pypomes-jwt 1.2.9__py3-none-any.whl → 1.3.1__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of pypomes-jwt might be problematic. Click here for more details.
- pypomes_jwt/jwt_config.py +1 -1
- pypomes_jwt/jwt_pomes.py +29 -38
- {pypomes_jwt-1.2.9.dist-info → pypomes_jwt-1.3.1.dist-info}/METADATA +1 -1
- pypomes_jwt-1.3.1.dist-info/RECORD +9 -0
- pypomes_jwt-1.2.9.dist-info/RECORD +0 -9
- {pypomes_jwt-1.2.9.dist-info → pypomes_jwt-1.3.1.dist-info}/WHEEL +0 -0
- {pypomes_jwt-1.2.9.dist-info → pypomes_jwt-1.3.1.dist-info}/licenses/LICENSE +0 -0
pypomes_jwt/jwt_config.py
CHANGED
|
@@ -52,7 +52,7 @@ class JwtConfig(Enum):
|
|
|
52
52
|
def_value=300)
|
|
53
53
|
ACCOUNT_LIMIT: int = env_get_int(key=f"{APP_PREFIX}_JWT_ACCOUNT_LIMIT",
|
|
54
54
|
def_value=5)
|
|
55
|
-
DEFAULT_ALGORITHM: _default_algorithm
|
|
55
|
+
DEFAULT_ALGORITHM: JwtAlgorithm = _default_algorithm
|
|
56
56
|
ENCODING_KEY: bytes = _encoding_key
|
|
57
57
|
DECODING_KEY: bytes = _decoding_key
|
|
58
58
|
# recommended: at least 2 hours (set to 24 hours)
|
pypomes_jwt/jwt_pomes.py
CHANGED
|
@@ -158,7 +158,10 @@ def jwt_validate_token(token: str,
|
|
|
158
158
|
|
|
159
159
|
if logger:
|
|
160
160
|
logger.debug(msg="Validate JWT token")
|
|
161
|
-
|
|
161
|
+
|
|
162
|
+
# make sure to have an errors list
|
|
163
|
+
if not isinstance(errors, list):
|
|
164
|
+
errors = []
|
|
162
165
|
|
|
163
166
|
# extract needed data from token header
|
|
164
167
|
token_header: dict[str, Any] | None = None
|
|
@@ -169,9 +172,9 @@ def jwt_validate_token(token: str,
|
|
|
169
172
|
exc_info=sys.exc_info())
|
|
170
173
|
if logger:
|
|
171
174
|
logger.error(msg=f"Error retrieving the token's header: {exc_err}")
|
|
172
|
-
|
|
175
|
+
errors.append(exc_err)
|
|
173
176
|
|
|
174
|
-
if not
|
|
177
|
+
if not errors:
|
|
175
178
|
token_kid: str = token_header.get("kid")
|
|
176
179
|
token_alg: str | None = None
|
|
177
180
|
token_decoder: bytes | None = None
|
|
@@ -180,7 +183,7 @@ def jwt_validate_token(token: str,
|
|
|
180
183
|
if nature and not (token_kid and token_kid[0:1] == nature):
|
|
181
184
|
if logger:
|
|
182
185
|
logger.error(f"Nature of token's 'kid' ('{token_kid}') not '{nature}'")
|
|
183
|
-
|
|
186
|
+
errors.append("Invalid token")
|
|
184
187
|
elif token_kid and len(token_kid) > 1 and \
|
|
185
188
|
token_kid[0:1] in ["A", "R"] and token_kid[1:].isdigit():
|
|
186
189
|
# token was likely issued locally
|
|
@@ -192,24 +195,24 @@ def jwt_validate_token(token: str,
|
|
|
192
195
|
f"FROM {JwtDbConfig.TABLE}",
|
|
193
196
|
where_data=where_data,
|
|
194
197
|
engine=DbEngine(JwtDbConfig.ENGINE),
|
|
195
|
-
errors=
|
|
198
|
+
errors=errors,
|
|
196
199
|
logger=logger)
|
|
197
200
|
if recs:
|
|
198
201
|
token_alg = recs[0][0]
|
|
199
202
|
token_decoder = b64decode(recs[0][1])
|
|
200
|
-
elif
|
|
203
|
+
elif errors:
|
|
201
204
|
if logger:
|
|
202
|
-
logger.error(msg=f"Error retrieving the token's decoder: {'; '.join(
|
|
205
|
+
logger.error(msg=f"Error retrieving the token's decoder: {'; '.join(errors)}")
|
|
203
206
|
else:
|
|
204
207
|
if logger:
|
|
205
208
|
logger.error(msg="Token not in the database")
|
|
206
|
-
|
|
209
|
+
errors.append("Invalid token")
|
|
207
210
|
else:
|
|
208
211
|
token_alg = JwtConfig.DEFAULT_ALGORITHM.value
|
|
209
212
|
token_decoder = JwtConfig.DECODING_KEY.value
|
|
210
213
|
|
|
211
214
|
# validate the token
|
|
212
|
-
if not
|
|
215
|
+
if not errors:
|
|
213
216
|
try:
|
|
214
217
|
# raises:
|
|
215
218
|
# InvalidTokenError: token is invalid
|
|
@@ -232,7 +235,7 @@ def jwt_validate_token(token: str,
|
|
|
232
235
|
if account_id and payload.get("sub") != account_id:
|
|
233
236
|
if logger:
|
|
234
