PyPI - usso - Versions diffs - 0.24.10__tar.gz → 0.24.12__tar.gz - Mend

usso 0.24.10tar.gz → 0.24.12tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (29) hide show

{usso-0.24.10/src/usso.egg-info → usso-0.24.12}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: usso
-Version: 0.24.10
+Version: 0.24.12
 Summary: A plug-and-play client for integrating universal single sign-on (SSO) with Python frameworks, enabling secure and seamless authentication across microservices.
 Author-email: Mahdi Kiani <mahdikiany@gmail.com>
 Maintainer-email: Mahdi Kiani <mahdikiany@gmail.com>
@@ -43,13 +43,14 @@ Requires-Python: >=3.9
 Description-Content-Type: text/markdown
 License-File: LICENSE.txt
 Requires-Dist: peppercorn
-Requires-Dist: pydantic>=1.8.2
+Requires-Dist: pydantic>=2
 Requires-Dist: requests>=2.26.0
 Requires-Dist: pyjwt[crypto]
 Requires-Dist: singleton_package
 Provides-Extra: fastapi
 Requires-Dist: fastapi>=0.65.0; extra == "fastapi"
 Requires-Dist: uvicorn[standard]>=0.13.0; extra == "fastapi"
+Requires-Dist: cachetools; extra == "fastapi"
 Provides-Extra: django
 Requires-Dist: Django>=3.2; extra == "django"
 Provides-Extra: dev

{usso-0.24.10 → usso-0.24.12}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "usso"
-version = "0.24.10"
+version = "0.24.12"
 description = "A plug-and-play client for integrating universal single sign-on (SSO) with Python frameworks, enabling secure and seamless authentication across microservices."
 readme = "README.md"
 requires-python = ">=3.9"
@@ -29,12 +29,12 @@ classifiers = [
 ]
 dependencies = [
   "peppercorn",  # Example main dependency
-  "pydantic>=1.8.2",
+  "pydantic>=2",
   "requests>=2.26.0",
   "pyjwt[crypto]",
-  "singleton_package"
+  "singleton_package",
 ]
-optional-dependencies = {"fastapi" = ["fastapi>=0.65.0", "uvicorn[standard]>=0.13.0"],"django" = ["Django>=3.2"],"dev" = ["check-manifest"],"test" = ["coverage"]}
+optional-dependencies = {"fastapi" = ["fastapi>=0.65.0", "uvicorn[standard]>=0.13.0", "cachetools"],"django" = ["Django>=3.2"],"dev" = ["check-manifest"],"test" = ["coverage"]}
 [project.urls]
 "Homepage" = "https://github.com/ussoio/usso-python"

{usso-0.24.10 → usso-0.24.12}/src/usso/async_session.py RENAMED Viewed

@@ -1,21 +1,51 @@
 from contextlib import asynccontextmanager
-from datetime import datetime
+from datetime import datetime, timedelta
 import aiohttp
 import jwt
 class AsyncUssoSession:
-    def __init__(self, sso_refresh_url: str, refresh_token: str | None = None):
+    def __init__(
+        self,
+        sso_refresh_url: str,
+        refresh_token: str | None = None,
+        api_key: str | None = None,
+    ):
         self.sso_refresh_url = sso_refresh_url
-        self.refresh_token = refresh_token
+        self._refresh_token = refresh_token
         self.access_token = None
         self.session = None  # This will hold the aiohttp session
+        self.api_key = api_key
+    @property
+    def refresh_token(self):
+        decoded_token = jwt.decode(
+            self._refresh_token, options={"verify_signature": False}
+        )
+        exp = decoded_token.get("exp", datetime.now() + timedelta(days=1))
+        if exp < datetime.now():
+            self._refresh_token = None
+        return self._refresh_token
+    async def _refresh_api(self):
+        async with aiohttp.ClientSession() as session:
+            async with session.get(
+                f"{self.sso_refresh_url}/api",
+                headers={"x-api-key": self.api_key},
+            ) as response:
+                response.raise_for_status()
+                data: dict = await response.json()
+                self._refresh_token = data.get("token", {}).get("refresh_token")
     async def _refresh(self):
-        if not self.refresh_token:
+        if not self.refresh_token and not self.api_key:
             raise ValueError("Refresh token not provided or invalid.")
+        if self.api_key and not self.refresh_token:
+            self._refresh_api()
         async with aiohttp.ClientSession() as session:
             async with session.post(
                 self.sso_refresh_url,

