Python implementation of the Atlassian Service to Service Authentication specification.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for asecurityteam from gravatar.com asecurityteam Avatar for dblack from gravatar.com dblack Avatar for mbertrand80 from gravatar.com mbertrand80

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
Classifiers
Report project as malware

Project description

https://img.shields.io/travis/atlassian/asap-authentication-python/master.svg?label=Linux%20build%20%40%20Travis%20CI https://img.shields.io/pypi/v/atlassian-jwt-auth.svg

This package provides an implementation of the Service to Service Authentication specification.

Installation

To install simply run

$ pip install atlassian-jwt-auth

Using this library

To create a JWT for authentication

import atlassian_jwt_auth


signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
a_jwt = signer.generate_jwt('audience')

To create a JWT using a file on disk in the conventional location

Each time you call generate_jwt this will find the latest active key file (ends with .pem) and use it to generate your JWT.

import atlassian_jwt_auth


signer = atlassian_jwt_auth.create_signer_from_file_private_key_repository('issuer', '/opt/jwtprivatekeys')
a_jwt = signer.generate_jwt('audience')

To create a JWT using a data uri

import atlassian_jwt_auth
from atlassian_jwt_auth.key import DataUriPrivateKeyRetriever

key_id, private_key_pem = DataUriPrivateKeyRetriever('Your base64 encoded data uri').load('issuer')
signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
a_jwt = signer.generate_jwt('audience')

To make an authenticated HTTP request

If you use the atlassian_jwt_auth.contrib.requests.JWTAuth provider, you can automatically generate JWT tokens when using the requests library to perform authenticated HTTP requests.

import atlassian_jwt_auth
from atlassian_jwt_auth.contrib.requests import JWTAuth

signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
response = requests.get(
    'https://your-url',
    auth=JWTAuth(signer, 'audience')
)

One can also use atlassian_jwt_auth.contrib.aiohttp.JWTAuth to authenticate aiohttp requests:

import aiohttp

import atlassian_jwt_auth
from atlassian_jwt_auth.contrib.aiohttp import JWTAuth

signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)

async with aiohttp.ClientSession() as session:
    async with session.get('https://your-url',
                           auth=JWTAuth(signer, 'audience')) as resp:
        ...

If you want to reuse tokens that have the same claim within their period of validity then pass through reuse_jwts=True when calling create_signer. For example:

import atlassian_jwt_auth
from atlassian_jwt_auth.contrib.requests import JWTAuth

signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem, reuse_jwts=True)
response = requests.get(
    'https://your-url',
    auth=JWTAuth(signer, 'audience')
)

To verify a JWT

import atlassian_jwt_auth

public_key_retriever = atlassian_jwt_auth.HTTPSPublicKeyRetriever('https://example.com')
verifier = atlassian_jwt_auth.JWTAuthVerifier(public_key_retriever)
verified_claims = verifier.verify_jwt(a_jwt, 'audience')

For Python versions starting from Python 3.5 atlassian_jwt_auth.contrib.aiohttp provides drop-in replacements for the components that perform HTTP requests, so that they use aiohttp instead of requests:

import atlassian_jwt_auth.contrib.aiohttp

public_key_retriever = atlassian_jwt_auth.contrib.aiohttp.HTTPSPublicKeyRetriever('https://example.com')
verifier = atlassian_jwt_auth.contrib.aiohttp.JWTAuthVerifier(public_key_retriever)
verified_claims = await verifier.verify_jwt(a_jwt, 'audience')

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for asecurityteam from gravatar.com asecurityteam Avatar for dblack from gravatar.com dblack Avatar for mbertrand80 from gravatar.com mbertrand80

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
Classifiers

Release history Release notifications | RSS feed

22.0.0

21.0.1.dev3 pre-release yanked

Reason this release was yanked:

not needed

21.0.0

20.0.0

19.1.0

19.0.0

18.0.1

18.0.0

17.0.1

17.0.0

16.0.0

15.0.1

15.0.0

14.0.1

14.0.0

13.0.0

12.0.1

11.0.1

11.0.0

10.1.0

10.0.0

9.0.0

8.0.2

8.0.1

8.0.0

7.1.0

7.0.0

This version

6.0.0

5.0.3

5.0.2

5.0.1

5.0.0

4.1.2

4.1.1

4.1.0

4.0.2

4.0.1

4.0.0

4.0.0.dev3 pre-release

3.6.0

3.5.0

3.4.0

3.3.1

3.3.0

3.2.2

3.2.2.dev1 pre-release

3.2.1

3.1.0

3.0.1

3.0.0

2.11.2

2.11.1

2.11.0

2.10.2

2.10.1

2.10.0

2.9.0

2.8.1

2.8.0

2.7.0

2.6.0

2.5.2

2.5.1

2.5.0

2.4.0

2.3.0

2.2.0

2.1.2.dev4 pre-release

2.1.1

2.1.1.dev5 pre-release

2.1.0

2.0.1.dev4 pre-release

2.0.1.dev3 pre-release

2.0.0

2.0.0.dev18 pre-release

2.0.0.dev17 pre-release

2.0.0.dev11 pre-release

1.0.9

1.0.9.dev4 pre-release

1.0.9.dev3 pre-release

1.0.9.dev2 pre-release

1.0.9.dev1 pre-release

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

atlassian-jwt-auth-6.0.0.tar.gz (33.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

atlassian_jwt_auth-6.0.0-py2.py3-none-any.whl (49.0 kB view details)

Uploaded Python 2Python 3

File details

Details for the file atlassian-jwt-auth-6.0.0.tar.gz.

File metadata

  • Download URL: atlassian-jwt-auth-6.0.0.tar.gz
  • Upload date:
  • Size: 33.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/45.2.0 requests-toolbelt/0.9.1 tqdm/4.43.0 CPython/3.7.5

File hashes

Hashes for atlassian-jwt-auth-6.0.0.tar.gz
Algorithm Hash digest
SHA256 4e2625d7ea3619f06b4c59f1a127c4f5f4b7537e285166fb83129378938287ca
MD5 85f1d81cee703856e257dd6a51e3af25
BLAKE2b-256 ad61401fd91db6a757675e3635c2b2cf447beb5fe7149da16df88cf8a8a6144b

See more details on using hashes here.

File details

Details for the file atlassian_jwt_auth-6.0.0-py2.py3-none-any.whl.

File metadata

  • Download URL: atlassian_jwt_auth-6.0.0-py2.py3-none-any.whl
  • Upload date:
  • Size: 49.0 kB
  • Tags: Python 2, Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/45.2.0 requests-toolbelt/0.9.1 tqdm/4.43.0 CPython/3.7.5

File hashes

Hashes for atlassian_jwt_auth-6.0.0-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 70379f7e981129ed3a7337bac36ef4e7df980f57e78128c4f0fb91bb77a1e524
MD5 69702dc2c5cd47f6e85dc4e243090c01
BLAKE2b-256 8deda520ef251ac554086d1c591f74c18cb881bb9e23651a0afee58f5050ffbe

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page