PyPI - skyplatform-iam - Versions diffs - 1.0.5__tar.gz → 1.2.0__tar.gz - Mend

skyplatform-iam 1.0.5tar.gz → 1.2.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

{skyplatform_iam-1.0.5 → skyplatform_iam-1.2.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: skyplatform-iam
-Version: 1.0.5
+Version: 1.2.0
 Summary: SkyPlatform IAM认证SDK，提供FastAPI中间件和认证路由
 Project-URL: Homepage, https://github.com/xinmayoujiang12621/agenterra_iam
 Project-URL: Documentation, https://skyplatform-iam.readthedocs.io/

{skyplatform_iam-1.0.5 → skyplatform_iam-1.2.0}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 [project]
 name = "skyplatform-iam"
-version = "1.0.5"
+version = "1.2.0"
 authors = [
   { name="x9", email="xuanxienanxunmobao@gmail.com" },
 ]

skyplatform_iam-1.2.0/skyplatform_iam/__init__.py ADDED Viewed

@@ -0,0 +1,161 @@
+"""
+SkyPlatform IAM SDK
+提供FastAPI认证中间件和IAM服务连接功能
+"""
+from .config import AuthConfig
+from .middleware import AuthMiddleware, AuthService, setup_auth_middleware, get_current_user, get_optional_user
+from .connect_agenterra_iam import ConnectAgenterraIam
+from .exceptions import (
+    SkyPlatformAuthException,
+    AuthenticationError,
+    AuthorizationError,
+    TokenExpiredError,
+    TokenInvalidError,
+    ConfigurationError,
+    IAMServiceError,
+    NetworkError
+)
+__version__ = "1.2.0"
+__author__ = "x9"
+__description__ = "SkyPlatform IAM认证SDK，提供FastAPI中间件和IAM服务连接功能"
+# 全局IAM客户端实例
+_global_iam_client = None
+# 导出主要类和函数
+__all__ = [
+    # 配置
+    "AuthConfig",
+    # 中间件
+    "AuthMiddleware",
+    "AuthService",
+    "setup_auth_middleware",
+    "get_current_user",
+    "get_optional_user",
+    # 客户端
+    "ConnectAgenterraIam",
+    "get_iam_client",
+    # 异常
+    "SkyPlatformAuthException",
+    "AuthenticationError",
+    "AuthorizationError",
+    "TokenExpiredError",
+    "TokenInvalidError",
+    "ConfigurationError",
+    "IAMServiceError",
+    "NetworkError",
+    # 版本信息
+    "__version__",
+    "__author__",
+    "__description__"
+]
+def create_auth_middleware(config: AuthConfig = None, **kwargs) -> AuthMiddleware:
+    """
+    创建认证中间件的便捷函数
+    Args:
+        config: 认证配置，如果为None则从环境变量创建
+        **kwargs: 其他中间件参数
+    Returns:
+        AuthMiddleware: 认证中间件实例
+    Note:
+        此函数用于创建中间件实例，用于请求拦截和鉴权。
+        客户端应用需要自己实现具体的业务接口。
+    """
+    if config is None:
+        config = AuthConfig.from_env()
+    return AuthMiddleware(config=config, **kwargs)
+def init_skyplatform_iam(app, config: AuthConfig = None):
+    """
+    一键设置认证中间件的便捷函数
+    Args:
+        app: FastAPI应用实例
+        config: 认证配置，如果为None则从环境变量创建
+    Returns:
+        AuthMiddleware: 认证中间件实例
+    Note:
+        此函数只设置认证中间件，不包含预制路由。
+        客户端应用需要根据业务需求自己实现认证相关的API接口。
+        建议传入完整的AuthConfig对象以避免环境变量配置问题。
+    """
+    if config is None:
+        config = AuthConfig.from_env()
+    # 验证配置的完整性
+    config.validate_config()
+    # 初始化全局认证服务
+    setup_auth_middleware(config)
+    # 添加中间件
+    middleware = AuthMiddleware(app=app, config=config)
+    app.add_middleware(AuthMiddleware, config=config)
+    return middleware
+def get_iam_client(config: AuthConfig = None) -> ConnectAgenterraIam:
+    """
+    获取全局IAM客户端实例
+    Args:
+        config: 认证配置，如果为None则从环境变量创建
+    Returns:
+        ConnectAgenterraIam: IAM客户端实例
+    Note:
+        此函数使用单例模式，确保整个应用中只有一个IAM客户端实例。
+        第一次调用时会创建实例，后续调用会返回同一个实例。
+        如果需要更新配置，可以传入新的config参数。
+    Example:
+        # 使用默认配置（从环境变量）
+        iam_client = get_iam_client()
+        # 使用自定义配置
+        config = AuthConfig(
+            agenterra_iam_host="https://iam.example.com",
+            server_name="my_server",
+            access_key="my_access_key"
+        )
+        iam_client = get_iam_client(config)
+        # 调用IAM服务方法
+        result = iam_client.register(
+            cred_type="username",
+            cred_value="test_user",
+            password="password123"
+        )
+    """
+    global _global_iam_client
+    # 如果传入了新的配置，或者实例不存在，则创建/更新实例
+    if config is not None:
+        if _global_iam_client is None:
+            _global_iam_client = ConnectAgenterraIam(config=config)
+        else:
+            # 重新加载配置
+            _global_iam_client.reload_config(config)
+    elif _global_iam_client is None:
+        # 使用默认配置创建实例
+        default_config = AuthConfig.from_env()
+        _global_iam_client = ConnectAgenterraIam(config=default_config)
+    return _global_iam_client

