Add your description here

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for dhilipsiva from gravatar.com dhilipsiva

Unverified details

These details have not been verified by PyPI
Meta
Report project as malware

Project description

nf_ndc_connect_public

One Logic, Three Platforms. This library provides a unified, secure, and high-performance Identity Provider (IDP) Claims & Authorization helper. It is written in Rust and compiled for:

  • Rust (Native Crate)
  • Python (via PyO3)
  • Node.js / Web (via Wasm-Pack)

It handles JWT validation, Role-Based Access Control (RBAC) checks, and parsing of complex IDP organization trees efficiently by parsing the token once into a context object.

📦 Installation

🦀 Rust

cargo add nf_ndc_connect_public

🐍 Python

pip install nf_ndc_connect_public

📦 Node.js (npm)

npm install @dhilipsiva/nf_ndc_connect_public

🔑 Organization Context & Auto-Resolution

New in this version: The library now uses a Context Object Pattern. You validate the JWT once to get a User object, which holds the parsed state.

When checking roles or permissions on this User object:

  • Explicit Context: If you provide an group_id (Organization ID), checks are performed strictly against that organization.
  • Auto-Resolution: If you omit group_id (pass None / null):
  • If the user belongs to exactly one organization, that organization is used automatically.
  • If the user belongs to multiple organizations (or zero), the function returns an Error (Ambiguous Context).

🚀 Usage

🐍 Python Example

In Python, helper.validate(jwt) returns a CasdoorUser object. All checks are performed on this object.

from nf_ndc_connect_public import IdpAuthHelper
import json

# 1. Initialize
with open("cert.pem", "r") as f:
    public_key = f.read()

helper = IdpAuthHelper(public_key)
raw_jwt = "eyJhbGciOiJ..."

# 2. Parse User Context
try:
    user = helper.validate(raw_jwt)
except ValueError as e:
    print(f"❌ Validation failed: {e}")
    exit(1)

# 3. Check Single Role/Permission (Explicit Context)
group_id = "dhilipsiva_dev/nf-apex"
if user.has_role("nf-apex-adm", group_id):
    print("User is Admin!")

# 4. Check Multiple Permissions
# has_permissions = ALL must match (AND)
if user.has_permissions(["read", "write"], group_id):
    print("User has full R/W access")

# has_permissions_any = AT LEAST ONE must match (OR)
if user.has_permissions_any(["edit", "admin"], group_id):
    print("User has elevated privileges")

# 5. Get full authorization tree
print(json.loads(user.get_auth_summary()))

📦 Node.js / Web Example

In JavaScript/TypeScript, helper.validate(jwt) returns a CasdoorUser object.

import { IdpAuthHelper } from "@dhilipsiva/nf_ndc_connect_public";

const helper = new IdpAuthHelper(publicKey);
const user = helper.validate(rawJwt);

const groupId = "dhilipsiva_dev/nf-apex";

// 1. Single Check
if (user.hasPermission("write", groupId)) {
    console.log("Can write!");
}

// 2. Multiple Permissions (Exhaustive - AND)
// Returns true only if user has BOTH "read" AND "write"
if (user.hasPermissions(["read", "write"], groupId)) {
    console.log("Full Access");
}

// 3. Multiple Permissions (Iterative - OR)
// Returns true if user has EITHER "edit" OR "delete"
if (user.hasPermissionsAny(["edit", "delete"], groupId)) {
    console.log("Can modify content");
}

// 4. Auto-Resolution (Pass null for group)
try {
    user.hasPermissionsAny(["read"], null);
} catch (e) {
    console.error("Ambiguous Context:", e.message);
}

🦀 Rust Example

In Rust, helper.parse_user(jwt) returns a CasdoorUser struct.

use nf_ndc_connect_public::AuthHelper;

fn main() {
    let helper = AuthHelper::new(public_key).unwrap();
    let user = helper.parse_user(jwt).unwrap();
    
    let group = Some("dhilipsiva_dev/nf-apex");

    // 1. Single Check
    if user.has_permission("read", group).unwrap() {
        println!("Can read");
    }

    // 2. Multiple Checks (Vec<String>)
    let required = vec!["read".to_string(), "write".to_string()];
    
    // Check ALL
    if user.has_permissions(&required, group).unwrap() {
        println!("Has all permissions");
    }

    // Check ANY
    if user.has_permissions_any(&required, group).unwrap() {
        println!("Has at least one permission");
    }
}

🛠️ Development

This project uses Nix for a reproducible environment and Just for command automation.