237
|
logger.error(msg=f"Token does not belong to account '{account_id}'")
|
|
235
|
-
|
|
238
|
+
errors.append("Invalid token")
|
|
236
239
|
else:
|
|
237
240
|
result = {
|
|
238
241
|
"header": token_header,
|
|
@@ -243,12 +246,9 @@ def jwt_validate_token(token: str,
|
|
|
243
246
|
exc_info=sys.exc_info())
|
|
244
247
|
if logger:
|
|
245
248
|
logger.error(msg=f"Error decoding the token: {exc_err}")
|
|
246
|
-
|
|
249
|
+
errors.append(exc_err)
|
|
247
250
|
|
|
248
|
-
if
|
|
249
|
-
if isinstance(errors, list):
|
|
250
|
-
errors.extend(op_errors)
|
|
251
|
-
elif logger:
|
|
251
|
+
if not errors and logger:
|
|
252
252
|
logger.debug(msg="Token is valid")
|
|
253
253
|
|
|
254
254
|
return result
|
|
@@ -275,15 +275,18 @@ def jwt_revoke_token(account_id: str,
|
|
|
275
275
|
if logger:
|
|
276
276
|
logger.debug(msg=f"Revoking token of account '{account_id}'")
|
|
277
277
|
|
|
278
|
-
|
|
278
|
+
# make sure to have an errors list
|
|
279
|
+
if not isinstance(errors, list):
|
|
280
|
+
errors = []
|
|
281
|
+
|
|
279
282
|
token_claims: dict[str, Any] = jwt_validate_token(token=token,
|
|
280
283
|
account_id=account_id,
|
|
281
|
-
errors=
|
|
284
|
+
errors=errors,
|
|
282
285
|
logger=logger)
|
|
283
|
-
if not
|
|
286
|
+
if not errors:
|
|
284
287
|
token_kid: str = token_claims["header"].get("kid")
|
|
285
288
|
if token_kid[0:1] not in ["A", "R"]:
|
|
286
|
-
|
|
289
|
+
errors.append("Invalid token")
|
|
287
290
|
else:
|
|
288
291
|
db_delete(delete_stmt=f"DELETE FROM {JwtDbConfig.TABLE}",
|
|
289
292
|
where_data={
|
|
@@ -291,15 +294,12 @@ def jwt_revoke_token(account_id: str,
|
|
|
291
294
|
JwtDbConfig.COL_ACCOUNT: account_id
|
|
292
295
|
},
|
|
293
296
|
engine=DbEngine(JwtDbConfig.ENGINE),
|
|
294
|
-
errors=
|
|
297
|
+
errors=errors,
|
|
295
298
|
logger=logger)
|
|
296
|
-
if
|
|
297
|
-
if logger:
|
|
298
|
-
logger.error(msg="; ".join(op_errors))
|
|
299
|
-
if isinstance(errors, list):
|
|
300
|
-
errors.extend(op_errors)
|
|
301
|
-
else:
|
|
299
|
+
if not errors:
|
|
302
300
|
result = True
|
|
301
|
+
elif logger:
|
|
302
|
+
logger.error(msg="; ".join(errors))
|
|
303
303
|
|
|
304
304
|
return result
|
|
305
305
|
|
|
@@ -333,7 +333,6 @@ def jwt_issue_token(account_id: str,
|
|
|
333
333
|
|
|
334
334
|
if logger:
|
|
335
335
|
logger.debug(msg=f"Issuing a JWT token for '{account_id}'")
|
|
336
|
-
op_errors: list[str] = []
|
|
337
336
|
|
|
338
337
|
try:
|
|
339
338
|
result = __jwt_registry.issue_token(account_id=account_id,
|
|
@@ -350,10 +349,8 @@ def jwt_issue_token(account_id: str,
|
|
|
350
349
|
exc_info=sys.exc_info())
|
|
351
350
|
if logger:
|
|
352
351
|
logger.error(msg=f"Error issuing the token: {exc_err}")
|
|
353
|
-
|
|
354
|
-
|
|
355
|
-
if op_errors and isinstance(errors, list):
|
|
356
|
-
errors.extend(op_errors)
|
|
352
|
+
if isinstance(errors, list):
|
|
353
|
+
errors.append(exc_err)
|
|
357
354
|
|
|
358
355
|
return result
|
|
359
356
|
|
|
@@ -387,7 +384,6 @@ def jwt_issue_tokens(account_id: str,
|
|
|
387
384
|
|
|
388
385
|
if logger:
|
|
389
386
|
logger.debug(msg=f"Issuing a JWT token pair for '{account_id}'")
|
|
390
|
-
op_errors: list[str] = []
|
|
391
387
|
|
|
392
388
|
try:
|
|
393
389
|
result = __jwt_registry.issue_tokens(account_id=account_id,
|
|
@@ -401,13 +397,8 @@ def jwt_issue_tokens(account_id: str,
|
|
|
401
397
|
exc_info=sys.exc_info())
|
|
402
398
|
if logger:
|
|
403
399
|
logger.error(msg=f"Error issuing the token pair: {exc_err}")
|
|
404
|
-
op_errors.append(exc_err)
|
|
405
|
-
|
|
406
|
-
if op_errors:
|
|
407
|
-
if logger:
|
|
408
|
-
logger.error("; ".join(op_errors))
|
|
409
400
|
if isinstance(errors, list):
|
|
410
|
-
errors.
