This is a pre-production deployment of Warehouse, however changes made here WILL affect the production instance of PyPI.
Project Description

This is a python client library for the BrowserID protocol that underlies Mozilla Persona:

https://login.persona.org/

For the vast majority of deployments, you will simply want to call the module- level “verify” functon to verify a given assertion:

>>> data = browserid.verify(BROWSERIDASSERTION, "http://mysite.com")
>>> print data["email"]
"test@example.com"

The precise implementation of this function will change depending on the current recommendations of the BrowserID team. Currently it POSTs the assertion to the remote verifier service on persona.org.

Note that you must specify your site’s root URL as the second argument to that function. This is the “expected audience” and is a key security feature of BrowserID.

If you are not able to determine the precise hostname by which your site is being accessed (e.g. due to virtual hosting) then you may specify one or more wildcard patterns like so:

>>> data = browserid.verify(BROWSERIDASSERTION, ["http://*.mysite.com"])
>>> print data["email"]
"test@example.com"

For finer control over the verification process, you can create an instance of a “Verifier” class and avoid having to specify the audience patterns over and over again:

>>> verifier = browserid.RemoteVerifier(["*.mysite.com"])
>>> data = verifier.verify(BROWSERIDASSERTION)
>>> print data["email"]
"test@example.com"

For improved performance, or if you just want to live on the bleeding edge, you can explicitly perform verification locally by using the LocalVerifier class like so:

>>> verifier = browserid.LocalVerifier(["*.mysite.com"])
>>> data = verifier.verify(BROWSERIDASSERTION)
>>> print data["email"]
"test@example.com"

Note that the details of the BrowserID Protocol are still in flux, so local verification might break due to incompatible changes. As things stabilise this will become the default implementation.

0.11.0 - 2016-05-11

  • Have the local verifier validate that the email address is well-formed, to avoid passing e.g. null bytes through to code that doesn’t properly handle them.

0.10.0 - 2016-03-09

  • Add support for “idpClaims” and “userClaims” when generating test assertions. This helps when using this library to interact with Firefox Accounts.

0.9.2 - 2014-04-13

  • Remove tuple paramter unpacking for python3.
  • Add “description” attribute to Error objects.

0.9.1 - 2012-11-26

  • Fix data-decoding bug in fallback crypto routines.

0.9.0 - 2012-10-04

  • Support for Python 3.

0.8.0 - 2012-08-01

  • Correct the pure-python RSA implementation. Unfortunately this requires a small backwards-incompatible API change on RSKey objects (the SIZE property is now DIGESTSIZE and it gives the size of the internal hex digest string in bytes)

0.7.0 - 2012-07-26

  • Added a pure-python implementation of the JWT crypto routines, for use when M2Crypto is not available.
  • Added “from_pem_data” and “to_pem_data” methods to Key objects. Currently these are only available when M2Crypto is installed.
  • Added support for delegation of authority; thanks @kylef.
  • Use https://verifier.login.persona.org/verify for remote verification

0.6.2 - 2012-07-17

  • Add persona.org and related sites to the list of default trusted secondaries.

0.6.1 - 2012-06-07

  • Disable certificate chaining for now. This feature is not used by any servers in the wild, and the spec for it is going to change soon.

0.6.0 - 2012-31-05

  • Remove ability to use a custom JWT parser class, it’s not used and adds needless complexity.
  • Add a way to skip the ssl verification when getting certificates with the CertificateManager.

0.5.0 - 2012-04-18

  • add support of requests rather than custom code for ssl checking when retrieving certificates.
  • removed patch utility for secure_urlopen (we are now using requests)
  • add more verbose errors when dealing with RSA/DSA Keys.

0.4.0 - 2012-03-13

  • Renamed from PyVEP to PyBrowserID, in keeping with Mozilla branding.
  • Audience checking now accepts glob-style patterns as well as fixed audience strings.
  • Verifier objects now accept a list of audience patterns as their first argument. This is designed to encourage doing the right thing rather than, say, passing in the hostname from the request.
  • Allowed LocalVerifier to use of a custom JWT parser.
  • Removed browserid.verify_[remote|local|dummy] since they just cause confusion. You should either accept the defaults provided by the browserid.verify function, or use a full-blown Verifier object.
  • Split certificate loading and caching into a separate class, in browserid.certificates:CertificatesManager.
  • Removed the DummyVerifier class in favour of supporting functions in browserid.tests.support.
Release History

Release History

0.11.0

This version

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.10.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.9.2

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.9.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.9.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.8.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.7.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.6.2

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.6.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.6.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.5.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.4.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
PyBrowserID-0.11.0.tar.gz (35.7 kB) Copy SHA256 Checksum SHA256 Source May 11, 2016

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting