usso 0.26.1__py3-none-any.whl → 0.27.1__py3-none-any.whl

usso/core.py

@@ -1,53 +1,21 @@
 import json
 import logging
 import os
-import uuid
-from functools import lru_cache
+from datetime import datetime, timedelta
+from urllib.parse import urlparse
 
 import cachetools.func
 import jwt
+import requests
+from cachetools import TTLCache, cached
 from pydantic import BaseModel, model_validator
 
-from . import b64tools
 from .exceptions import USSOException
+from .schemas import UserData
 
 logger = logging.getLogger("usso")
 
 
-class UserData(BaseModel):
-    user_id: str
-    workspace_id: str | None = None
-    workspace_ids: list[str] = []
-    token_type: str = "access"
-
-    email: str | None = None
-    phone: str | None = None
-    username: str | None = None
-
-    authentication_method: str | None = None
-    is_active: bool = False
-
-    jti: str | None = None
-    data: dict | None = None
-
-    token: str | None = None
-
-    @property
-    def uid(self) -> uuid.UUID:
-        user_id = self.user_id
-
-        if user_id.startswith("u_"):
-            user_id = user_id[2:]
-        if 22 <= len(user_id) <= 24:
-            user_id = b64tools.b64_decode_uuid(user_id)
-
-        return uuid.UUID(user_id)
-
-    @property
-    def b64id(self) -> uuid.UUID:
-        return b64tools.b64_encode_uuid_strip(self.uid)
-
-
 def get_authorization_scheme_param(
     authorization_header_value: str | None,
 ) -> tuple[str, str]:
@@ -90,7 +58,15 @@ def decode_token(key, token: str, algorithms=["RS256"], **kwargs) -> dict:
         logger.error(e)
 
 
-@lru_cache
+def is_expired(token: str, **kwargs) -> bool:
+    now = datetime.now()
+    decoded_token: dict = jwt.decode(token, options={"verify_signature": False})
+    exp = decoded_token.get("exp", (now + timedelta(days=1)).timestamp())
+    exp = datetime.fromtimestamp(exp)
+    return exp >= now
+
+
+@cached(TTLCache(maxsize=128, ttl=10 * 60))
 def get_jwk_keys(jwk_url: str) -> jwt.PyJWKClient:
     return jwt.PyJWKClient(jwk_url, headers={"User-Agent": "usso-python"})
 
@@ -115,6 +91,15 @@ def decode_token_jwk(jwk_url: str, token: str, **kwargs) -> UserData | None:
         logger.error(e)
 
 
+@cached(TTLCache(maxsize=128, ttl=10 * 60))
+def get_api_key_data(jwk_url: str, api_key: str):
+    parsed = urlparse(jwk_url)
+    url = f"{parsed.scheme}://{parsed.netloc}/api_key/verify"
+    response = requests.post(url, json={"api_key": api_key})
+    response.raise_for_status()
+    return UserData(**response.json())
+
+
 class JWTConfig(BaseModel):
     jwk_url: str | None = None
     secret: str | None = None
@@ -147,7 +132,9 @@ class Usso:
     def __init__(
         self,
         *,
-        jwt_config: str | dict | JWTConfig | list[str] | list[dict] | list[JWTConfig] | None = None,
+        jwt_config: (
+            str | dict | JWTConfig | list[str] | list[dict] | list[JWTConfig] | None
+        ) = None,
         jwk_url: str | None = None,
         secret: str | None = None,
     ):
@@ -160,7 +147,7 @@ class Usso:
             if jwk_url:
                 self.jwt_configs = [JWTConfig(jwk_url=jwk_url)]
                 return
-            
+
             if not secret:
                 secret = os.getenv("USSO_SECRET")
             if secret:
@@ -216,3 +203,31 @@ class Usso:
                 status_code=401,
                 error="unauthorized",
             )
+
+    def user_data_api_key(self, api_key: str, **kwargs) -> UserData | None:
+        """get user data from auth server by api_key."""
+        for jwk_config in self.jwt_configs:
+            try:
+                user_data = jwk_config.decode(api_key)
+                if user_data.token_type.lower() != kwargs.get("token_type", "access"):
+                    raise USSOException(
+                        status_code=401,
+                        error="invalid_token_type",
+                        message="Token type must be 'access'",
+                    )
+
+                return user_data
+
+            except USSOException as e:
+                exp = e
+
+        if kwargs.get("raise_exception", True):
+            if exp:
+                raise exp
+            raise USSOException(
+                status_code=401,
+                error="unauthorized",
+            )
+
+    def user_data_from_api_key(self, api_key: str):
+        return get_api_key_data(self.jwt_configs[0].jwk_url, api_key)

