (*header* and *payload*), as documented in *jwt_get_claims()*
+    On failure, *errors* will contain the reason(s) for rejecting *token*.
 
     :param errors: incidental error messages
     :param token: the token to be validated
     :param nature: prefix identifying the nature of locally issued tokens
     :param account_id: optionally, validate the token's account owner
     :param logger: optional logger
-    :return: The token's claims (header and payload) if if is valid, *None* otherwise
+    :return: The token's claims (*header* and *payload*) if is valid, *None* otherwise
     """
     # initialize the return variable
     result: dict[str, Any] | None = None
@@ -257,7 +259,7 @@ def jwt_validate_token(errors: list[str] | None,
 def jwt_revoke_token(errors: list[str] | None,
                      account_id: str,
                      token: str,
-                     logger: Logger = None) -> bool:
+                     logger: Logger = PYPOMES_LOGGER) -> bool:
     """
     Revoke the *refresh_token* associated with *account_id*.
 
@@ -310,7 +312,7 @@ def jwt_issue_token(errors: list[str] | None,
                     duration: int,
                     lead_interval: int = None,
                     claims: dict[str, Any] = None,
-                    logger: Logger = None) -> str:
+                    logger: Logger = PYPOMES_LOGGER) -> str:
     """
     Issue or refresh, and return, a JWT token associated with *account_id*, of the specified *nature*.
 
@@ -361,7 +363,7 @@ def jwt_issue_token(errors: list[str] | None,
 def jwt_issue_tokens(errors: list[str] | None,
                      account_id: str,
                      account_claims: dict[str, Any] = None,
-                     logger: Logger = None) -> dict[str, Any]:
+                     logger: Logger = PYPOMES_LOGGER) -> dict[str, Any]:
     """
     Issue the JWT token pair associated with *account_id*, for access and refresh operations.
 
@@ -415,7 +417,7 @@ def jwt_issue_tokens(errors: list[str] | None,
 def jwt_refresh_tokens(errors: list[str] | None,
                        account_id: str,
                        refresh_token: str,
-                       logger: Logger = None) -> dict[str, Any]:
+                       logger: Logger = PYPOMES_LOGGER) -> dict[str, Any]:
     """
     Refresh the JWT token pair associated with *account_id*, for access and refresh operations.
 
@@ -513,7 +515,7 @@ def jwt_refresh_tokens(errors: list[str] | None,
 
 def jwt_get_claims(errors: list[str] | None,
                    token: str,
-                   logger: Logger = None) -> dict[str, Any] | None:
+                   logger: Logger = PYPOMES_LOGGER) -> dict[str, Any] | None:
     """
     Retrieve and return the claims set of a JWT *token*.
 

{pypomes_jwt-1.1.7 → pypomes_jwt-1.1.9}/src/pypomes_jwt/jwt_registry.py

@@ -9,6 +9,7 @@ from pypomes_db import (
     DbEngine, db_connect, db_commit, db_rollback,
     db_select, db_insert, db_update, db_delete
 )
+from pypomes_logging import PYPOMES_LOGGER
 from threading import Lock
 from typing import Any
 
@@ -88,7 +89,7 @@ class JwtRegistry:
                     access_max_age: int,
                     refresh_max_age: int,
                     lead_interval: int | None,
-                    logger: Logger = None) -> None:
+                    logger: Logger = PYPOMES_LOGGER) -> None:
         """
         Add to storage the parameters needed to produce and validate JWT tokens for *account_id*.
 
@@ -152,7 +153,7 @@ class JwtRegistry:
                     duration: int,
                     lead_interval: int = None,
                     claims: dict[str, Any] = None,
-                    logger: Logger = None) -> str:
+                    logger: Logger = PYPOMES_LOGGER) -> str:
         """
         Issue an return a JWT token associated with *account_id*.
 
@@ -212,7 +213,7 @@ class JwtRegistry:
                      account_id: str,
                      account_claims: dict[str, Any] = None,
                      db_conn: Any = None,
-                     logger: Logger = None) -> dict[str, Any]:
+                     logger: Logger = PYPOMES_LOGGER) -> dict[str, Any]:
         """
         Issue and return a JWT token pair associated with *account_id*.
 
@@ -319,7 +320,7 @@ class JwtRegistry:
 
     def __get_account_data(self,
                            account_id: str,
-                           logger: Logger = None) -> dict[str, Any]:
+                           logger: Logger = PYPOMES_LOGGER) -> dict[str, Any]:
         """
         Retrieve the JWT access data associated with *account_id*.
 
@@ -341,7 +342,7 @@ class JwtRegistry:
 def _jwt_persist_token(account_id: str,
                        jwt_token: str,
                        db_conn: Any,
-                       logger: Logger = None) -> int:
+                       logger: Logger = PYPOMES_LOGGER) -> int:
     """
     Persist the given token, making sure that the account limit is complied with.
 
@@ -462,7 +463,8 @@ def _jwt_persist_token(account_id: str,
                                                  f"FROM {JwtDbConfig.TABLE}",
                                         where_clause=where_clause,
                                         where_data={JwtDbConfig.COL_ACCOUNT: account_id},
-                                        require_count=1,
+                                        min_count=1,
+                                        max_count=1,
                                         engine=DbEngine(JwtDbConfig.ENGINE),
                                         connection=db_conn,
                                         committable=False,