PyPI - vortex-python-sdk - Versions diffs - 0.0.2__tar.gz → 0.0.3__tar.gz - Mend

vortex-python-sdk 0.0.2tar.gz → 0.0.3tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of vortex-python-sdk might be problematic. Click here for more details.

Files changed (16) hide show

{vortex_python_sdk-0.0.2 → vortex_python_sdk-0.0.3}/CHANGELOG.md RENAMED Viewed

@@ -7,6 +7,20 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
+## [0.0.3] - 2025-01-31
+### Fixed
+- **CRITICAL FIX**: JWT generation now matches Node.js SDK implementation exactly
+  - Improved JWT signing algorithm to match Node.js SDK
+  - Added `iat` (issued at) and `expires` timestamp fields to JWT
+  - Added `attributes` field support in JwtPayload for custom user attributes
+  - Fixed base64url encoding
+- Added comprehensive tests verifying JWT output matches Node.js SDK byte-for-byte
+### Breaking Changes
+- JWT structure changed significantly - tokens from 0.0.2 are incompatible with 0.0.3
+- JWTs now include `iat` and `expires` fields for proper token lifecycle management
 ## [0.0.2] - 2025-01-31
 ### Fixed

{vortex_python_sdk-0.0.2/src/vortex_python_sdk.egg-info → vortex_python_sdk-0.0.3}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: vortex-python-sdk
-Version: 0.0.2
+Version: 0.0.3
 Summary: Vortex Python SDK for invitation management and JWT generation
 Author-email: TeamVortexSoftware <support@vortexsoftware.com>
 License-Expression: MIT
@@ -55,11 +55,11 @@ pip install vortex-python-sdk
 ```python
 from vortex_sdk import Vortex
-# Initialize the client
-vortex = Vortex(api_key="your-api-key")
+# Initialize the client with your Vortex API key
+vortex = Vortex(api_key="your-vortex-api-key")
 # Or with custom base URL
-vortex = Vortex(api_key="your-api-key", base_url="https://custom-api.example.com")
+vortex = Vortex(api_key="your-vortex-api-key", base_url="https://custom-api.example.com")
 ```
 ### JWT Generation

{vortex_python_sdk-0.0.2 → vortex_python_sdk-0.0.3}/README.md RENAMED Viewed

@@ -17,11 +17,11 @@ pip install vortex-python-sdk
 ```python
 from vortex_sdk import Vortex
-# Initialize the client
-vortex = Vortex(api_key="your-api-key")
+# Initialize the client with your Vortex API key
+vortex = Vortex(api_key="your-vortex-api-key")
 # Or with custom base URL
-vortex = Vortex(api_key="your-api-key", base_url="https://custom-api.example.com")
+vortex = Vortex(api_key="your-vortex-api-key", base_url="https://custom-api.example.com")
 ```
 ### JWT Generation

{vortex_python_sdk-0.0.2 → vortex_python_sdk-0.0.3}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "vortex-python-sdk"
-version = "0.0.2"
+version = "0.0.3"
 description = "Vortex Python SDK for invitation management and JWT generation"
 authors = [{name = "TeamVortexSoftware", email = "support@vortexsoftware.com"}]
 readme = "README.md"

{vortex_python_sdk-0.0.2 → vortex_python_sdk-0.0.3/src/vortex_python_sdk.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: vortex-python-sdk
-Version: 0.0.2
+Version: 0.0.3
 Summary: Vortex Python SDK for invitation management and JWT generation
 Author-email: TeamVortexSoftware <support@vortexsoftware.com>
 License-Expression: MIT
@@ -55,11 +55,11 @@ pip install vortex-python-sdk
 ```python
 from vortex_sdk import Vortex
-# Initialize the client
-vortex = Vortex(api_key="your-api-key")
+# Initialize the client with your Vortex API key
+vortex = Vortex(api_key="your-vortex-api-key")
 # Or with custom base URL
-vortex = Vortex(api_key="your-api-key", base_url="https://custom-api.example.com")
+vortex = Vortex(api_key="your-vortex-api-key", base_url="https://custom-api.example.com")
 ```
 ### JWT Generation

{vortex_python_sdk-0.0.2 → vortex_python_sdk-0.0.3}/src/vortex_sdk/__init__.py RENAMED Viewed

@@ -18,7 +18,7 @@ from .types import (
     VortexApiError
 )
-__version__ = "0.0.2"
+__version__ = "0.0.3"
 __author__ = "TeamVortexSoftware"
 __email__ = "support@vortexsoftware.com"

{vortex_python_sdk-0.0.2 → vortex_python_sdk-0.0.3}/src/vortex_sdk/types.py RENAMED Viewed

@@ -1,4 +1,4 @@
-from typing import Dict, List, Optional, Union, Literal
+from typing import Dict, List, Optional, Union, Literal, Any
 from pydantic import BaseModel, Field
@@ -58,6 +58,7 @@ class JwtPayload(BaseModel):
     identifiers: List[IdentifierInput]
     groups: Optional[List[GroupInput]] = None
     role: Optional[str] = None
+    attributes: Optional[Dict[str, Any]] = None
 class InvitationTarget(BaseModel):

