pypomes-jwt 1.3.2__tar.gz → 1.3.4__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of pypomes-jwt might be problematic. Click here for more details.
- {pypomes_jwt-1.3.2 → pypomes_jwt-1.3.4}/PKG-INFO +1 -1
- {pypomes_jwt-1.3.2 → pypomes_jwt-1.3.4}/pyproject.toml +1 -1
- {pypomes_jwt-1.3.2 → pypomes_jwt-1.3.4}/src/pypomes_jwt/jwt_config.py +13 -13
- {pypomes_jwt-1.3.2 → pypomes_jwt-1.3.4}/src/pypomes_jwt/jwt_registry.py +9 -9
- {pypomes_jwt-1.3.2 → pypomes_jwt-1.3.4}/.gitignore +0 -0
- {pypomes_jwt-1.3.2 → pypomes_jwt-1.3.4}/LICENSE +0 -0
- {pypomes_jwt-1.3.2 → pypomes_jwt-1.3.4}/README.md +0 -0
- {pypomes_jwt-1.3.2 → pypomes_jwt-1.3.4}/src/pypomes_jwt/__init__.py +0 -0
- {pypomes_jwt-1.3.2 → pypomes_jwt-1.3.4}/src/pypomes_jwt/jwt_pomes.py +0 -0
- {pypomes_jwt-1.3.2 → pypomes_jwt-1.3.4}/src/pypomes_jwt/jwt_providers.py +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: pypomes_jwt
|
|
3
|
-
Version: 1.3.
|
|
3
|
+
Version: 1.3.4
|
|
4
4
|
Summary: A collection of Python pomes, penyeach (JWT module)
|
|
5
5
|
Project-URL: Homepage, https://github.com/TheWiseCoder/PyPomes-JWT
|
|
6
6
|
Project-URL: Bug Tracker, https://github.com/TheWiseCoder/PyPomes-JWT/issues
|
|
@@ -21,8 +21,9 @@ class JwtAlgorithm(StrEnum):
|
|
|
21
21
|
|
|
22
22
|
# recommended: allow the encode and decode keys to be generated anew when app starts
|
|
23
23
|
_encoding_key: bytes = env_get_bytes(key=f"{APP_PREFIX}_JWT_ENCODING_KEY",
|
|
24
|
-
encoding="
|
|
25
|
-
_decoding_key: bytes
|
|
24
|
+
encoding="base64")
|
|
25
|
+
_decoding_key: bytes = env_get_bytes(key=f"{APP_PREFIX}_JWT_DECODING_KEY")
|
|
26
|
+
# default algorithm may cause encode and decode keys to be overriden
|
|
26
27
|
_default_algorithm: JwtAlgorithm = env_get_enum(key=f"{APP_PREFIX}_JWT_DEFAULT_ALGORITHM",
|
|
27
28
|
enum_class=JwtAlgorithm,
|
|
28
29
|
def_value=JwtAlgorithm.RS256)
|
|
@@ -30,17 +31,16 @@ if _default_algorithm in [JwtAlgorithm.HS256, JwtAlgorithm.HS512]:
|
|
|
30
31
|
if not _encoding_key:
|
|
31
32
|
_encoding_key = token_bytes(nbytes=32)
|
|
32
33
|
_decoding_key = _encoding_key
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
format=serialization.PublicFormat.SubjectPublicKeyInfo)
|
|
34
|
+
elif not _encoding_key or not _decoding_key:
|
|
35
|
+
__priv_key: RSAPrivateKey = rsa.generate_private_key(public_exponent=65537,
|
|
36
|
+
key_size=2048
|
|
37
|
+
if _default_algorithm == JwtAlgorithm.RS256 else 4096)
|
|
38
|
+
_encoding_key = __priv_key.private_bytes(encoding=serialization.Encoding.PEM,
|
|
39
|
+
format=serialization.PrivateFormat.PKCS8,
|
|
40
|
+
encryption_algorithm=serialization.NoEncryption())
|
|
41
|
+
