pypomes-jwt 1.2.4__tar.gz → 1.2.6__tar.gz

{pypomes_jwt-1.2.4 → pypomes_jwt-1.2.6}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pypomes_jwt
-Version: 1.2.4
+Version: 1.2.6
 Summary: A collection of Python pomes, penyeach (JWT module)
 Project-URL: Homepage, https://github.com/TheWiseCoder/PyPomes-JWT
 Project-URL: Bug Tracker, https://github.com/TheWiseCoder/PyPomes-JWT/issues

{pypomes_jwt-1.2.4 → pypomes_jwt-1.2.6}/pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "pypomes_jwt"
-version = "1.2.4"
+version = "1.2.6"
 authors = [
   { name="GT Nunes", email="wisecoder01@gmail.com" }
 ]

{pypomes_jwt-1.2.4 → pypomes_jwt-1.2.6}/src/pypomes_jwt/__init__.py

@@ -1,26 +1,26 @@
 from .jwt_config import (
     JwtConfig, JwtDbConfig, JwtAlgorithm
 )
-from .jwt_external import (
-    provider_register, provider_get_token
-)
 from .jwt_pomes import (
     jwt_needed, jwt_verify_request,
     jwt_assert_account, jwt_set_account, jwt_remove_account,
     jwt_issue_token, jwt_issue_tokens, jwt_refresh_tokens,
     jwt_get_claims, jwt_validate_token, jwt_revoke_token
 )
+from .jwt_providers import (
+    provider_register, provider_get_token
+)
 
 __all__ = [
     # jwt_constants
     "JwtConfig", "JwtDbConfig", "JwtAlgorithm",
-    # jwt_external
-    "provider_register", "provider_get_token",
     # jwt_pomes
     "jwt_needed", "jwt_verify_request",
     "jwt_assert_account", "jwt_set_account", "jwt_remove_account",
     "jwt_issue_token", "jwt_issue_tokens", "jwt_refresh_tokens",
-    "jwt_get_claims", "jwt_validate_token", "jwt_revoke_token"
+    "jwt_get_claims", "jwt_validate_token", "jwt_revoke_token",
+    # jwt_providers
+    "provider_register", "provider_get_token"
 ]
 
 from importlib.metadata import version

pypomes_jwt-1.2.4/src/pypomes_jwt/jwt_external.py → pypomes_jwt-1.2.6/src/pypomes_jwt/jwt_providers.py

@@ -3,18 +3,20 @@ import sys
 from base64 import b64encode
 from datetime import datetime
 from logging import Logger
-from pypomes_core import TZ_LOCAL, Mimetype, exc_format
+from pypomes_core import TZ_LOCAL, exc_format
 from requests import Response
 from typing import Any
 
 # structure:
 # {
 #    <provider-id>: {
-#      "url": <access-url>,
-#      "grant-type": <type-of-grant-to-request>,
-#      "user": <basic-auth-user>,
-#      "pwd": <basic-auth-pwd>,
-#      "token": <auth-token>,
+#      "url": <strl>,
+#      "user": <str>,
+#      "pwd": <str>,
+#      "basic-auth": <bool>,
+#      "headers-data": <dict[str, str]>,
+#      "body-data": <dict[str, str],
+#      "token": <str>,
 #      "expiration": <timestamp>
 #    }
 # }
@@ -23,30 +25,38 @@ _provider_registry: dict[str, dict[str, Any]] = {}
 
 def provider_register(provider_id: str,
                       access_url: str,
-                      grant_type: str,
                       auth_user: str,
                       auth_pwd: str,
-                      client_id: str = None,
-                      use_header: bool = None) -> None:
+                      custom_auth: tuple[str, str] = None,
+                      headers_data: dict[str, str] = None,
+                      body_data: dict[str, str] = None) -> None:
     """
-    Register an external token provider.
+    Register an external authentication token provider.
+
+    If specified, *custom_auth* provides key names for sending credentials (username and password, in this order)
+    as key-value pairs in the body of the request. Otherwise, the external provider *provider_id* uses the standard
+    HTTP Basic Authorization scheme, wherein the credentials are B64-encoded and send in the request headers.
+
+    Optional constant key-value pairs (such as ['Content-Type', 'application/x-www-form-urlencoded']), to be
+    added to the request headers, may be specified in *header_data*. Likewise, optional constant key-value pairs
+    (such as ['grant-type', 'client_crdentials']), to be added to the request body, may be specified in *body_data*.
 
     :param provider_id: the provider's identification
-    :param grant_type: the type of grant to request (typically, 'client_credentials' or 'password')
-    :param access_url: the url to request tokens with
+    :param access_url: the url to request authentication tokens with
     :param auth_user: the basic authorization user
     :param auth_pwd: the basic authorization password
-    :param client_id: optional client id to add to the request body
-    :param use_header: use HTTP header on the request
+    :param custom_auth: optional key names for sending the credentials as key-value pairs in the body of the request
+    :param headers_data: optional key-value pairs to be added to the request headers
+    :param body_data: optional key-value pairs to be added to the request body
     """
     global _provider_registry  # noqa: PLW0602
     _provider_registry[provider_id] = {
         "url": access_url,
-        "grant_type": grant_type,
         "user": auth_user,
         "pwd": auth_pwd,
-        "client_id": client_id,
-        "use_header": use_header,
+        "custom-auth": custom_auth,
+        "headers-data": headers_data,
+        "body-data": body_data,
         "token": None,
         "expiration": datetime.now(tz=TZ_LOCAL).timestamp()
     }
@@ -71,18 +81,17 @@ def provider_get_token(errors: list[str] | None,
     if provider:
         now: float = datetime.now(tz=TZ_LOCAL).timestamp()
         if now > provider.get("expiration"):
-            data: dict[str, str] = {"grant_type": provider.get("grant-type")}
-            headers: dict[str, str] = {"Content-Type": Mimetype.URLENCODED}
             user: str = provider.get("user")
             pwd: str = provider.get("pwd")
-            if provider.get("use_header"):
-                enc_bytes: bytes = b64encode(f"{user}:{pwd}".encode())
-                headers["Authorization"] = f"Basic {enc_bytes.decode()}"
+            headers_data: dict[str, str] = provider.get("headers-data") or {}
+            body_data: dict[str, str] = provider.get("body-data") or {}
+            custom_auth: tuple[str, str] = provider.get("custom-auth")
+            if custom_auth:
+                body_data[custom_auth[0]] = user
+                body_data[custom_auth[1]] = pwd
             else:
-                data["username"] = user
-                data["password"] = pwd
-                if provider.get("client_id"):
-                    data["client_id"] = provider.get("client_id")
+                enc_bytes: bytes = b64encode(f"{user}:{pwd}".encode())
+                headers_data["Authorization"] = f"Basic {enc_bytes.decode()}"
             url: str = provider.get("url")
             try:
                 # typical return on a token request:
@@ -92,8 +101,8 @@ def provider_get_token(errors: list[str] | None,
                 #   "access_token": <the-token>
                 # }
                 response: Response = requests.post(url=url,
-                                                   data=data,
-                                                   headers=headers,
+                                                   data=body_data,
+                                                   headers=headers_data,
                                                    timeout=None)
                 if response.status_code < 200 or response.status_code >= 300:
                     # request resulted in error, report the problem