JSON web token: pyjwt plus Atlassian query-string-hash claim
Project description
JSON Web Token (JWT) authentication and encoding library for Python 2 and 3. Extends pyjwt to include Atlassian Connect’s custom query string hash (qsh) claim.
This package is on pypi so you can use pip to install it
pip install atlassian-jwt
Tenant information
This package makes references to Atlassian Connect’s tenant information data structure. Specfically the clientKey and sharedSecret fields are used when encoding a JWT token. Here is an example of the complete tenant information data structure as is passed to a Connect Addon with the installed lifecycle callback.
{
"key": "installed-addon-key",
"clientKey": "unique-client-identifier",
"publicKey": "MIGf....ZRWzwIDAQAB",
"sharedSecret": "a-secret-key-not-to-be-lost",
"serverVersion": "server-version",
"pluginsVersion": "version-of-connect",
"baseUrl": "http://example.atlassian.net",
"productType": "jira",
"description": "Atlassian JIRA at https://example.atlassian.net",
"serviceEntitlementNumber": "SEN-number",
"eventType": "installed"
}
Where
clientKey is an identifying key for the Atlassian product instance that the add-on was installed into.
sharedSecret is the string that should be used to sign outgoing JWT tokens and validate incoming JWT tokens.
Authentication
This package provides an abstract base class that can be subclassed to provide authentication to an Atlassian Connect Addon. Here is an example of that use
import atlassian_jwt
class MyAddon(atlassian_jwt.Authenticator):
def __init__(self, tenant_info_store):
super(MyAddon, self).__init__()
self.tenant_info_store = tenant_info_store
def get_shared_secret(self, client_key):
tenant_info = self.tenant_info_store.get(client_key)
return tenant_info['sharedSecret']
my_auth = MyAddon(tenant_info_store)
try:
client_key, claims = my_auth.authenticate(http_method, url, headers)
# authentication succeeded
except atlassian_jwt.DecodeError:
# authentication failed
pass
Encoding
Atlassian Connect Addon can make API calls back to the host application. These API calls include a JWT token for authentication. This package provides an encode_token function to do this work. Here is an example of its use
import atlassian_jwt
token = atlassian_jwt.encode_token(http_method, url, **tenant_info)
headers = {'Authorization': 'JWT {}'.format(token)}
Understanding JWT for Atlassian Connect
Running the tests
pip3.8 install -e . && pip3.8 install -r requirements.txt && python3.8 -m pytest
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file atlassian-jwt-3.0.0.tar.gz.
File metadata
- Download URL: atlassian-jwt-3.0.0.tar.gz
- Upload date:
- Size: 8.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | a7a15aab8f9d1dda38ea1c261f6ad37a556bea598c039b055cda45c51061c641 |
|
| MD5 | 6b5d424fc902ba56b01abaa3496fbb9d |
|
| BLAKE2b-256 | da41090bc835b7ab28198aa162b239f211d86f9c1abc37621bd93f95daa676d1 |
File details
Details for the file atlassian_jwt-3.0.0-py2.py3-none-any.whl.
File metadata
- Download URL: atlassian_jwt-3.0.0-py2.py3-none-any.whl
- Upload date:
- Size: 8.4 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | cfcdfdefaf94f64531de55ccdf4b347e4f724876607e225697827d1a986e71da |
|
| MD5 | 30ab7f24405044249013483d70a470cd |
|
| BLAKE2b-256 | d8e144633a7ea6f31e57a33d60f01ff0362ca6f58e305383120a89d10a76cf29 |
