vortex-python-sdk 0.0.2__py3-none-any.whl → 0.0.3__py3-none-any.whl

{vortex_python_sdk-0.0.2.dist-info → vortex_python_sdk-0.0.3.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: vortex-python-sdk
-Version: 0.0.2
+Version: 0.0.3
 Summary: Vortex Python SDK for invitation management and JWT generation
 Author-email: TeamVortexSoftware <support@vortexsoftware.com>
 License-Expression: MIT
@@ -55,11 +55,11 @@ pip install vortex-python-sdk
 ```python
 from vortex_sdk import Vortex
 
-# Initialize the client
-vortex = Vortex(api_key="your-api-key")
+# Initialize the client with your Vortex API key
+vortex = Vortex(api_key="your-vortex-api-key")
 
 # Or with custom base URL
-vortex = Vortex(api_key="your-api-key", base_url="https://custom-api.example.com")
+vortex = Vortex(api_key="your-vortex-api-key", base_url="https://custom-api.example.com")
 ```
 
 ### JWT Generation

vortex_python_sdk-0.0.3.dist-info/RECORD

@@ -0,0 +1,9 @@
+vortex_python_sdk-0.0.3.dist-info/licenses/LICENSE,sha256=VndlWxbL4-w3YDf2yE5gJscj4zVXF0qlSq0LDtay3lo,1074
+vortex_sdk/__init__.py,sha256=0Q9cyxYBvCQtLsKWJJu-lAjPFp5HCXnIYKtp6xYAYFA,709
+vortex_sdk/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+vortex_sdk/types.py,sha256=Si5fXbf2gkcK3FoirJURNBBPLOJM090P5uhlHx6kXZQ,3079
+vortex_sdk/vortex.py,sha256=B7XAT8CAEJLEH5kxYF3KpMo4kAO_LwCBs8-VEBgC3cw,14754
+vortex_python_sdk-0.0.3.dist-info/METADATA,sha256=bACa6c5OMHoIwGBKC2oH8uNKVIdHmlIzzrHYnftqr5w,6237
+vortex_python_sdk-0.0.3.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+vortex_python_sdk-0.0.3.dist-info/top_level.txt,sha256=xFDlEcXIIi_sBhkse0YfMnSdg2IlaYUd0oP2UCDc_Y0,11
+vortex_python_sdk-0.0.3.dist-info/RECORD,,

vortex_sdk/__init__.py

@@ -18,7 +18,7 @@ from .types import (
     VortexApiError
 )
 
-__version__ = "0.0.2"
+__version__ = "0.0.3"
 __author__ = "TeamVortexSoftware"
 __email__ = "support@vortexsoftware.com"
 

vortex_sdk/types.py

@@ -1,4 +1,4 @@
-from typing import Dict, List, Optional, Union, Literal
+from typing import Dict, List, Optional, Union, Literal, Any
 from pydantic import BaseModel, Field
 
 
@@ -58,6 +58,7 @@ class JwtPayload(BaseModel):
     identifiers: List[IdentifierInput]
     groups: Optional[List[GroupInput]] = None
     role: Optional[str] = None
+    attributes: Optional[Dict[str, Any]] = None
 
 
 class InvitationTarget(BaseModel):

vortex_sdk/vortex.py

@@ -2,6 +2,8 @@ import json
 import hmac
 import hashlib
 import base64
+import time
+import uuid
 from typing import Dict, List, Optional, Union, Literal
 from urllib.parse import urlencode
 import httpx
@@ -32,58 +34,104 @@ class Vortex:
 
     def generate_jwt(self, payload: Union[JwtPayload, Dict]) -> str:
         """
-        Generate a JWT token for the given payload
+        Generate a JWT token for the given payload matching Node.js SDK implementation
 
         Args:
             payload: JWT payload containing user_id, identifiers, groups, and role
 
         Returns:
             JWT token string
+
+        Raises:
+            ValueError: If API key format is invalid
         """
         if isinstance(payload, dict):
             payload = JwtPayload(**payload)
 