skyplatform_iam-1.2.0/skyplatform_iam/config.py ADDED Viewed

@@ -0,0 +1,153 @@
+"""
+SkyPlatform IAM SDK 配置模块
+"""
+import logging
+import os
+import fnmatch
+from typing import List, Optional, Dict
+import jwt
+from pydantic import BaseModel, Field
+from dotenv import load_dotenv
+# 加载环境变量
+load_dotenv()
+logger = logging.getLogger(__name__)
+class AuthConfig(BaseModel):
+    """
+    认证配置类
+    支持环境变量和代码配置
+    """
+    # IAM服务配置
+    agenterra_iam_host: str
+    server_name: str
+    access_key: str
+    machine_token: str
+    # Token配置
+    token_header: str = "Authorization"
+    token_prefix: str = "Bearer "
+    # 错误处理配置
+    enable_debug: bool = False
+    # 白名单路径配置（实例变量）
+    whitelist_paths: List[str] = Field(default_factory=list)
+    class Config:
+        env_prefix = "AGENTERRA_"
+    @classmethod
+    def from_env(cls) -> "AuthConfig":
+        """
+        从环境变量创建配置
+        """
+        return cls(
+            agenterra_iam_host=os.environ.get('AGENTERRA_IAM_HOST', ''),
+            server_name=os.environ.get('AGENTERRA_SERVER_NAME', ''),
+            access_key=os.environ.get('AGENTERRA_ACCESS_KEY', ''),
+            enable_debug=os.environ.get('AGENTERRA_ENABLE_DEBUG', 'false').lower() == 'true',
+            machine_token=os.environ.get('MACHINE_TOKEN', ''),
+            whitelist_paths=[]  # 初始化空的白名单路径列表
+        )
+    def validate_config(self) -> bool:
+        """
+        验证配置是否完整
+        """
+        required_fields = ['agenterra_iam_host', 'server_name', 'access_key']
+        for field in required_fields:
+            if not getattr(self, field):
+                raise ValueError(f"配置项 {field} 不能为空")
+        return True
+    def _normalize_path(self, path: str) -> str:
+        """
+        标准化路径格式
+        """
+        if not path:
+            return path
+        # 确保路径以 / 开头
+        if not path.startswith('/'):
+            path = '/' + path
+        # 移除重复的斜杠
+        while '//' in path:
+            path = path.replace('//', '/')
+        return path
+    def add_whitelist_path(self, path: str) -> None:
+        """
+        添加白名单路径
+        """
+        if not path:
+            return
+        normalized_path = self._normalize_path(path)
+        if normalized_path not in self.whitelist_paths:
+            self.whitelist_paths.append(normalized_path)
+    def add_whitelist_paths(self, paths: List[str]) -> None:
+        """
+        批量添加白名单路径
+        """
+        for path in paths:
+            self.add_whitelist_path(path)
+    def remove_whitelist_path(self, path: str) -> None:
+        """
+        移除白名单路径
+        """
+        if not path:
+            return
+        normalized_path = self._normalize_path(path)
+        if normalized_path in self.whitelist_paths:
+            self.whitelist_paths.remove(normalized_path)
+    def clear_whitelist_paths(self) -> None:
+        """
+        清空所有白名单路径
+        """
+        self.whitelist_paths.clear()
+    def get_whitelist_paths(self) -> List[str]:
+        """
+        获取所有白名单路径
+        """
+        return self.whitelist_paths.copy()
+    def is_path_whitelisted(self, path: str) -> bool:
+        """
+        检查路径是否在白名单中（支持通配符匹配）
+        """
+        if not path:
+            return False
+        normalized_path = self._normalize_path(path)
+        for whitelist_path in self.whitelist_paths:
+            # 支持通配符匹配
+            if fnmatch.fnmatch(normalized_path, whitelist_path):
+                return True
+        return False
+def decode_jwt_token(token: str) -> Optional[Dict]:
+    """直接解析JWT token获取payload"""
+    try:
+        # 不验证签名，只解析payload（因为token已经通过verify_token验证过）
+        decoded_payload = jwt.decode(token, options={"verify_signature": False})
+        logger.debug(f"JWT token解析成功: {decoded_payload}")
+        return decoded_payload
+    except jwt.InvalidTokenError as e:
+        logger.error(f"JWT token解析失败: {str(e)}")
+        return None
+    except Exception as e:
+        logger.error(f"JWT token解析异常: {str(e)}")
+        return None

skyplatform-iam 1.0.5__tar.gz → 1.2.0__tar.gz

skyplatform-iam 1.0.5tar.gz → 1.2.0tar.gz