Skip to main content

Generate, Sign and verify JWTs using GCP KMS.

Project description

GCP-JWT

GCP-JWT is a library to create and sign tokens using the Google Cloud Platform's Key Management Service. It handles the signing and verification of the token.

Key Features

  • Token Signage
  • Signature Verification
  • Expiry Verification

  • Auto Rotating Asymmetric Key
  • Batch Token Generation
  • Compression Option
  • Symmetrically Encrypted Layer
  • Pretty API

GCP Roles Needed

To be able to use this library you'll need a GCP service account with at least the following roles:

  • cloudkms.cryptoKeyVersions.list
  • cloudkms.cryptoKeyVersions.useToSign
  • cloudkms.cryptoKeyVersions.viewPublicKey

Why not using GCP integrated auth ?

Some projects require more flexibility, I've also personally came across a case where a company didn't want Google to manage the authentication process. Whether or not this should be used in production is outside the scope of this project.

Simple Usage

from google.cloud import kms

from gcpjwt.jwt import JWT
from gcpjwt.jwt_signer import JWTSigner

# Create a client using a json file and initialise an asymmetric signer.
client = kms.KeyManagementServiceClient.from_service_account_file('../resources/google.json')
signer = JWTSigner(client, 'your-project', 'your-ring-location')

# Create a simple JWT without changing any claims.
jwt = JWT(signer, 'your-ring', 'your-key')
text_token = jwt.token()

Install

pip install gcp-jwt

Note: This project uses the cryptography package which needs to install natives. It might not be compatible with App Engine Standard because of the limited libraries allowed.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

gcp-jwt-0.1.9.tar.gz (4.5 kB view details)

Uploaded Source

Built Distribution

gcp_jwt-0.1.9-py3-none-any.whl (17.8 kB view details)

Uploaded Python 3

File details

Details for the file gcp-jwt-0.1.9.tar.gz.

File metadata

  • Download URL: gcp-jwt-0.1.9.tar.gz
  • Upload date:
  • Size: 4.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.22.0 setuptools/42.0.1 requests-toolbelt/0.9.1 tqdm/4.39.0 CPython/3.6.8

File hashes

Hashes for gcp-jwt-0.1.9.tar.gz
Algorithm Hash digest
SHA256 c5b08d5d188c90b5a4b4a55011c2e9d6e3399eaca9ea731b21747145d6456a4f
MD5 740ff68f9f825fa5ca81bd8f26f55b9b
BLAKE2b-256 62779a3cb74a0083611cc9a17fc83305ebd4bd2f7fa225c197c87167f17eca58

See more details on using hashes here.

File details

Details for the file gcp_jwt-0.1.9-py3-none-any.whl.

File metadata

  • Download URL: gcp_jwt-0.1.9-py3-none-any.whl
  • Upload date:
  • Size: 17.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.22.0 setuptools/42.0.1 requests-toolbelt/0.9.1 tqdm/4.39.0 CPython/3.6.8

File hashes

Hashes for gcp_jwt-0.1.9-py3-none-any.whl
Algorithm Hash digest
SHA256 0d06fd2e55219dedd07c5ff5757a0d8bea77f2c13a56488714901d8131b3506b
MD5 2918124161ebd2f84728742da49412ec
BLAKE2b-256 4ded39ac09a16e638f13d53488791692dcad010ac34eb23037dcfc3e671056cc

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page