usso/django/middleware.py

@@ -6,7 +6,6 @@ from django.db.utils import IntegrityError
 from django.http import JsonResponse
 from django.http.request import HttpRequest
 from django.utils.deprecation import MiddlewareMixin
-
 from usso import UserData, Usso, USSOException
 
 logger = logging.getLogger("usso")

usso/fastapi/integration.py

@@ -1,8 +1,8 @@
 import logging
 
-from fastapi import Request, WebSocket
 from starlette.status import HTTP_401_UNAUTHORIZED
 
+from fastapi import Request, WebSocket
 from usso.exceptions import USSOException
 
 from ..core import UserData, Usso, get_authorization_scheme_param
@@ -27,16 +27,26 @@ def get_request_token(request: Request | WebSocket) -> UserData | None:
     return token
 
 
-def jwt_access_security_None(request: Request, jwt_config = None) -> UserData | None:
+def jwt_access_security_None(request: Request, jwt_config=None) -> UserData | None:
     """Return the user associated with a token value."""
+    api_key = request.headers.get("x-api-key")
+    if api_key:
+        return Usso(jwt_config=jwt_config).user_data_from_api_key(api_key)
+
     token = get_request_token(request)
     if not token:
         return None
-    return Usso(jwt_config=jwt_config).user_data_from_token(token, raise_exception=False)
+    return Usso(jwt_config=jwt_config).user_data_from_token(
+        token, raise_exception=False
+    )
 
 
 def jwt_access_security(request: Request, jwt_config=None) -> UserData | None:
     """Return the user associated with a token value."""
+    api_key = request.headers.get("x-api-key")
+    if api_key:
+        return Usso(jwt_config=jwt_config).user_data_from_api_key(api_key)
+
     token = get_request_token(request)
     if not token:
         raise USSOException(
@@ -50,6 +60,10 @@ def jwt_access_security(request: Request, jwt_config=None) -> UserData | None:
 
 def jwt_access_security_ws(websocket: WebSocket, jwt_config=None) -> UserData | None:
     """Return the user associated with a token value."""
+    api_key = websocket.headers.get("x-api-key")
+    if api_key:
+        return Usso(jwt_config=jwt_config).user_data_from_api_key(api_key)
+
     token = get_request_token(websocket)
     if not token:
         raise USSOException(

usso/schemas.py

@@ -0,0 +1,39 @@
+import uuid
+
+from pydantic import BaseModel
+
+from . import b64tools
+
+
+class UserData(BaseModel):
+    user_id: str
+    workspace_id: str | None = None
+    workspace_ids: list[str] = []
+    token_type: str = "access"
+
+    email: str | None = None
+    phone: str | None = None
+    username: str | None = None
+
+    authentication_method: str | None = None
+    is_active: bool = False
+
+    jti: str | None = None
+    data: dict | None = None
+
+    token: str | None = None
+
+    @property
+    def uid(self) -> uuid.UUID:
+        user_id = self.user_id
+
+        if user_id.startswith("u_"):
+            user_id = user_id[2:]
+        if 22 <= len(user_id) <= 24:
+            user_id = b64tools.b64_decode_uuid(user_id)
+
+        return uuid.UUID(user_id)
+
+    @property
+    def b64id(self) -> uuid.UUID:
+        return b64tools.b64_encode_uuid_strip(self.uid)