{usso-0.24.10 → usso-0.24.12}/src/usso/core.py RENAMED Viewed

@@ -64,23 +64,11 @@ class Usso(metaclass=Singleton):
         scheme, _, param = authorization_header_value.partition(" ")
         return scheme, param
-    def user_data_from_token(self, token: str, **kwargs) -> UserData | None:
-        """Return the user associated with a token value."""
+    def decode_token(self, key, token: str, **kwargs) -> dict:
         try:
-            # header = jwt.get_unverified_header(token)
-            # jwks_url = header["jwk_url"]
-            jwks_client = self.get_jwks_keys()
-            signing_key = jwks_client.get_signing_key_from_jwt(token)
-            decoded = jwt.decode(
-                token,
-                signing_key.key,
-                algorithms=["RS256"],
-            )
+            decoded = jwt.decode(token, key, algorithms=["RS256"])
             if decoded["token_type"] != "access":
-                raise USSOException(
-                    status_code=401,
-                    error="invalid_token_type",
-                )
+                raise USSOException(status_code=401, error="invalid_token_type")
             decoded["token"] = token
             return UserData(**decoded)
         except jwt.exceptions.ExpiredSignatureError:
@@ -91,31 +79,30 @@ class Usso(metaclass=Singleton):
                 raise USSOException(status_code=401, error="invalid_signature")
         except jwt.exceptions.InvalidAlgorithmError:
             if kwargs.get("raise_exception", True):
-                raise USSOException(
-                    status_code=401,
-                    error="invalid_algorithm",
-                )
+                raise USSOException(status_code=401, error="invalid_algorithm")
         except jwt.exceptions.InvalidIssuedAtError:
             if kwargs.get("raise_exception", True):
-                raise USSOException(
-                    status_code=401,
-                    error="invalid_issued_at",
-                )
+                raise USSOException(status_code=401, error="invalid_issued_at")
         except jwt.exceptions.InvalidTokenError:
             if kwargs.get("raise_exception", True):
-                raise USSOException(
-                    status_code=401,
-                    error="invalid_token",
-                )
+                raise USSOException(status_code=401, error="invalid_token")
         except jwt.exceptions.InvalidKeyError:
             if kwargs.get("raise_exception", True):
-                raise USSOException(
-                    status_code=401,
-                    error="invalid_key",
-                )
+                raise USSOException(status_code=401, error="invalid_key")
         except USSOException as e:
             if kwargs.get("raise_exception", True):
                 raise e
+        except Exception as e:
+            if kwargs.get("raise_exception", True):
+                raise USSOException(status_code=401, error="error", message=str(e))
+            logger.error(e)
+    def user_data_from_token(self, token: str, **kwargs) -> UserData | None:
+        """Return the user associated with a token value."""
+        try:
+            jwks_client = self.get_jwks_keys()
+            signing_key = jwks_client.get_signing_key_from_jwt(token)
+            return self.decode_token(signing_key.key, token, **kwargs)
         except Exception as e:
             if kwargs.get("raise_exception", True):
                 raise USSOException(