__pub_key: RSAPublicKey = __priv_key.public_key()
|
|
42
|
+
_decoding_key = __pub_key.public_bytes(encoding=serialization.Encoding.PEM,
|
|
43
|
+
format=serialization.PublicFormat.SubjectPublicKeyInfo)
|
|
44
44
|
|
|
45
45
|
|
|
46
46
|
class JwtConfig(Enum):
|
|
@@ -203,8 +203,8 @@ class JwtRegistry:
|
|
|
203
203
|
|
|
204
204
|
# may raise an exception
|
|
205
205
|
return jwt.encode(payload=current_claims,
|
|
206
|
-
key=JwtConfig.ENCODING_KEY
|
|
207
|
-
algorithm=JwtConfig.DEFAULT_ALGORITHM
|
|
206
|
+
key=JwtConfig.ENCODING_KEY,
|
|
207
|
+
algorithm=JwtConfig.DEFAULT_ALGORITHM,
|
|
208
208
|
headers={"kid": nature})
|
|
209
209
|
|
|
210
210
|
def issue_tokens(self,
|
|
@@ -258,8 +258,8 @@ class JwtRegistry:
|
|
|
258
258
|
current_claims["exp"] = just_now + account_data.get("refresh-max-age")
|
|
259
259
|
# may raise an exception
|
|
260
260
|
refresh_token: str = jwt.encode(payload=current_claims,
|
|
261
|
-
key=JwtConfig.ENCODING_KEY
|
|
262
|
-
algorithm=JwtConfig.DEFAULT_ALGORITHM
|
|
261
|
+
key=JwtConfig.ENCODING_KEY,
|
|
262
|
+
algorithm=JwtConfig.DEFAULT_ALGORITHM,
|
|
263
263
|
headers={"kid": "R0"})
|
|
264
264
|
|
|
265
265
|
# make sure to have a database connection
|
|
@@ -275,8 +275,8 @@ class JwtRegistry:
|
|
|
275
275
|
logger=logger)
|
|
276
276
|
# issue the definitive refresh token
|
|
277
277
|
refresh_token = jwt.encode(payload=current_claims,
|
|
278
|
-
key=JwtConfig.ENCODING_KEY
|
|
279
|
-
algorithm=JwtConfig.DEFAULT_ALGORITHM
|
|
278
|
+
key=JwtConfig.ENCODING_KEY,
|
|
279
|
+
algorithm=JwtConfig.DEFAULT_ALGORITHM,
|
|
280
280
|
headers={"kid": f"R{token_id}"})
|
|
281
281
|
# persist it
|
|
282
282
|
db_update(update_stmt=f"UPDATE {JwtDbConfig.TABLE}",
|
|
@@ -305,8 +305,8 @@ class JwtRegistry:
|
|
|
305
305
|
current_claims["exp"] = just_now + account_data.get("access-max-age")
|
|
306
306
|
# may raise an exception
|
|
307
307
|
access_token: str = jwt.encode(payload=current_claims,
|
|
308
|
-
key=JwtConfig.ENCODING_KEY
|
|
309
|
-
algorithm=JwtConfig.DEFAULT_ALGORITHM
|
|
308
|
+
key=JwtConfig.ENCODING_KEY,
|
|
309
|
+
algorithm=JwtConfig.DEFAULT_ALGORITHM,
|
|
310
310
|
headers={"kid": f"A{token_id}"})
|
|
311
311
|
# return the token data
|
|
312
312
|
return {
|
|
@@ -438,7 +438,7 @@ class JwtRegistry:
|
|
|
438
438
|
JwtDbConfig.COL_ACCOUNT: account_id,
|
|
439
439
|
JwtDbConfig.COL_TOKEN: jwt_token,
|
|
440
440
|
JwtDbConfig.COL_ALGORITHM:
|
|
441
|
-
JwtConfig.DEFAULT_ALGORITHM
|
|
441
|
+
JwtConfig.DEFAULT_ALGORITHM,
|
|
442
442
|
JwtDbConfig.COL_DECODER:
|
|
443
443
|
b64encode(s=JwtConfig.DECODING_KEY.value).decode()
|
|
444
444
|
},
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|