usso/session/async_session.py

@@ -0,0 +1,65 @@
+import httpx
+
+from ..core import is_expired
+from .session import BaseUssoSession
+
+
+class AsyncUssoSession(httpx.AsyncClient, BaseUssoSession):
+    def __init__(
+        self,
+        usso_base_url: str | None = None,
+        api_key: str | None = None,
+        usso_refresh_url: str | None = None,
+        refresh_token: str | None = None,
+        usso_api_key: str | None = None,
+        user_id: str | None = None,
+    ):
+        BaseUssoSession.__init__(
+            self,
+            usso_base_url,
+            api_key,
+            usso_refresh_url,
+            refresh_token,
+            usso_api_key,
+            user_id,
+        )
+        httpx.AsyncClient.__init__(self, headers=self.headers)
+
+    async def _refresh_api(self):
+        params = {"user_id": self.user_id} if self.user_id else {}
+        response = await self.get(
+            f"{self.usso_refresh_url}/api",
+            headers={"x-api-key": self.usso_api_key},
+            params=params,
+        )
+        response.raise_for_status()
+        data: dict = response.json()
+        self._refresh_token = data.get("token", {}).get("refresh_token")
+
+    async def _refresh(self):
+        assert (
+            self.refresh_token or self.usso_api_key
+        ), "refresh_token or usso_api_key is required"
+
+        if self.usso_api_key and not self.refresh_token:
+            await self._refresh_api()
+
+        response = await self.post(
+            self.usso_refresh_url, json={"refresh_token": f"{self.refresh_token}"}
+        )
+        response.raise_for_status()
+        self.access_token = response.json().get("access_token")
+        self.headers.update({"Authorization": f"Bearer {self.access_token}"})
+        return response.json()
+
+    async def get_session(self):
+        if self.api_key:
+            return self
+
+        if not self.access_token or is_expired(self.access_token):
+            await self._refresh()
+        return self
+
+    async def _request(self, method: str, url: str, **kwargs):
+        session = await self.get_session()
+        return await session.request(method, url, **kwargs)

