usso 0.28.27__py3-none-any.whl → 0.28.28__py3-none-any.whl

usso/client.py

@@ -1,4 +1,5 @@
 import logging
+from urllib.parse import urlparse
 
 import usso_jwt.exceptions
 import usso_jwt.schemas
@@ -22,6 +23,8 @@ class UssoAuth:
         self,
         *,
         jwt_config: AvailableJwtConfigs | None = None,
+        from_base_usso_url: str | None = None,
+        **kwargs: object,
     ) -> None:
         """Initialize the USSO authentication client.
 
@@ -31,6 +34,7 @@ class UssoAuth:
         if jwt_config is None:
             jwt_config = AuthConfig()
         self.jwt_configs = AuthConfig.validate_jwt_configs(jwt_config)
+        self.from_base_usso_url = from_base_usso_url
 
     def user_data_from_token(
         self,
@@ -68,6 +72,25 @@ class UssoAuth:
             except usso_jwt.exceptions.JWTError as e:
                 exp = e
 
+        if self.from_base_usso_url:
+            try:
+                jwt_obj = usso_jwt.schemas.JWT(
+                    token=token, config=jwk_config, payload_class=UserData
+                )
+                iss = jwt_obj.unverified_payload.iss
+                iss_domain = urlparse(iss).netloc
+                jwt_obj.config.jwks_url = (
+                    f"{self.from_base_usso_url}/.well-known/jwks.json?"
+                    f"domain={iss_domain}"
+                )
+                if jwt_obj.verify(
+                    expected_token_type=expected_token_type,
+                    **kwargs,
+                ):
+                    return jwt_obj.payload
+            except usso_jwt.exceptions.JWTError as e:
+                exp = e
+
         _handle_exception(
             "Unauthorized",
             message=str(exp) if exp else None,

usso/config.py

@@ -1,4 +1,5 @@
 import json
+import os
 from typing import Any, Literal, Union
 
 import usso_jwt.config
@@ -7,6 +8,8 @@ from pydantic import BaseModel, model_validator
 from .user import UserData
 from .utils.string_utils import get_authorization_scheme_param
 
+BASE_USSO_URL = os.getenv("BASE_USSO_URL") or "https://sso.usso.io"
+
 
 class HeaderConfig(BaseModel):
     type: Literal["Authorization", "Cookie", "CustomHeader"] = "Cookie"
@@ -42,7 +45,7 @@ class HeaderConfig(BaseModel):
 
 
 class APIHeaderConfig(HeaderConfig):
-    verify_endpoint: str = "https://sso.usso.io/api/sso/v1/apikeys/verify"
+    verify_endpoint: str = f"{BASE_USSO_URL}/api/sso/v1/apikeys/verify"
 
 
 class AuthConfig(usso_jwt.config.JWTConfig):

usso/integrations/fastapi/dependency.py

@@ -14,15 +14,20 @@ class USSOAuthentication(UssoAuth):
     def __init__(
         self,
         jwt_config: AvailableJwtConfigs | None = None,
+        *,
         raise_exception: bool = True,
         expected_token_type: str = "access",
+        from_base_usso_url: str | None = None,
     ) -> None:
         if jwt_config is None:
             jwt_config = AuthConfig()
 
-        super().__init__(jwt_config=jwt_config)
+        super().__init__(
+            jwt_config=jwt_config, from_base_usso_url=from_base_usso_url
+        )
         self.raise_exception = raise_exception
         self.expected_token_type = expected_token_type
+        self.from_base_usso_url = from_base_usso_url
 
     def __call__(self, request: Request) -> UserData:
         return self.usso_access_security(request)
@@ -41,7 +46,6 @@ class USSOAuthentication(UssoAuth):
                 return token
         return None
 
-    # @instance_method
     def usso_access_security(self, request: Request) -> UserData | None:
         """Return the user associated with a token value."""
         api_key = self.get_request_api_key(request)
@@ -62,7 +66,6 @@ class USSOAuthentication(UssoAuth):
             raise_exception=self.raise_exception,
         )
 
-    # @instance_method
     def jwt_access_security_ws(self, websocket: WebSocket) -> UserData | None:
         """Return the user associated with a token value."""
         api_key = self.get_request_api_key(websocket)

{usso-0.28.27.dist-info → usso-0.28.28.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: usso
-Version: 0.28.27
+Version: 0.28.28
 Summary: A plug-and-play client for integrating universal single sign-on (SSO) with Python frameworks, enabling secure and seamless authentication across microservices.
 Author-email: Mahdi Kiani <mahdikiany@gmail.com>
 Maintainer-email: Mahdi Kiani <mahdikiany@gmail.com>
@@ -28,7 +28,7 @@ Requires-Dist: cachetools
 Requires-Dist: singleton_package
 Requires-Dist: json-advanced
 Requires-Dist: httpx
-Requires-Dist: usso-jwt>=0.2.0
+Requires-Dist: usso-jwt>=0.2.6
 Provides-Extra: fastapi
 Requires-Dist: fastapi>=0.65.0; extra == "fastapi"
 Requires-Dist: uvicorn[standard]>=0.13.0; extra == "fastapi"

