atlassian-jwt-auth

Python implementation of the Atlassian Service to Service Authentication specification.

These details have not been verified by PyPI

Project links

Development Status
- 4 - Beta
Environment
- Console
Intended Audience
- Developers
License
- OSI Approved :: MIT License
Operating System
- OS Independent
Programming Language

Project description

https://github.com/atlassian/asap-authentication-python/workflows/Tests/badge.svg

https://img.shields.io/pypi/v/atlassian-jwt-auth.svg

This package provides an implementation of the Service to Service Authentication specification.

Installation

To install simply run

$ pip install atlassian-jwt-auth

Using this library

To create a JWT for authentication

import atlassian_jwt_auth


signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
a_jwt = signer.generate_jwt('audience')

To create a JWT using a file on disk in the conventional location

Each time you call generate_jwt this will find the latest active key file (ends with .pem) and use it to generate your JWT.

import atlassian_jwt_auth


signer = atlassian_jwt_auth.create_signer_from_file_private_key_repository('issuer', '/opt/jwtprivatekeys')
a_jwt = signer.generate_jwt('audience')

To create a JWT using a data uri

import atlassian_jwt_auth
from atlassian_jwt_auth.key import DataUriPrivateKeyRetriever

key_id, private_key_pem = DataUriPrivateKeyRetriever('Your base64 encoded data uri').load('issuer')
signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
a_jwt = signer.generate_jwt('audience')

To make an authenticated HTTP request

If you use the atlassian_jwt_auth.contrib.requests.JWTAuth provider, you can automatically generate JWT tokens when using the requests library to perform authenticated HTTP requests.

import atlassian_jwt_auth
from atlassian_jwt_auth.contrib.requests import JWTAuth

signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
response = requests.get(
    'https://your-url',
    auth=JWTAuth(signer, 'audience')
)

One can also use atlassian_jwt_auth.contrib.aiohttp.JWTAuth to authenticate aiohttp requests:

import aiohttp

import atlassian_jwt_auth
from atlassian_jwt_auth.contrib.aiohttp import JWTAuth

signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)

async with aiohttp.ClientSession() as session:
    async with session.get('https://your-url',
                           auth=JWTAuth(signer, 'audience')) as resp:
        ...

If you want to reuse tokens that have the same claim within their period of validity then pass through reuse_jwts=True when calling create_signer. For example:

import atlassian_jwt_auth
import requests
from atlassian_jwt_auth.contrib.requests import JWTAuth

signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem, reuse_jwts=True)
response = requests.get(
    'https://your-url',
    auth=JWTAuth(signer, 'audience')
)

If you want to generate tokens with a longer lifetime than the default 1 minute period, you can do so via specifying a lifetime value to create_signer. For example:

import datetime

import atlassian_jwt_auth
import requests
from atlassian_jwt_auth.contrib.requests import JWTAuth

signer = atlassian_jwt_auth.create_signer(
    'issuer', 'issuer/key', private_key_pem,
    reuse_jwts=True, lifetime=datetime.timedelta(minutes=2))
response = requests.get(
    'https://your-url',
    auth=JWTAuth(signer, 'audience')
)

To verify a JWT

import atlassian_jwt_auth

public_key_retriever = atlassian_jwt_auth.HTTPSPublicKeyRetriever('https://example.com')
verifier = atlassian_jwt_auth.JWTAuthVerifier(public_key_retriever)
verified_claims = verifier.verify_jwt(a_jwt, 'audience')

For Python versions starting from Python 3.5, note this library no longer supports python 3.5, atlassian_jwt_auth.contrib.aiohttp provides drop-in replacements for the components that perform HTTP requests, so that they use aiohttp instead of requests:

import atlassian_jwt_auth.contrib.aiohttp

public_key_retriever = atlassian_jwt_auth.contrib.aiohttp.HTTPSPublicKeyRetriever('https://example.com')
verifier = atlassian_jwt_auth.contrib.aiohttp.JWTAuthVerifier(public_key_retriever)
verified_claims = await verifier.verify_jwt(a_jwt, 'audience')

Project details

These details have not been verified by PyPI

Project links

Development Status
- 4 - Beta
Environment
- Console
Intended Audience
- Developers
License
- OSI Approved :: MIT License
Operating System
- OS Independent
Programming Language