{usso-0.24.10 → usso-0.24.12}/src/usso/fastapi/auth_middleware.py RENAMED Viewed

@@ -73,15 +73,45 @@ class Usso:
         scheme, _, param = authorization_header_value.partition(" ")
         return scheme, param
+    def decode_token(self, key, token: str, **kwargs) -> dict:
+        try:
+            decoded = jwt.decode(token, key, algorithms=["RS256"])
+            if decoded["token_type"] != "access":
+                raise USSOException(status_code=401, error="invalid_token_type")
+            decoded["token"] = token
+            return UserData(**decoded)
+        except jwt.exceptions.ExpiredSignatureError:
+            if kwargs.get("raise_exception", True):
+                raise USSOException(status_code=401, error="expired_signature")
+        except jwt.exceptions.InvalidSignatureError:
+            if kwargs.get("raise_exception", True):
+                raise USSOException(status_code=401, error="invalid_signature")
+        except jwt.exceptions.InvalidAlgorithmError:
+            if kwargs.get("raise_exception", True):
+                raise USSOException(status_code=401, error="invalid_algorithm")
+        except jwt.exceptions.InvalidIssuedAtError:
+            if kwargs.get("raise_exception", True):
+                raise USSOException(status_code=401, error="invalid_issued_at")
+        except jwt.exceptions.InvalidTokenError:
+            if kwargs.get("raise_exception", True):
+                raise USSOException(status_code=401, error="invalid_token")
+        except jwt.exceptions.InvalidKeyError:
+            if kwargs.get("raise_exception", True):
+                raise USSOException(status_code=401, error="invalid_key")
+        except USSOException as e:
+            if kwargs.get("raise_exception", True):
+                raise e
+        except Exception as e:
+            if kwargs.get("raise_exception", True):
+                raise USSOException(status_code=401, error="error", message=str(e))
+            logger.error(e)
     def user_data_from_token(self, token: str, **kwargs) -> UserData | None:
         """Return the user associated with a token value."""
         try:
             decoded = self.jwk_url.decode(token)
             if decoded["token_type"] != "access":
-                raise USSOException(
-                    status_code=401,
-                    error="invalid_token_type",
-                )
+                raise USSOException(status_code=401, error="invalid_token_type")
             decoded["token"] = token
             return UserData(**decoded)
         except jwt.exceptions.ExpiredSignatureError:
@@ -92,45 +122,25 @@ class Usso:
                 raise USSOException(status_code=401, error="invalid_signature")
         except jwt.exceptions.InvalidAlgorithmError:
             if kwargs.get("raise_exception", True):
-                raise USSOException(
-                    status_code=401,
-                    error="invalid_algorithm",
-                )
+                raise USSOException(status_code=401, error="invalid_algorithm")
         except jwt.exceptions.InvalidIssuedAtError:
             if kwargs.get("raise_exception", True):
-                raise USSOException(
-                    status_code=401,
-                    error="invalid_issued_at",
-                )
+                raise USSOException(status_code=401, error="invalid_issued_at")
         except jwt.exceptions.InvalidTokenError:
             if kwargs.get("raise_exception", True):
-                raise USSOException(
-                    status_code=401,
-                    error="invalid_token",
-                )
+                raise USSOException(status_code=401, error="invalid_token")
         except jwt.exceptions.InvalidKeyError:
             if kwargs.get("raise_exception", True):
-                raise USSOException(
-                    status_code=401,
-                    error="invalid_key",
-                )
+                raise USSOException(status_code=401, error="invalid_key")
         except KeyError as e:
             if kwargs.get("raise_exception", True):
-                raise USSOException(
-                    status_code=401,
-                    error="key_error",
-                    message=str(e),
-                )
+                raise USSOException(status_code=401, error="key_error", message=str(e))
         except USSOException as e:
             if kwargs.get("raise_exception", True):
                 raise e
         except Exception as e:
             if kwargs.get("raise_exception", True):
-                raise USSOException(
-                    status_code=401,
-                    error="error",
-                    message=str(e),
-                )
+                raise USSOException(status_code=401, error="error", message=str(e))
             logger.error(e)
     async def jwt_access_security(self, request: Request) -> UserData | None:

