Skip to main content

No project description provided

Project description

byu-jwt-python

A python JWT validator that does all the BYU specific stuff as well as handle caching well-known and cert fetching

Installation

pip install byu_jwt

API


Note: It is important to declare the handler at a global level. This allows the caching of the well-known data as well as using the cache-control headers on the certificates only re-fetching those when cache-control has timed out. Reinitializing the class object will negate any benefit of the caching


Instantiate the class and reuse the object to utilize caching:

import byu_jwt
byujwt = byu_jwt.JWT_Handler()

Check only if JWT is valid

assert byujwt.is_valid(jwt_to_validate)

Decode JWT and Check validity

try:
    jwt = byujwt.decode(jwt_to_validate)
    return f"Hello, {jwt['preferredFirstName']}"
except byu_jwt.exceptions.JWTVerifyError as ex_info:
    return "Invalid JWT"
except byu_jwt.exceptions.JWTHandlerError as ex_info:
    return "Error attempting to verify the jwt"

JWT Header Names

BYU's API Manager creates an HTTP header that contains a signed JWT. The names of the designed BYU signed headers can be referenced here for lookup convenience.

BYU_JWT_HEADER_CURRENT

The property containing the name of the HTTP header that contains the BYU signed JWT sent directly from BYU's API Manager.

Value is X-JWT-Assertion.

Example

current_jwt_header = byu_jwt.JWT_HEADER

BYU_JWT_HEADER_ORIGINAL

The property containing the name of the HTTP header that contains the BYU signed JWT forwarded on from a service that received the BYU signed JWT sent directly from BYU's API Manager.

Value is X-JWT-Assertion-Original.

Example

original_jwt_header = byu_jwt.JWT_HEADER_ORIGINAL

Example Python Lambda function that makes use of caching

import byu_jwt

byujwt = byu_jwt.JWT_Handler()

def handler(event, context):
    jwt_to_decode = event['headers'][byu_jwt.JWT_HEADER]
    try:
        jwt = byujwt.decode(jwt_to_validate)
        return {'statusCode': 200, 'body': f'Hello, {jwt["preferredFirstName"]}'}
    except byu_jwt.exceptions.JWTVerifyError as ex_info:
        return {'statusCode': 403, 'body': "Invalid JWT"}
    except byu_jwt.exceptions.JWTHandlerError as ex_info:
        return {'statusCode': 500, 'body': "Error attempting to verify the jwt"}

Example Decoded JWT Structure

{
  "iss": "https://api.byu.edu",
  "exp": 1545425710,
  "byu": {
    "client": {
      "byuId": "",
      "claimSource": "",
      "netId": "",
      "personId": "",
      "preferredFirstName": "",
      "prefix": "",
      "restOfName": "",
      "sortName": "",
      "subscriberNetId": "",
      "suffix": "",
      "surname": "",
      "surnamePosition": ""
    },
    "resourceOwner": {
      "byuId": "",
      "netId": "",
      "personId": "",
      "preferredFirstName": "",
      "prefix": "",
      "restOfName": "",
      "sortName": "",
      "suffix": "",
      "surname": "",
      "surnamePosition": ""
    }
  },
  "wso2": {
    "apiContext": "",
    "application": {
      "id": "",
      "name": "",
      "tier": ""
    },
    "clientId": "",
    "endUser": "",
    "endUserTenantId": "",
    "keyType": "",
    "subscriber": "",
    "tier": "",
    "userType": "",
    "version": ""
  }
}

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for byu-jwt, version 2.0.0
Filename, size File type Python version Upload date Hashes
Filename, size byu_jwt-2.0.0-py3-none-any.whl (21.5 kB) File type Wheel Python version py3 Upload date Hashes View hashes
Filename, size byu_jwt-2.0.0.tar.gz (8.2 kB) File type Source Python version None Upload date Hashes View hashes

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page