usso/session/session.py

@@ -0,0 +1,118 @@
+from urllib.parse import urlparse
+
+import requests
+from singleton import Singleton
+
+from ..core import is_expired
+
+
+class BaseUssoSession(metaclass=Singleton):
+
+    def __init__(
+        self,
+        usso_base_url: str | None = None,
+        api_key: str | None = None,
+        usso_refresh_url: str | None = None,
+        refresh_token: str | None = None,
+        usso_api_key: str | None = None,
+        user_id: str | None = None,
+    ):
+        assert (
+            usso_base_url or usso_refresh_url
+        ), "usso_base_url or usso_refresh_url is required"
+        assert (
+            refresh_token or api_key or usso_api_key
+        ), "refresh_token or api_key or usso_api_key is required"
+
+        if not usso_base_url:
+            url_parts = urlparse(usso_refresh_url)
+            usso_base_url = f"{url_parts.scheme}://{url_parts.netloc}"
+        if usso_base_url.endswith("/"):
+            usso_base_url = usso_base_url[:-1]
+
+        self.usso_refresh_url = usso_refresh_url or f"{usso_base_url}/auth/refresh"
+        self._refresh_token = refresh_token
+        self.session = requests.Session()
+        self.access_token = None
+        self.api_key = api_key
+        self.usso_api_key = usso_api_key
+        self.user_id = user_id
+        self.headers = {}
+        if api_key:
+            self.headers = {"x-api-key": api_key}
+            self.session.headers.update(self.headers)
+
+    @property
+    def refresh_token(self):
+        if self._refresh_token and is_expired(self._refresh_token):
+            self._refresh_token = None
+
+        return self._refresh_token
+
+    def request(self, method: str, url: str, **kwargs):
+        return self._request(method, url, **kwargs)
+
+    def get(self, url: str, **kwargs):
+        return self._request("GET", url, **kwargs)
+
+    def post(self, url: str, **kwargs):
+        return self._request("POST", url, **kwargs)
+
+    def put(self, url: str, **kwargs):
+        return self._request("PUT", url, **kwargs)
+
+    def patch(self, url: str, **kwargs):
+        return self._request("PATCH", url, **kwargs)
+
+    def delete(self, url: str, **kwargs):
+        return self._request("DELETE", url, **kwargs)
+
+    def head(self, url: str, **kwargs):
+        return self._request("HEAD", url, **kwargs)
+
+    def options(self, url: str, **kwargs):
+        return self._request("OPTIONS", url, **kwargs)
+
+
+class UssoSession(BaseUssoSession):
+    def _refresh_api(self):
+        params = {"user_id": self.user_id} if self.user_id else {}
+        response = requests.get(
+            f"{self.usso_refresh_url}/api",
+            headers={"x-api-key": self.usso_api_key},
+            params=params,
+        )
+        response.raise_for_status()
+        data: dict = response.json()
+        self._refresh_token = data.get("token", {}).get("refresh_token")
+
+    def _refresh(self):
+        assert (
+            self.refresh_token or self.usso_api_key
+        ), "refresh_token or usso_api_key is required"
+
+        if self.usso_api_key and not self.refresh_token:
+            self._refresh_api()
+
+        response = requests.post(
+            self.usso_refresh_url, json={"refresh_token": f"{self.refresh_token}"}
+        )
+        response.raise_for_status()
+        self.access_token = response.json().get("access_token")
+        self.session.headers.update({"Authorization": f"Bearer {self.access_token}"})
+        return response.json()
+
+    def get_session(self):
+        if self.api_key:
+            return self.session
+
+        if not self.access_token or is_expired(self.access_token):
+            self._refresh()
+        return self.session
+
+    def _request(self, method: str, url: str, **kwargs):
+        session = self.get_session()
+        return session.request(method, url, **kwargs)
+
+    def close(self):
+        self.session.close()

{usso-0.26.1.dist-info → usso-0.27.1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: usso
-Version: 0.26.1
+Version: 0.27.1
 Summary: A plug-and-play client for integrating universal single sign-on (SSO) with Python frameworks, enabling secure and seamless authentication across microservices.
 Author-email: Mahdi Kiani <mahdikiany@gmail.com>
 Maintainer-email: Mahdi Kiani <mahdikiany@gmail.com>
@@ -42,28 +42,28 @@ Classifier: Programming Language :: Python :: 3 :: Only
 Requires-Python: >=3.9
 Description-Content-Type: text/markdown
 License-File: LICENSE.txt
-Requires-Dist: pydantic >=2
-Requires-Dist: requests >=2.26.0
+Requires-Dist: pydantic>=2
+Requires-Dist: requests>=2.26.0
 Requires-Dist: pyjwt[crypto]
 Requires-Dist: cachetools
-Provides-Extra: all
-Requires-Dist: fastapi ; extra == 'all'
-Requires-Dist: uvicorn ; extra == 'all'
-Requires-Dist: django ; extra == 'all'
-Requires-Dist: httpx ; extra == 'all'
-Requires-Dist: dev ; extra == 'all'
-Requires-Dist: test ; extra == 'all'
-Provides-Extra: dev
-Requires-Dist: check-manifest ; extra == 'dev'
-Provides-Extra: django
-Requires-Dist: Django >=3.2 ; extra == 'django'
 Provides-Extra: fastapi
-Requires-Dist: fastapi >=0.65.0 ; extra == 'fastapi'
-Requires-Dist: uvicorn[standard] >=0.13.0 ; extra == 'fastapi'
+Requires-Dist: fastapi>=0.65.0; extra == "fastapi"
+Requires-Dist: uvicorn[standard]>=0.13.0; extra == "fastapi"
+Provides-Extra: django
+Requires-Dist: Django>=3.2; extra == "django"
 Provides-Extra: httpx
-Requires-Dist: httpx ; extra == 'httpx'
+Requires-Dist: httpx; extra == "httpx"
+Provides-Extra: dev
+Requires-Dist: check-manifest; extra == "dev"
 Provides-Extra: test
-Requires-Dist: coverage ; extra == 'test'
+Requires-Dist: coverage; extra == "test"
+Provides-Extra: all
+Requires-Dist: fastapi; extra == "all"
+Requires-Dist: uvicorn; extra == "all"
+Requires-Dist: django; extra == "all"
+Requires-Dist: httpx; extra == "all"
+Requires-Dist: dev; extra == "all"
+Requires-Dist: test; extra == "all"
 