usso-0.24.12/src/usso/session.py ADDED Viewed

@@ -0,0 +1,68 @@
+from datetime import datetime, timedelta
+import jwt
+import requests
+class UssoSession:
+    def __init__(
+        self,
+        sso_refresh_url: str,
+        refresh_token: str | None = None,
+        api_key: str | None = None,
+    ):
+        self.sso_refresh_url = sso_refresh_url
+        self._refresh_token = refresh_token
+        self.session = requests.Session()
+        self.access_token = None
+        self.api_key = api_key
+    @property
+    def refresh_token(self):
+        decoded_token = jwt.decode(
+            self._refresh_token, options={"verify_signature": False}
+        )
+        exp = decoded_token.get("exp", datetime.now() + timedelta(days=1))
+        if exp < datetime.now():
+            self._refresh_token = None
+        return self._refresh_token
+    def _refresh_api(self):
+        response = requests.get(
+            f"{self.sso_refresh_url}/api",
+            headers={"x-api-key": self.api_key},
+        )
+        response.raise_for_status()
+        data = response.json()
+        self._refresh_token = data.get("token", {}).get("refresh_token")
+    def _refresh(self):
+        if not self.refresh_token and not self.api_key:
+            return
+        if self.api_key and not self.refresh_token:
+            self._refresh_api()
+        response = requests.post(
+            self.sso_refresh_url,
+            json={"refresh_token": f"{self.refresh_token}"},
+        )
+        response.raise_for_status()
+        return response.json()
+    def get_session(self):
+        if self.access_token:
+            decoded_token = jwt.decode(
+                self.access_token, options={"verify_signature": False}
+            )
+            exp = datetime.fromtimestamp(decoded_token.get("exp"))
+            if exp < datetime.now():
+                self.access_token = None
+        if not self.access_token:
+            self.access_token = self._refresh()["access_token"]
+            self.session.headers.update(
+                {"Authorization": f"Bearer {self.access_token}"}
+            )
+        return self.session

{usso-0.24.10 → usso-0.24.12/src/usso.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: usso
-Version: 0.24.10
+Version: 0.24.12
 Summary: A plug-and-play client for integrating universal single sign-on (SSO) with Python frameworks, enabling secure and seamless authentication across microservices.
 Author-email: Mahdi Kiani <mahdikiany@gmail.com>
 Maintainer-email: Mahdi Kiani <mahdikiany@gmail.com>
@@ -43,13 +43,14 @@ Requires-Python: >=3.9
 Description-Content-Type: text/markdown
 License-File: LICENSE.txt
 Requires-Dist: peppercorn
-Requires-Dist: pydantic>=1.8.2
+Requires-Dist: pydantic>=2
 Requires-Dist: requests>=2.26.0
 Requires-Dist: pyjwt[crypto]
 Requires-Dist: singleton_package
 Provides-Extra: fastapi
 Requires-Dist: fastapi>=0.65.0; extra == "fastapi"
 Requires-Dist: uvicorn[standard]>=0.13.0; extra == "fastapi"
+Requires-Dist: cachetools; extra == "fastapi"
 Provides-Extra: django
 Requires-Dist: Django>=3.2; extra == "django"
 Provides-Extra: dev

{usso-0.24.10 → usso-0.24.12}/src/usso.egg-info/requires.txt RENAMED Viewed

@@ -1,5 +1,5 @@
 peppercorn
-pydantic>=1.8.2
+pydantic>=2
 requests>=2.26.0
 pyjwt[crypto]
 singleton_package
@@ -13,6 +13,7 @@ Django>=3.2
 [fastapi]
 fastapi>=0.65.0
 uvicorn[standard]>=0.13.0
+cachetools
 [test]
 coverage

usso-0.24.10/src/usso/session.py DELETED Viewed

@@ -1,38 +0,0 @@
-from datetime import datetime
-import jwt
-import requests
-class UssoSession:
-    def __init__(self, sso_refresh_url: str, refresh_token: str | None = None):
-        self.sso_refresh_url = sso_refresh_url
-        self.refresh_token = refresh_token
-        self.session = requests.Session()
-        self.access_token = None
-    def _refresh(self):
-        if not self.refresh_token:
-            return
-        response = requests.post(
-            self.sso_refresh_url,
-            json={"refresh_token": f"{self.refresh_token}"},
-        )
-        response.raise_for_status()
-        return response.json()
-    def get_session(self):
-        if self.access_token:
-            decoded_token = jwt.decode(
-                self.access_token, options={"verify_signature": False}
-            )
-            exp = datetime.fromtimestamp(decoded_token.get("exp"))
-            if exp < datetime.now():
-                self.access_token = None
-        if not self.access_token:
-            self.access_token = self._refresh()["access_token"]
-            self.session.headers.update(
-                {"Authorization": f"Bearer {self.access_token}"}
-            )
-        return self.session