Prerequisites

  1. Install Nix.
  2. Enable flakes.

Setup

nix develop

Build Commands (via just)

Command Description
just py-dev Build Python wheel in debug mode & install to venv
just py-build Build Python wheel for release
just wasm Build the Wasm package for Node.js/Web
just test Run standard Cargo tests

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for dhilipsiva from gravatar.com dhilipsiva

Unverified details

These details have not been verified by PyPI
Meta

Release history Release notifications | RSS feed

0.16.0

0.15.0

0.14.0

0.13.0

0.12.0

0.11.0

0.10.1

0.10.0

0.7.0

0.6.4

0.6.3

This version

0.6.1

0.6.0

0.5.5

0.5.4

0.5.3

0.5.2

0.5.1

0.5.0

0.4.1

0.4.0

0.3.3

0.3.2

0.3.1

0.3.0

0.2.2

0.2.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

nf_ndc_connect_public-0.6.1.tar.gz (28.4 kB view details)

Uploaded Source

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

nf_ndc_connect_public-0.6.1-cp314-cp314-macosx_11_0_arm64.whl (811.4 kB view details)

Uploaded CPython 3.14macOS 11.0+ ARM64

nf_ndc_connect_public-0.6.1-cp312-cp312-win_amd64.whl (724.4 kB view details)

Uploaded CPython 3.12Windows x86-64

nf_ndc_connect_public-0.6.1-cp312-cp312-manylinux_2_34_x86_64.whl (926.8 kB view details)

Uploaded CPython 3.12manylinux: glibc 2.34+ x86-64

File details

Details for the file nf_ndc_connect_public-0.6.1.tar.gz.

File metadata

  • Download URL: nf_ndc_connect_public-0.6.1.tar.gz
  • Upload date:
  • Size: 28.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for nf_ndc_connect_public-0.6.1.tar.gz
Algorithm Hash digest
SHA256 683e665e3f26f7af0c12b225d822702f7e37a91fe488108a6f03f2109d634fb5
MD5 eb4869808ae8a9c60c5e6c12da506941
BLAKE2b-256 b7c20074cb4e1fe5d6e254670454b22953b1757543e72f9f09ee2e998fc72b43

See more details on using hashes here.

Provenance

The following attestation bundles were made for nf_ndc_connect_public-0.6.1.tar.gz:

Publisher: release.yml on NuFlights/nf_ndc_connect_public

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file nf_ndc_connect_public-0.6.1-cp314-cp314-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for nf_ndc_connect_public-0.6.1-cp314-cp314-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 6ca731cdce9e56fa2da338c4b0fff1c9c28beb10d6b35cb8754e53238389a167
MD5 8413356e8753575ad3f2a4313db5018f
BLAKE2b-256 b8b4075be0d6b792684e4d8c0bad1c733e4b8b531ecd615d52d2d8533c1cacff

See more details on using hashes here.

Provenance

The following attestation bundles were made for nf_ndc_connect_public-0.6.1-cp314-cp314-macosx_11_0_arm64.whl:

Publisher: release.yml on NuFlights/nf_ndc_connect_public

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file nf_ndc_connect_public-0.6.1-cp312-cp312-win_amd64.whl.

File metadata

File hashes

Hashes for nf_ndc_connect_public-0.6.1-cp312-cp312-win_amd64.whl
Algorithm Hash digest
SHA256 2cffb2401bf95612410eec1aa464ce3b74d7962cb58478310ab47575c98a3254
MD5 e6b8767525689da11a3aa8020eb689a7
BLAKE2b-256 b67e8317f707b54807a519a5766325ed09cf2e41687313211141c47864b88fcb

See more details on using hashes here.

Provenance

The following attestation bundles were made for nf_ndc_connect_public-0.6.1-cp312-cp312-win_amd64.whl:

Publisher: release.yml on NuFlights/nf_ndc_connect_public

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file nf_ndc_connect_public-0.6.1-cp312-cp312-manylinux_2_34_x86_64.whl.

File metadata

File hashes

Hashes for nf_ndc_connect_public-0.6.1-cp312-cp312-manylinux_2_34_x86_64.whl
Algorithm Hash digest
SHA256 98c5a4e99eecd2980cbec0a3acadef976ba93d3d1e5e4385a9cafc38642f0ea4
MD5 52246e9d936b5c019534c9dccb528acb
BLAKE2b-256 8eb6c8861ffcd1e2e6a04e41f4537e5809f2e46673630dc881e9db8f3fb152a9

See more details on using hashes here.

Provenance

The following attestation bundles were made for nf_ndc_connect_public-0.6.1-cp312-cp312-manylinux_2_34_x86_64.whl:

Publisher: release.yml on NuFlights/nf_ndc_connect_public

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page