 # USSO-Client
 

usso-0.27.1.dist-info/RECORD

@@ -0,0 +1,21 @@
+usso/__init__.py,sha256=NnOS_S1a-JKTOlGe1nw-kCL3m0y82mA2mDraus7BQ2o,120
+usso/b64tools.py,sha256=HGQ0E59vzjrQo2-4jrcY03ebtTaYwTtCZ7KgJaEmxO0,610
+usso/core.py,sha256=KI_61zIxZNDB1QeZsYN7wgKYy54Huhdm2T2WDFq69Sw,8043
+usso/exceptions.py,sha256=hawOAuVbvQtjgRfwp1KFZ4SmV7fh720y5Gom9JVA8W8,504
+usso/schemas.py,sha256=nYFqBMtnGJw13cSKSIMIZdxKVz3AIbnETDuiENHdl5g,850
+usso/client/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+usso/client/api.py,sha256=xlDq2nZNpq3mhAvqIbGEfANHNjJpPquSeULBfS7iMJw,5094
+usso/client/async_api.py,sha256=rb-Xh5oudmZrPYM_iH_B75b5Z0Fvi1V1uurdcKE51w0,5551
+usso/django/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+usso/django/middleware.py,sha256=CJ_poyF9dUTAm-z34s_2DGts-g30fX2PJgzouxVeQY0,3244
+usso/fastapi/__init__.py,sha256=0EcdOzb4f3yu9nILIdGWnlyUz-0VaVX2az1e3f2BusI,201
+usso/fastapi/integration.py,sha256=HCLveG2s6pFsuu2zU0JbgerJ4BgaF712ElmEUPHhwyk,2321
+usso/session/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+usso/session/async_session.py,sha256=SSfB1tDcq5p0eXd2awfTsVYQWm5IRL-1GeMo1zsVFks,2081
+usso/session/session.py,sha256=VRxt-HXXqXrieDt1oA3vBYMjj30PFGAFVwIPtu86JYI,3792
+usso-0.27.1.dist-info/LICENSE.txt,sha256=ceC9ZJOV9H6CtQDcYmHOS46NA3dHJ_WD4J9blH513pc,1081
+usso-0.27.1.dist-info/METADATA,sha256=hQkZJFA_Z36wxxi9FXBe220pEH81RiO00EKNtOsQiGc,4489
+usso-0.27.1.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
+usso-0.27.1.dist-info/entry_points.txt,sha256=4Zgpm5ELaAWPf0jPGJFz1_X69H7un8ycT3WdGoJ0Vvk,35
+usso-0.27.1.dist-info/top_level.txt,sha256=g9Jf6h1Oyidh0vPiFni7UHInTJjSvu6cUalpLTIvthg,5
+usso-0.27.1.dist-info/RECORD,,