|
|
401
|
+
errors.append(exc_err)
|
|
411
402
|
|
|
412
403
|
return result
|
|
413
404
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: pypomes_jwt
|
|
3
|
-
Version: 1.
|
|
3
|
+
Version: 1.3.1
|
|
4
4
|
Summary: A collection of Python pomes, penyeach (JWT module)
|
|
5
5
|
Project-URL: Homepage, https://github.com/TheWiseCoder/PyPomes-JWT
|
|
6
6
|
Project-URL: Bug Tracker, https://github.com/TheWiseCoder/PyPomes-JWT/issues
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
pypomes_jwt/__init__.py,sha256=vXAeaEnuUqpvGtV465TsW2Lf3ihijrMP2Hm4My79y88,968
|
|
2
|
+
pypomes_jwt/jwt_config.py,sha256=YV393iI3AMIUL-zqJJMQtuLlPtWdPjQvPG_6viM3wck,3413
|
|
3
|
+
pypomes_jwt/jwt_pomes.py,sha256=WWmZYVpG6wqlIjcJU3jNyBquCgfB-OcgCJBmm6imL4Q,23524
|
|
4
|
+
pypomes_jwt/jwt_providers.py,sha256=LL2OxdyGH3_O-qEOVjg_GsPQVRtaSi37AE-BOZ6tiqs,5928
|
|
5
|
+
pypomes_jwt/jwt_registry.py,sha256=SDP2pFPsbjJ9w3r9c_DPJuN86rdwhHkg3lyX3gTBuNY,22305
|
|
6
|
+
pypomes_jwt-1.3.1.dist-info/METADATA,sha256=51c89o0L25L9aMmwSZO_cmS8XwrFOd81KAEfZvO2m34,660
|
|
7
|
+
pypomes_jwt-1.3.1.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
|
|
8
|
+
pypomes_jwt-1.3.1.dist-info/licenses/LICENSE,sha256=NdakochSXm_H_-DSL_x2JlRCkYikj3snYYvTwgR5d_c,1086
|
|
9
|
+
pypomes_jwt-1.3.1.dist-info/RECORD,,
|
|
@@ -1,9 +0,0 @@
|
|
|
1
|
-
pypomes_jwt/__init__.py,sha256=vXAeaEnuUqpvGtV465TsW2Lf3ihijrMP2Hm4My79y88,968
|
|
2
|
-
pypomes_jwt/jwt_config.py,sha256=E8fGof_krCx2gZ_QCo87tF46J_2OLZk1m9erf3oX4O4,3398
|
|
3
|
-
pypomes_jwt/jwt_pomes.py,sha256=5EZ0gYj-zRJx1iQHfdmtdk-4V7NuWnhof69Vr6_TpRs,23836
|
|
4
|
-
pypomes_jwt/jwt_providers.py,sha256=LL2OxdyGH3_O-qEOVjg_GsPQVRtaSi37AE-BOZ6tiqs,5928
|
|
5
|
-
pypomes_jwt/jwt_registry.py,sha256=SDP2pFPsbjJ9w3r9c_DPJuN86rdwhHkg3lyX3gTBuNY,22305
|
|
6
|
-
pypomes_jwt-1.2.9.dist-info/METADATA,sha256=ptV7ecaz2x0IuwO_xGzNAozIOBN15Powzl9-utmMFgM,660
|
|
7
|
-
pypomes_jwt-1.2.9.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
|
|
8
|
-
pypomes_jwt-1.2.9.dist-info/licenses/LICENSE,sha256=NdakochSXm_H_-DSL_x2JlRCkYikj3snYYvTwgR5d_c,1086
|
|
9
|
-
pypomes_jwt-1.2.9.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|