{usso-0.28.27.dist-info → usso-0.28.28.dist-info}/RECORD

@@ -1,14 +1,14 @@
 usso/__init__.py,sha256=ot4Q5ouLGe505DGFAxQP4p4yZLLaBLqbHmCF1OvHG1M,585
 usso/api_key.py,sha256=LtBY86HE27xTk-GCixTL2gyikuIV4XBYWY4OknjUgTk,1262
 usso/authorization.py,sha256=5cROjDZkmUs7eYav32h20WxOexucaF2d4i3_MuKhQ9A,8264
-usso/client.py,sha256=kN6RgYQv08jAiBJ6Z9O89LvWdN_3RXI7O-L89zzLVck,2650
-usso/config.py,sha256=zdiEFqfBhl6eAbfSXuoCZFsfiWBG0tnmozridxSIZ0E,3802
+usso/client.py,sha256=GQXX9Ifxfrr7sSNMdj4IDWb8-JmkWshb0-TMhUmYCA8,3551
+usso/config.py,sha256=okT-Z6M3u-URRsBAftpxF0ZO4tAfDZGH5pA6qCip0GM,3878
 usso/exceptions.py,sha256=hDxw475zvF55FTEqkfhZfciVXXGiB8pyWgqF2HiUiio,1743
 usso/user.py,sha256=uWL5fkD1QSV6H5qC690iS9MJWX5AvDze6c24l3sXvB0,3846
 usso/integrations/django/__init__.py,sha256=dKpbffHS5ouGtW6ooI2ivzjPmH_1rOBny85htR-KqrY,97
 usso/integrations/django/middleware.py,sha256=LEPb2LkGET47cgGpydcylfBabndX4Hycyzj-xdfREug,3453
 usso/integrations/fastapi/__init__.py,sha256=ohToiqutHu3Okr8naunssDkamj1OdiG4OpPdBW0rt7U,204
-usso/integrations/fastapi/dependency.py,sha256=u7jV3xAo3iW1_a8nu7c2Y2lrq5J8TN3PllYPXu-Oqos,2707
+usso/integrations/fastapi/dependency.py,sha256=3ughk-H8yjxkH0fLjdBv-iw0hA3E84XfNs9dCv_2M-o,2833
 usso/integrations/fastapi/handler.py,sha256=FcYRWcYsiKNygjAWS1elcy_QQ6neCNsUEE8WyMDtMgA,501
 usso/session/__init__.py,sha256=tE4qWUdSI7iN_pywm47Mg8NKOTBa2nCNwCy3wCZWRmU,124
 usso/session/async_session.py,sha256=iu-bnZHe9_ODSXax_WsclJxtwZ9ClVt7KBl3RysYE-U,4073
@@ -16,9 +16,9 @@ usso/session/base_session.py,sha256=M35m_jBkdGHVPL4R3djuJDdE1aONZnoRvMv-FVrhyaU,
 usso/session/session.py,sha256=6f0zz1F_p4hbZgvCAdcMur__U_RaTsZ5R2658e1W-t8,1714
 usso/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 usso/utils/string_utils.py,sha256=7tziAa2Cwa7xhwM_NF4DSY3BHoqVaWgJ21VuV8LvhrY,253
-usso-0.28.27.dist-info/licenses/LICENSE.txt,sha256=ceC9ZJOV9H6CtQDcYmHOS46NA3dHJ_WD4J9blH513pc,1081
-usso-0.28.27.dist-info/METADATA,sha256=MscismYOkLXNAART0H5HHurMpAt2pf3ePanpJQizyHM,5061
-usso-0.28.27.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-usso-0.28.27.dist-info/entry_points.txt,sha256=4Zgpm5ELaAWPf0jPGJFz1_X69H7un8ycT3WdGoJ0Vvk,35
-usso-0.28.27.dist-info/top_level.txt,sha256=g9Jf6h1Oyidh0vPiFni7UHInTJjSvu6cUalpLTIvthg,5
-usso-0.28.27.dist-info/RECORD,,
+usso-0.28.28.dist-info/licenses/LICENSE.txt,sha256=ceC9ZJOV9H6CtQDcYmHOS46NA3dHJ_WD4J9blH513pc,1081
+usso-0.28.28.dist-info/METADATA,sha256=Fh4LONujiTalgXOCgqHjvfv_3pLoeL-oQOJNB9Ucry4,5061
+usso-0.28.28.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+usso-0.28.28.dist-info/entry_points.txt,sha256=4Zgpm5ELaAWPf0jPGJFz1_X69H7un8ycT3WdGoJ0Vvk,35
+usso-0.28.28.dist-info/top_level.txt,sha256=g9Jf6h1Oyidh0vPiFni7UHInTJjSvu6cUalpLTIvthg,5
+usso-0.28.28.dist-info/RECORD,,