Release history Release notifications | RSS feed

This version

20.0.0

Nov 20, 2024

19.1.0

Nov 13, 2024

19.0.0

Jun 11, 2024

18.0.1

Jan 8, 2024

18.0.0

Jan 8, 2024

17.0.1

Jun 16, 2023

17.0.0

Jan 8, 2023

16.0.0

Nov 11, 2022

15.0.1

Aug 16, 2022

15.0.0

Jul 11, 2022

14.0.1

May 23, 2022

14.0.0

Mar 31, 2022

13.0.0

Oct 13, 2021

12.0.1

Oct 5, 2021

11.0.1

Jul 19, 2021

11.0.0

Jun 28, 2021

10.1.0

Feb 1, 2021

10.0.0

Jan 14, 2021

9.0.0

Nov 25, 2020

8.0.2

Nov 4, 2020

8.0.1

Sep 21, 2020

8.0.0

Jul 28, 2020

7.1.0

May 28, 2020

7.0.0

Feb 27, 2020

6.0.0

Feb 24, 2020

5.0.3

Oct 23, 2019

5.0.2

Jul 29, 2019

5.0.1

Mar 12, 2019

5.0.0

Mar 4, 2019

4.1.2

Feb 14, 2019

4.1.1

Sep 5, 2018

4.1.0

Aug 9, 2018

4.0.2

Jul 24, 2018

4.0.1

Jun 22, 2018

4.0.0

May 31, 2018

4.0.0.dev3 pre-release

May 31, 2018

3.6.0

May 7, 2018

3.5.0

Apr 20, 2018

3.4.0

Apr 9, 2018

3.3.1

Mar 22, 2018

3.3.0

Nov 29, 2017

3.2.2

Nov 24, 2017

3.2.2.dev1 pre-release

Nov 24, 2017

3.2.1

Nov 23, 2017

3.1.0

Oct 9, 2017

3.0.1

Aug 31, 2017

3.0.0

Jul 28, 2017

2.11.2

Jul 4, 2017

2.11.1

Jun 27, 2017

2.11.0

Apr 20, 2017

2.10.2

Apr 5, 2017

2.10.1

Mar 15, 2017

2.10.0

Jan 23, 2017

2.9.0

Jan 4, 2017

2.8.1

Oct 30, 2016

2.8.0

Aug 25, 2016

2.7.0

Aug 9, 2016

2.6.0

Jun 2, 2016

2.5.2

May 13, 2016

2.5.1

Mar 24, 2016

2.5.0

Mar 3, 2016

2.4.0

Feb 22, 2016

2.3.0

Feb 2, 2016

2.2.0

Jan 15, 2016

2.1.2.dev4 pre-release

Jan 15, 2016

2.1.1

Dec 8, 2015

2.1.1.dev5 pre-release

Dec 8, 2015

2.1.0

Oct 9, 2015

2.0.1.dev4 pre-release

Oct 8, 2015

2.0.1.dev3 pre-release

Oct 8, 2015

2.0.0

Oct 6, 2015

2.0.0.dev18 pre-release

Oct 6, 2015

2.0.0.dev17 pre-release

Oct 6, 2015

2.0.0.dev11 pre-release

Aug 19, 2015

1.0.9

Aug 19, 2015

1.0.9.dev4 pre-release

Aug 19, 2015

1.0.9.dev3 pre-release

Aug 19, 2015

1.0.9.dev2 pre-release

Aug 19, 2015

1.0.9.dev1 pre-release

Aug 19, 2015

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

atlassian_jwt_auth-20.0.0.tar.gz (44.2 kB view details)

Uploaded Nov 20, 2024 Source

Built Distribution

atlassian_jwt_auth-20.0.0-py2.py3-none-any.whl (54.3 kB view details)

Uploaded Nov 20, 2024 Python 2 Python 3

File details

Details for the file atlassian_jwt_auth-20.0.0.tar.gz.

File metadata

Download URL: atlassian_jwt_auth-20.0.0.tar.gz
Upload date: Nov 20, 2024
Size: 44.2 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/5.1.1 CPython/3.12.3

File hashes

Hashes for atlassian_jwt_auth-20.0.0.tar.gz
Algorithm	Hash digest
SHA256	`9efb773e62c26633ecbec7597848090694437df6581a5012c5b928c791a763a9`
MD5	`92418a3ff2f45ae08a454ff673b13fd9`
BLAKE2b-256	`215849c69405e72144128796db2035b4b8e766932410fb6b687f4aac8ce7563c`

See more details on using hashes here.

File details

Details for the file atlassian_jwt_auth-20.0.0-py2.py3-none-any.whl.

File metadata

Download URL: atlassian_jwt_auth-20.0.0-py2.py3-none-any.whl
Upload date: Nov 20, 2024
Size: 54.3 kB
Tags: Python 2, Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/5.1.1 CPython/3.12.3

File hashes

Hashes for atlassian_jwt_auth-20.0.0-py2.py3-none-any.whl
Algorithm	Hash digest
SHA256	`9da90861453693a24834475583bfa93210521b6feff375c86926b6bead282fc1`
MD5	`e8207407e438ae621e9fddade4e5d0b3`
BLAKE2b-256	`e6b6f6e4c9c9ca9b52648b6e84b843c1437377d2f52a1cc69f653f75db13f3f4`