MAuth Client for Python
Project description
MAuth Client Python
MAuth Client Python is an authentication library to manage the information needed to both sign and authenticate requests and responses for Medidata's MAuth authentication system.
Pre-requisites
To use MAuth Authenticator you will need:
- An MAuth app ID
- An MAuth private key (with the public key registered with Medidata's MAuth server)
Installation
To resolve packages using pip, add the following to ~/.pip/pip.conf:
[global]
index-url = https://<username>:<password>@mdsol.jfrog.io/mdsol/api/pypi/pypi-packages/simple/
Install using pip:
$ pip install mauth-client
Or directly from GitHub:
$ pip install git+https://github.com/mdsol/mauth-client-python.git
This will also install the dependencies.
To resolve using a requirements file, the index URL can be specified in the first line of the file:
--index-url https://<username>:<password>@mdsol.jfrog.io/mdsol/api/pypi/pypi-packages/simple/
mauth-client==<latest version>
Usage
Signing Outgoing Requests
import requests
from mauth_client.requests_mauth import MAuth
# MAuth configuration
APP_UUID = "<MAUTH_APP_UUID>"
private_key = open("private.key", "r").read()
mauth = MAuth(APP_UUID, private_key)
# Call an MAuth protected resource, in this case an iMedidata API
# listing the studies for a particular user
user_uuid = "10ac3b0e-9fe2-11df-a531-12313900d531"
url = "https://innovate.imedidata.com/api/v2/users/{}/studies.json".format(user_uuid)
# Make the requests call, passing the auth client
result = requests.get(url, auth=mauth)
# Print results
if result.status_code == 200:
print([r["uuid"] for r in result.json()["studies"]])
print(result.text)
The mauth_sign_versions
option can be set as an environment variable to specify protocol versions to sign outgoing requests:
Key | Value |
---|---|
MAUTH_SIGN_VERSIONS |
(optional) Comma-separated protocol versions to sign requests. Defaults to v1 . |
This option can also be passed to the constructor:
mauth_sign_versions = "v1,v2"
mauth = MAuth(APP_UUID, private_key, mauth_sign_versions)
Authenticating Incoming Requests
MAuth Client Python supports AWS Lambda functions and Flask applications to authenticate MAuth signed requests.
The following variables are required to be configured in the environment variables:
Key | Value |
---|---|
APP_UUID |
APP_UUID for the AWS Lambda function |
PRIVATE_KEY |
Encrypted private key for the APP_UUID |
MAUTH_URL |
MAuth service URL (e.g. https://mauth-innovate.imedidata.com) |
The following variables can optionally be set in the environment variables:
Key | Value |
---|---|
MAUTH_API_VERSION |
(optional) MAuth API version. Only v1 exists as of this writing. Defaults to v1 . |
MAUTH_MODE |
(optional) Method to authenticate requests. local or remote . Defaults to local . |
V2_ONLY_AUTHENTICATE |
(optional) Authenticate requests with only V2. Defaults to False . |
AWS Lambda functions
from mauth_client.lambda_authenticator import LambdaAuthenticator
authenticator = LambdaAuthenticator(method, url, headers, body)
authentic, status_code, message = authenticator.is_authentic()
app_uuid = authenticator.get_app_uuid()
Flask applications
You will need to create an application instance and initialize it with FlaskAuthenticator:
from flask import Flask
from mauth_client.flask_authenticator import FlaskAuthenticator
app = Flask("Some Sample App")
authenticator = FlaskAuthenticator()
authenticator.init_app(app)
To specify routes that need to be authenticated use the requires_authentication
decorator:
from flask import Flask
from mauth_client.flask_authenticator import requires_authentication
@app.route("/some/private/route", methods=["GET"])
@requires_authentication
def private_route():
return "Wibble"
@app.route("/app_status", methods=["GET"])
def app_status():
return "OK"
Contributing
See CONTRIBUTING
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for mauth_client-1.2.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 9a2b34c6b1d59ca4d1afd8feb73434f57dc58efdcdfb14037db6c1e7efb53877 |
|
MD5 | da53325a2ee5de6b9e34790f43c5949f |
|
BLAKE2b-256 | 90c86476271f638dc1fc2c18242184f302f33dda1b786473472b9a6436ccc7bb |