python3-commons 0.19.0__py3-none-any.whl → 0.20.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- python3_commons/auth.py +34 -17
- {python3_commons-0.19.0.dist-info → python3_commons-0.20.0.dist-info}/METADATA +2 -2
- {python3_commons-0.19.0.dist-info → python3_commons-0.20.0.dist-info}/RECORD +7 -7
- {python3_commons-0.19.0.dist-info → python3_commons-0.20.0.dist-info}/WHEEL +0 -0
- {python3_commons-0.19.0.dist-info → python3_commons-0.20.0.dist-info}/licenses/AUTHORS.rst +0 -0
- {python3_commons-0.19.0.dist-info → python3_commons-0.20.0.dist-info}/licenses/LICENSE +0 -0
- {python3_commons-0.19.0.dist-info → python3_commons-0.20.0.dist-info}/top_level.txt +0 -0
python3_commons/auth.py
CHANGED
|
@@ -16,8 +16,6 @@ except ImportError as e:
|
|
|
16
16
|
|
|
17
17
|
import msgspec
|
|
18
18
|
|
|
19
|
-
from python3_commons.conf import oidc_settings
|
|
20
|
-
|
|
21
19
|
logger = logging.getLogger(__name__)
|
|
22
20
|
_OIDC_LOCK = threading.Lock()
|
|
23
21
|
|
|
@@ -81,20 +79,24 @@ class OIDCClient:
|
|
|
81
79
|
timeout: float = 10.0,
|
|
82
80
|
verify_ssl: bool = True,
|
|
83
81
|
connection_limit: int = 100,
|
|
82
|
+
authority_internal_host: HttpUrl | None = None,
|
|
84
83
|
) -> None:
|
|
85
|
-
if
|
|
86
|
-
authority_url = replace_origin(authority_url,
|
|
84
|
+
if authority_internal_host:
|
|
85
|
+
authority_url = replace_origin(authority_url, authority_internal_host)
|
|
87
86
|
|
|
88
87
|
self._authority_url = authority_url
|
|
88
|
+
self._authority_internal_host = authority_internal_host
|
|
89
89
|
self._client_id = client_id
|
|
90
90
|
self._client_secret = client_secret
|
|
91
|
-
self._oidc_config: Mapping[str, Any] | None = None
|
|
92
91
|
|
|
93
92
|
self._connection_limit = connection_limit
|
|
94
93
|
self._session: aiohttp.ClientSession | None = None
|
|
95
94
|
self._timeout = timeout
|
|
96
95
|
self._verify_ssl = verify_ssl
|
|
97
96
|
|
|
97
|
+
self._config: Mapping[str, Any] | None = None
|
|
98
|
+
self._jwks: Mapping[str, Any] | None = None
|
|
99
|
+
|
|
98
100
|
def get_session(self) -> aiohttp.ClientSession:
|
|
99
101
|
if self._session:
|
|
100
102
|
return self._session
|
|
@@ -119,7 +121,7 @@ class OIDCClient:
|
|
|
119
121
|
if self._session:
|
|
120
122
|
await self._session.close()
|
|
121
123
|
|
|
122
|
-
async def
|
|
124
|
+
async def _fetch_config(self) -> dict:
|
|
123
125
|
"""
|
|
124
126
|
Fetch the OpenID configuration (including JWKS URI) from OIDC authority.
|
|
125
127
|
"""
|
|
@@ -139,7 +141,20 @@ class OIDCClient:
|
|
|
139
141
|
|
|
140
142
|
return await response.json()
|
|
141
143
|
|
|
142
|
-
async def
|
|
144
|
+
async def get_config(self) -> Mapping[str, Any]:
|
|
145
|
+
if self._config:
|
|
146
|
+
return self._config
|
|
147
|
+
|
|
148
|
+
with _OIDC_LOCK:
|
|
149
|
+
if self._config:
|
|
150
|
+
return self._config
|
|
151
|
+
|
|
152
|
+
config = await self._fetch_config()
|
|
153
|
+
self._config = config
|
|
154
|
+
|
|
155
|
+
return config
|
|
156
|
+
|
|
157
|
+
async def _fetch_jwks(self, jwks_uri: str) -> dict:
|
|
143
158
|
"""
|
|
144
159
|
Fetch the JSON Web Key Set (JWKS) for validating the token's signature.
|
|
145
160
|
"""
|
|
@@ -147,7 +162,7 @@ class OIDCClient:
|
|
|
147
162
|
msg = 'ClientSession not initialized'
|
|
148
163
|
raise RuntimeError(msg)
|
|
149
164
|
|
|
150
|
-
if authority_internal_host :=
|
|
165
|
+
if authority_internal_host := self._authority_internal_host:
|
|
151
166
|
logger.debug('Received jwks_uri: %s', jwks_uri)
|
|
152
167
|
logger.debug('Replacing OIDC authority host with: %s', authority_internal_host)
|
|
153
168
|
jwks_uri = str(replace_origin(HttpUrl(jwks_uri), authority_internal_host))
|
|
@@ -161,18 +176,20 @@ class OIDCClient:
|
|
|
161
176
|
|
|
162
177
|
return await response.json()
|
|
163
178
|
|
|
164
|
-
async def
|
|
165
|
-
if self.
|
|
166
|
-
return self.
|
|
179
|
+
async def get_jwks(self) -> Mapping[str, Any]:
|
|
180
|
+
if self._jwks:
|
|
181
|
+
return self._jwks
|
|
167
182
|
|
|
168
183
|
with _OIDC_LOCK:
|
|
169
|
-
if self.
|
|
170
|
-
return self.