{usso-0.26.1.dist-info → usso-0.27.1.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (75.2.0)
+Generator: setuptools (75.6.0)
 Root-Is-Purelib: true
 Tag: py3-none-any
 

usso/async_session.py

@@ -1,124 +0,0 @@
-from contextlib import asynccontextmanager
-from datetime import datetime, timedelta
-
-import aiohttp
-import jwt
-
-
-class AsyncUssoSession:
-    def __init__(
-        self,
-        sso_refresh_url: str,
-        refresh_token: str | None = None,
-        api_key: str | None = None,
-        user_id: str | None = None,
-    ):
-        self.sso_refresh_url = sso_refresh_url
-        self._refresh_token = refresh_token
-        self.access_token = None
-        self.session = None  # This will hold the aiohttp session
-        self.api_key = api_key
-        self.user_id = user_id
-
-    @property
-    def refresh_token(self):
-        if self._refresh_token:
-            decoded_token = jwt.decode(
-                self._refresh_token, options={"verify_signature": False}
-            )
-            exp = decoded_token.get(
-                "exp", (datetime.now() + timedelta(days=1)).timestamp()
-            )
-            exp = datetime.fromtimestamp(exp)
-            if exp < datetime.now():
-                self._refresh_token = None
-
-        return self._refresh_token
-
-    async def _refresh_api(self):
-        params = {"user_id": self.user_id} if self.user_id else {}
-        async with aiohttp.ClientSession() as session:
-            async with session.get(
-                f"{self.sso_refresh_url}/api",
-                headers={"x-api-key": self.api_key},
-                params=params,
-            ) as response:
-                response.raise_for_status()
-                data: dict = await response.json()
-                self._refresh_token = data.get("token", {}).get("refresh_token")
-
-    async def _refresh(self):
-        if not self.refresh_token and not self.api_key:
-            raise ValueError("Refresh token not provided or invalid.")
-
-        if self.api_key and not self.refresh_token:
-            await self._refresh_api()
-
-        async with aiohttp.ClientSession() as session:
-            async with session.post(
-                self.sso_refresh_url,
-                json={"refresh_token": self.refresh_token},
-            ) as response:
-                response.raise_for_status()
-                return await response.json()
-
-    async def _ensure_valid_token(self):
-        if self.access_token:
-            decoded_token = jwt.decode(
-                self.access_token, options={"verify_signature": False}
-            )
-            exp = decoded_token.get("exp")
-
-            if exp and datetime.fromtimestamp(exp) < datetime.now():
-                self.access_token = None  # Token expired, need a new one
-
-        if not self.access_token:
-            # Get a new token if none exists or it has expired
-            token_data = await self._refresh()
-            self.access_token = token_data.get("access_token")
-
-            # Update headers with the new access token
-            if self.session:
-                self.session.headers.update(
-                    {"Authorization": f"Bearer {self.access_token}"}
-                )
-
-    async def __aenter__(self):
-        self.session = aiohttp.ClientSession()  # Initialize the session
-        await self._ensure_valid_token()  # Ensure valid token before usage
-        return self
-
-    async def __aexit__(self, exc_type, exc_value, traceback):
-        if self.session:
-            await self.session.close()  # Close the session properly
-
-    @asynccontextmanager
-    async def _request(self, method: str, url: str, **kwargs):
-        await self._ensure_valid_token()  # Ensure valid token before any request
-        async with self.session.request(method, url, **kwargs) as response:
-            yield response
-
-    def get(self, url: str, **kwargs):
-        return self._request("GET", url, **kwargs)
-
-    def post(self, url: str, **kwargs):
-        return self._request("POST", url, **kwargs)
-
-    def put(self, url: str, **kwargs):
-        return self._request("PUT", url, **kwargs)
-
-    def patch(self, url: str, **kwargs):
-        return self._request("PATCH", url, **kwargs)
-
-    def delete(self, url: str, **kwargs):
-        return self._request("DELETE", url, **kwargs)
-
-    def head(self, url: str, **kwargs):
-        return self._request("HEAD", url, **kwargs)
-
-    def options(self, url: str, **kwargs):
-        return self._request("OPTIONS", url, **kwargs)
-
-    async def close(self):
-        await self.session.close()
-        self.session = None