-        # JWT Header
+        # Parse API key (format: VRTX.base64url(uuid).key)
+        parts = self.api_key.split('.')
+        if len(parts) != 3:
+            raise ValueError('Invalid API key format. Expected: VRTX.{encodedId}.{key}')
+
+        prefix, encoded_id, key = parts
+
+        if prefix != 'VRTX':
+            raise ValueError('Invalid API key prefix. Expected: VRTX')
+
+        # Decode UUID from base64url
+        # Add padding if needed
+        padding = 4 - len(encoded_id) % 4
+        if padding != 4:
+            encoded_id_padded = encoded_id + ('=' * padding)
+        else:
+            encoded_id_padded = encoded_id
+
+        try:
+            uuid_bytes = base64.urlsafe_b64decode(encoded_id_padded)
+            kid = str(uuid.UUID(bytes=uuid_bytes))
+        except Exception as e:
+            raise ValueError(f'Invalid UUID in API key: {e}')
+
+        # Generate timestamps
+        iat = int(time.time())
+        expires = iat + 3600
+
+        # Step 1: Derive signing key from API key + UUID
+        signing_key = hmac.new(
+            key.encode(),
+            kid.encode(),
+            hashlib.sha256
+        ).digest()
+
+        # Step 2: Build header + payload
         header = {
-            "alg": "HS256",
-            "typ": "JWT"
+            'iat': iat,
+            'alg': 'HS256',
+            'typ': 'JWT',
+            'kid': kid,
         }
 
-        # JWT Payload - serialize identifiers and groups to dicts
-        jwt_payload = {
-            "userId": payload.user_id,
-            "identifiers": [{"type": id.type, "value": id.value} for id in payload.identifiers],
-        }
+        # Serialize identifiers
+        identifiers_list = [{"type": id.type, "value": id.value} for id in payload.identifiers]
 
+        # Serialize groups
+        groups_list = None
         if payload.groups is not None:
-            # Serialize groups, using model_dump to handle camelCase conversion
-            jwt_payload["groups"] = [
+            groups_list = [
                 {k: v for k, v in group.model_dump(by_alias=True, exclude_none=True).items()}
                 for group in payload.groups
             ]
-        if payload.role is not None:
-            jwt_payload["role"] = payload.role
 
-        # Encode header and payload
-        header_encoded = base64.urlsafe_b64encode(
-            json.dumps(header, separators=(',', ':')).encode()
-        ).decode().rstrip('=')
+        jwt_payload = {
+            'userId': payload.user_id,
+            'groups': groups_list,
+            'role': payload.role,
+            'expires': expires,
+            'identifiers': identifiers_list,
+        }
+
+        # Add attributes if provided
+        if hasattr(payload, 'attributes') and payload.attributes:
+            jwt_payload['attributes'] = payload.attributes
+
+        # Step 3: Base64URL encode (without padding)
+        header_json = json.dumps(header, separators=(',', ':'))
+        payload_json = json.dumps(jwt_payload, separators=(',', ':'))
 
-        payload_encoded = base64.urlsafe_b64encode(
-            json.dumps(jwt_payload, separators=(',', ':')).encode()
-        ).decode().rstrip('=')
+        header_b64 = base64.urlsafe_b64encode(header_json.encode()).decode().rstrip('=')
+        payload_b64 = base64.urlsafe_b64encode(payload_json.encode()).decode().rstrip('=')
 
-        # Create signature
-        message = f"{header_encoded}.{payload_encoded}"
+        # Step 4: Sign
+        to_sign = f'{header_b64}.{payload_b64}'
         signature = hmac.new(
-            self.api_key.encode(),
-            message.encode(),
+            signing_key,
+            to_sign.encode(),
             hashlib.sha256
         ).digest()
 
-        signature_encoded = base64.urlsafe_b64encode(signature).decode().rstrip('=')
+        signature_b64 = base64.urlsafe_b64encode(signature).decode().rstrip('=')
 
-        return f"{message}.{signature_encoded}"
+        return f'{to_sign}.{signature_b64}'
 
     async def _vortex_api_request(
         self,

vortex_python_sdk-0.0.2.dist-info/RECORD

@@ -1,9 +0,0 @@
-vortex_python_sdk-0.0.2.dist-info/licenses/LICENSE,sha256=VndlWxbL4-w3YDf2yE5gJscj4zVXF0qlSq0LDtay3lo,1074
-vortex_sdk/__init__.py,sha256=BVRNzjJmtAX7QjUSqG1qL_l3jpVp-AOxMhuBdCCPFOg,709
-vortex_sdk/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-vortex_sdk/types.py,sha256=49M5wb1PjFPeeqzZurd91rIaCTJK2Ll-L28BQhxd4wI,3026
-vortex_sdk/vortex.py,sha256=gtIuLkW4XY6zMClNeMukicEU8Afr6RYA7RHG25YTtmE,13275
-vortex_python_sdk-0.0.2.dist-info/METADATA,sha256=iFMbcUiLIgSOhbijKHdXYQkKJb2rgFjPrCRrxnBu33g,6198
-vortex_python_sdk-0.0.2.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-vortex_python_sdk-0.0.2.dist-info/top_level.txt,sha256=xFDlEcXIIi_sBhkse0YfMnSdg2IlaYUd0oP2UCDc_Y0,11
-vortex_python_sdk-0.0.2.dist-info/RECORD,,