|
|
184
|
+
if self._jwks:
|
|
185
|
+
return self._jwks
|
|
186
|
+
|
|
187
|
+
oidc_config = await self.get_config()
|
|
171
188
|
|
|
172
|
-
|
|
173
|
-
self.
|
|
189
|
+
jwks = await self._fetch_jwks(oidc_config['jwks_uri'])
|
|
190
|
+
self._jwks = jwks
|
|
174
191
|
|
|
175
|
-
return
|
|
192
|
+
return jwks
|
|
176
193
|
|
|
177
194
|
async def fetch_token(
|
|
178
195
|
self,
|
|
@@ -196,7 +213,7 @@ class OIDCClient:
|
|
|
196
213
|
if self._client_secret:
|
|
197
214
|
data['client_secret'] = self._client_secret
|
|
198
215
|
|
|
199
|
-
openid_config = await self.
|
|
216
|
+
openid_config = await self.get_config()
|
|
200
217
|
|
|
201
218
|
try:
|
|
202
219
|
async with self._session.post(
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: python3-commons
|
|
3
|
-
Version: 0.
|
|
3
|
+
Version: 0.20.0
|
|
4
4
|
Summary: Re-usable Python3 code
|
|
5
5
|
Author-email: Oleg Korsak <kamikaze.is.waiting.you@gmail.com>
|
|
6
6
|
License-Expression: GPL-3.0
|
|
@@ -36,7 +36,7 @@ Provides-Extra: cache
|
|
|
36
36
|
Requires-Dist: valkey[libvalkey]~=6.1.1; extra == "cache"
|
|
37
37
|
Provides-Extra: database
|
|
38
38
|
Requires-Dist: asyncpg~=0.31.0; extra == "database"
|
|
39
|
-
Requires-Dist: SQLAlchemy[asyncio]~=2.0.
|
|
39
|
+
Requires-Dist: SQLAlchemy[asyncio]~=2.0.50; extra == "database"
|
|
40
40
|
Provides-Extra: object-storage
|
|
41
41
|
Requires-Dist: aiobotocore~=3.7.0; extra == "object-storage"
|
|
42
42
|
Requires-Dist: object-storage-client==0.0.30; extra == "object-storage"
|
|
@@ -2,7 +2,7 @@ python3_commons/__init__.py,sha256=0KgaYU46H_IMKn-BuasoRN3C4Hi45KlkHHoPbU9cwiA,1
|
|
|
2
2
|
python3_commons/api_client.py,sha256=yerFJNY_SHhYo9FGLv29oHVIGgeXDNzTzMNfFYZpZ0w,5501
|
|
3
3
|
python3_commons/async_functools.py,sha256=A2HvwFzZHxOWTp4IQM5UiBY2yg1S_0U1CWra5BWK0gk,9101
|
|
4
4
|
python3_commons/audit.py,sha256=uGoCwenDJ0Gdwbr_VNOZm5scT8luxW1weprJbbMoHo0,2608
|
|
5
|
-
python3_commons/auth.py,sha256=
|
|
5
|
+
python3_commons/auth.py,sha256=iN5Iu8yDk2ClPjQuyxDudWICnjX6gt8dOw5e0kXoRdc,7657
|
|
6
6
|
python3_commons/cache.py,sha256=lowiXJqFgFy1Yg86wi9IhuoNqIUGP6nc5eNibmf0dfY,8018
|
|
7
7
|
python3_commons/conf.py,sha256=5WzGLwCixc5SMdWvq3j4YBcytqYwcTcCJkFzSPp8fK4,2984
|
|
8
8
|
python3_commons/exceptions.py,sha256=EGjHZVBnsM6CeBfPMqhL0IPMKjDJ_2-Z-aSPXwq91LE,36
|
|
@@ -27,9 +27,9 @@ python3_commons/serializers/common.py,sha256=VkA7C6wODvHk0QBXVX_x2JieDstihx3U__U
|
|
|
27
27
|
python3_commons/serializers/json.py,sha256=UPkC3ps13x2C_NxwVV-K7Ewp4VjkVHSSUkJVw5k7Wiw,712
|
|
28
28
|
python3_commons/serializers/msgpack.py,sha256=zESFBX34GsZ8rDu6Zk5V6CLT6P0mPilU0r04Ka6TblI,1474
|
|
29
29
|
python3_commons/serializers/msgspec.py,sha256=upy5CBmK66-8hYnK5bAM_sZvZY5CAqZmzCw9GIF346I,2988
|
|
30
|
-
python3_commons-0.
|
|
31
|
-
python3_commons-0.
|
|
32
|
-
python3_commons-0.
|
|
33
|
-
python3_commons-0.
|
|
34
|
-
python3_commons-0.
|
|
35
|
-
python3_commons-0.
|
|
30
|
+
python3_commons-0.20.0.dist-info/licenses/AUTHORS.rst,sha256=3R9JnfjfjH5RoPWOeqKFJgxVShSSfzQPIrEr1nxIo9Q,90
|
|
31
|
+
python3_commons-0.20.0.dist-info/licenses/LICENSE,sha256=xxILuojHm4fKQOrMHPSslbyy6WuKAN2RiG74HbrYfzM,34575
|
|
32
|
+
python3_commons-0.20.0.dist-info/METADATA,sha256=LbLpc_NPqyj1HQSCDciYLcfOk31s8RWj942uXvrrCis,2333
|
|
33
|
+
python3_commons-0.20.0.dist-info/WHEEL,sha256=aeYiig01lYGDzBgS8HxWXOg3uV61G9ijOsup-k9o1sk,91
|
|
34
|
+
python3_commons-0.20.0.dist-info/top_level.txt,sha256=lJI6sCBf68eUHzupCnn2dzG10lH3jJKTWM_hrN1cQ7M,16
|
|
35
|
+
python3_commons-0.20.0.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|