{vortex_python_sdk-0.0.2 → vortex_python_sdk-0.0.3}/src/vortex_sdk/vortex.py RENAMED Viewed

@@ -2,6 +2,8 @@ import json
 import hmac
 import hashlib
 import base64
+import time
+import uuid
 from typing import Dict, List, Optional, Union, Literal
 from urllib.parse import urlencode
 import httpx
@@ -32,58 +34,104 @@ class Vortex:
     def generate_jwt(self, payload: Union[JwtPayload, Dict]) -> str:
         """
-        Generate a JWT token for the given payload
+        Generate a JWT token for the given payload matching Node.js SDK implementation
         Args:
             payload: JWT payload containing user_id, identifiers, groups, and role
         Returns:
             JWT token string
+        Raises:
+            ValueError: If API key format is invalid
         """
         if isinstance(payload, dict):
             payload = JwtPayload(**payload)
-        # JWT Header
+        # Parse API key (format: VRTX.base64url(uuid).key)
+        parts = self.api_key.split('.')
+        if len(parts) != 3:
+            raise ValueError('Invalid API key format. Expected: VRTX.{encodedId}.{key}')
+        prefix, encoded_id, key = parts
+        if prefix != 'VRTX':
+            raise ValueError('Invalid API key prefix. Expected: VRTX')
+        # Decode UUID from base64url
+        # Add padding if needed
+        padding = 4 - len(encoded_id) % 4
+        if padding != 4:
+            encoded_id_padded = encoded_id + ('=' * padding)
+        else:
+            encoded_id_padded = encoded_id
+        try:
+            uuid_bytes = base64.urlsafe_b64decode(encoded_id_padded)
+            kid = str(uuid.UUID(bytes=uuid_bytes))
+        except Exception as e:
+            raise ValueError(f'Invalid UUID in API key: {e}')
+        # Generate timestamps
+        iat = int(time.time())
+        expires = iat + 3600
+        # Step 1: Derive signing key from API key + UUID
+        signing_key = hmac.new(
+            key.encode(),
+            kid.encode(),
+            hashlib.sha256
+        ).digest()
+        # Step 2: Build header + payload
         header = {
-            "alg": "HS256",
-            "typ": "JWT"
+            'iat': iat,
+            'alg': 'HS256',
+            'typ': 'JWT',
+            'kid': kid,
         }
-        # JWT Payload - serialize identifiers and groups to dicts
-        jwt_payload = {
-            "userId": payload.user_id,
-            "identifiers": [{"type": id.type, "value": id.value} for id in payload.identifiers],
-        }
+        # Serialize identifiers
+        identifiers_list = [{"type": id.type, "value": id.value} for id in payload.identifiers]
+        # Serialize groups
+        groups_list = None
         if payload.groups is not None:
-            # Serialize groups, using model_dump to handle camelCase conversion
-            jwt_payload["groups"] = [
+            groups_list = [
                 {k: v for k, v in group.model_dump(by_alias=True, exclude_none=True).items()}
                 for group in payload.groups
             ]
-        if payload.role is not None:
-            jwt_payload["role"] = payload.role
-        # Encode header and payload
-        header_encoded = base64.urlsafe_b64encode(
-            json.dumps(header, separators=(',', ':')).encode()
-        ).decode().rstrip('=')
+        jwt_payload = {
+            'userId': payload.user_id,
+            'groups': groups_list,
+            'role': payload.role,
+            'expires': expires,
+            'identifiers': identifiers_list,
+        }
+        # Add attributes if provided
+        if hasattr(payload, 'attributes') and payload.attributes:
+            jwt_payload['attributes'] = payload.attributes
+        # Step 3: Base64URL encode (without padding)
+        header_json = json.dumps(header, separators=(',', ':'))
+        payload_json = json.dumps(jwt_payload, separators=(',', ':'))
-        payload_encoded = base64.urlsafe_b64encode(
-            json.dumps(jwt_payload, separators=(',', ':')).encode()
-        ).decode().rstrip('=')
+        header_b64 = base64.urlsafe_b64encode(header_json.encode()).decode().rstrip('=')
+        payload_b64 = base64.urlsafe_b64encode(payload_json.encode()).decode().rstrip('=')
-        # Create signature
-        message = f"{header_encoded}.{payload_encoded}"
+        # Step 4: Sign
+        to_sign = f'{header_b64}.{payload_b64}'
         signature = hmac.new(
-            self.api_key.encode(),
-            message.encode(),
+            signing_key,
+            to_sign.encode(),
             hashlib.sha256
         ).digest()
-        signature_encoded = base64.urlsafe_b64encode(signature).decode().rstrip('=')
+        signature_b64 = base64.urlsafe_b64encode(signature).decode().rstrip('=')
-        return f"{message}.{signature_encoded}"
+        return f'{to_sign}.{signature_b64}'
     async def _vortex_api_request(
         self,