usso/httpx_session.py

@@ -1,87 +0,0 @@
-from datetime import datetime, timedelta
-
-import httpx
-import jwt
-
-
-class AsyncUssoSession(httpx.AsyncClient):
-    def __init__(
-        self,
-        sso_refresh_url: str,
-        refresh_token: str | None = None,
-        api_key: str | None = None,
-        user_id: str | None = None,
-    ):
-        super().__init__()
-        self.sso_refresh_url = sso_refresh_url
-        self._refresh_token = refresh_token
-        self.access_token = None
-        self.session = None  # This will hold the aiohttp session
-        self.api_key = api_key
-        self.user_id = user_id
-
-    @property
-    def refresh_token(self):
-        if self._refresh_token:
-            decoded_token = jwt.decode(
-                self._refresh_token, options={"verify_signature": False}
-            )
-            exp = decoded_token.get(
-                "exp", (datetime.now() + timedelta(days=1)).timestamp()
-            )
-            exp = datetime.fromtimestamp(exp)
-            if exp < datetime.now():
-                self._refresh_token = None
-
-        return self._refresh_token
-
-    async def _refresh_api(self):
-        params = {"user_id": self.user_id} if self.user_id else {}
-        async with httpx.AsyncClient() as session:
-            response = await session.get(
-                f"{self.sso_refresh_url}/api",
-                headers={"x-api-key": self.api_key},
-                params=params,
-            )
-            response.raise_for_status()
-            data: dict = response.json()
-            self._refresh_token = data.get("token", {}).get("refresh_token")
-
-    async def _refresh(self):
-        if not self.refresh_token and not self.api_key:
-            raise ValueError("Refresh token not provided or invalid.")
-
-        if self.api_key and not self.refresh_token:
-            await self._refresh_api()
-
-        async with httpx.AsyncClient() as session:
-            response = await session.post(
-                self.sso_refresh_url, json={"refresh_token": self.refresh_token}
-            )
-            response.raise_for_status()
-            return response.json()
-
-    async def _ensure_valid_token(self):
-        if self.access_token:
-            decoded_token = jwt.decode(
-                self.access_token, options={"verify_signature": False}
-            )
-            exp = decoded_token.get("exp")
-
-            if exp and datetime.fromtimestamp(exp) < datetime.now():
-                self.access_token = None  # Token expired, need a new one
-
-        if not self.access_token:
-            # Get a new token if none exists or it has expired
-            token_data = await self._refresh()
-            self.access_token = token_data.get("access_token")
-
-    async def request(self, method: str, url: str, *args, **kwargs):
-        await self._ensure_valid_token()
-
-        # Add authorization header to each request
-        headers = kwargs.pop("headers") or {}
-        headers["Authorization"] = f"Bearer {self.access_token}"
-
-        # Call the parent's request method
-        return await super().request(method, url, headers=headers, *args, **kwargs)

usso/session.py

@@ -1,78 +0,0 @@
-from datetime import datetime, timedelta
-
-import jwt
-import requests
-
-
-class UssoSession:
-
-    def __init__(
-        self,
-        sso_refresh_url: str,
-        refresh_token: str | None = None,
-        api_key: str | None = None,
-        user_id: str | None = None,
-    ):
-        self.sso_refresh_url = sso_refresh_url
-        self._refresh_token = refresh_token
-        self.session = requests.Session()
-        self.access_token = None
-        self.api_key = api_key
-        self.user_id = user_id
-
-    @property
-    def refresh_token(self):
-        if self._refresh_token:
-            decoded_token = jwt.decode(
-                self._refresh_token, options={"verify_signature": False}
-            )
-            exp = decoded_token.get(
-                "exp", (datetime.now() + timedelta(days=1)).timestamp()
-            )
-            exp = datetime.fromtimestamp(exp)
-            if exp < datetime.now():
-                self._refresh_token = None
-
-        return self._refresh_token
-
-    def _refresh_api(self):
-        params = {"user_id": self.user_id} if self.user_id else {}
-        response = requests.get(
-            f"{self.sso_refresh_url}/api",
-            headers={"x-api-key": self.api_key},
-            params=params,
-        )
-        response.raise_for_status()
-        data = response.json()
-        self._refresh_token = data.get("token", {}).get("refresh_token")
-
-    def _refresh(self):
-        if not self.refresh_token and not self.api_key:
-            return
-
-        if self.api_key and not self.refresh_token:
-            self._refresh_api()
-
-        response = requests.post(
-            self.sso_refresh_url,
-            json={"refresh_token": f"{self.refresh_token}"},
-        )
-        response.raise_for_status()
-        self.access_token = response.json().get("access_token")
-        self.session.headers.update({"Authorization": f"Bearer {self.access_token}"})
-        return response.json()
-
-    def get_session(self):
-        if self.access_token:
-            decoded_token = jwt.decode(
-                self.access_token, options={"verify_signature": False}
-            )
-            exp = datetime.fromtimestamp(decoded_token.get("exp"))
-            if exp < datetime.now():
-                self.access_token = None
-        if not self.access_token:
-            self.access_token = self._refresh().get("access_token")
-            self.session.headers.update(
-                {"Authorization": f"Bearer {self.access_token}"}
-            )
-        return self.session

usso-0.26.1.dist-info/RECORD

@@ -1,19 +0,0 @@
-usso/__init__.py,sha256=NnOS_S1a-JKTOlGe1nw-kCL3m0y82mA2mDraus7BQ2o,120
-usso/api.py,sha256=xlDq2nZNpq3mhAvqIbGEfANHNjJpPquSeULBfS7iMJw,5094
-usso/async_api.py,sha256=rb-Xh5oudmZrPYM_iH_B75b5Z0Fvi1V1uurdcKE51w0,5551
-usso/async_session.py,sha256=nFIrtV3Tp0H-s2ZkMLU9_fVSeVGq1EtY1bGT_XOS5Vw,4336
-usso/b64tools.py,sha256=HGQ0E59vzjrQo2-4jrcY03ebtTaYwTtCZ7KgJaEmxO0,610
-usso/core.py,sha256=tZzoh_t7HYr-HIual4hN7K1ZVk_nGZdKpaItq5VvkJQ,7087
-usso/exceptions.py,sha256=hawOAuVbvQtjgRfwp1KFZ4SmV7fh720y5Gom9JVA8W8,504
-usso/httpx_session.py,sha256=jp52thSbve4gpJuVVxnKEgH5o7LbYIZ5owf3Y-7ZDbY,3067
-usso/session.py,sha256=E8qx96IWfLWp0CTo1qwb6VUWn0giUnKQIQo-ZRnneEY,2508
-usso/django/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-usso/django/middleware.py,sha256=EEEpHvMQ6QiWw2HY8zQ2Aec0RCATcLWsCKeyiPWJKio,3245
-usso/fastapi/__init__.py,sha256=0EcdOzb4f3yu9nILIdGWnlyUz-0VaVX2az1e3f2BusI,201
-usso/fastapi/integration.py,sha256=-8MTeqGokvmUO0lxZpEWXdTMYg6n065qtnaJHOwCrzQ,1890
-usso-0.26.1.dist-info/LICENSE.txt,sha256=ceC9ZJOV9H6CtQDcYmHOS46NA3dHJ_WD4J9blH513pc,1081
-usso-0.26.1.dist-info/METADATA,sha256=GOWjHISSSaoWSO_Y5iVVrcNovcqxexM7CSpViujFz_0,4506
-usso-0.26.1.dist-info/WHEEL,sha256=OVMc5UfuAQiSplgO0_WdW7vXVGAt9Hdd6qtN4HotdyA,91
-usso-0.26.1.dist-info/entry_points.txt,sha256=4Zgpm5ELaAWPf0jPGJFz1_X69H7un8ycT3WdGoJ0Vvk,35
-usso-0.26.1.dist-info/top_level.txt,sha256=g9Jf6h1Oyidh0vPiFni7UHInTJjSvu6cUalpLTIvthg,5
-usso-0.26.1.dist-info/RECORD,,