Skip to main content

A library to sign and verify OpenBadges

Project description

OpenBadgesLib

CI PyPI Python License

A Python library and CLI for signing and verifying Open Badges embedded in SVG and PNG image files. It supports both OpenBadges 2.0 (JWS compact serialisation) and OpenBadges 3.0 (W3C Verifiable Credentials / JWT-VC).

Features

  • Sign badge images (SVG and PNG) with a JWS assertion (OB 2.0)
  • Issue and verify OpenBadges 3.0 JWT-VC credentials
  • Bake OB 3.0 JWT tokens into SVG and PNG badge images
  • RSA 2048-bit (RS256) and ECC NIST P-256 (ES256) key support
  • SHA-256 hashed recipient identity with salt (OB 2.0)
  • Expiration and revocation checking
  • Five command-line tools included

Requirements

Installation

pip install openbadgeslib

All dependencies are installed automatically. For a development checkout with the test suite and linters:

pip install -e ".[dev]"

Quick Start

# 1. Initialize a configuration directory
openbadges-init ./config/

# 2. Generate a key pair for a badge
openbadges-keygenerator -c ./config/config.ini -g 1

# 3a. Sign a badge — OpenBadges 2.0 (default)
openbadges-signer -c ./config/config.ini -b 1 -r recipient@example.com -o /tmp/ -E

# 3b. Sign a badge — OpenBadges 3.0
openbadges-signer -c ./config/config.ini -b 1 -r recipient@example.com -o /tmp/ -E -V 3

# 4a. Verify — OpenBadges 2.0 (pin a trusted key with -l/--local or -k/--pubkey)
openbadges-verifier -i /tmp/badge_1_recipient@example.com.svg \
    -r recipient@example.com -l 1

# 4b. Verify — OpenBadges 3.0
openbadges-verifier -i /tmp/badge_1_recipient@example.com.svg \
    -r recipient@example.com -V 3 -k ./config/keys/verify_rsa_key_1.pem

See the Quick Start and CLI Reference wiki pages for the full walkthrough and every flag.

Using the library — OpenBadges 2.0

from openbadgeslib.ob2 import Badge, BadgeImgType, BadgeType, Signer
from openbadgeslib.keys import KeyType

with open('sign.pem', 'rb') as f:
    priv_pem = f.read()
with open('verify.pem', 'rb') as f:
    pub_pem = f.read()
with open('badge.svg', 'rb') as f:
    image = f.read()

badge = Badge(
    ini_name='my_badge',
    name='My Badge',
    description='Awarded for excellence',
    image_type=BadgeImgType.SVG,
    image=image,
    image_url='https://example.com/badge.svg',
    criteria_url='https://example.com/criteria.html',
    json_url='https://example.com/badge.json',
    verify_key_url='https://example.com/verify.pem',
    key_type=KeyType.RSA,
    privkey_pem=priv_pem,
    pubkey_pem=pub_pem,
)

signer = Signer(identity='recipient@example.com', badge_type=BadgeType.SIGNED)
signed = signer.sign_badge(badge)
signed.save_to_file('/tmp/signed_badge.svg')

Using the library — OpenBadges 3.0 (JWT-VC)

from openbadgeslib.ob3 import (
    Issuer, Achievement, OpenBadgeCredential, OB3Signer, OB3Verifier,
)

issuer = Issuer(id='https://example.com/issuer', name='Example Org')
achievement = Achievement(
    id='https://example.com/achievements/python',
    name='Python Developer',
    description='Awarded for Python proficiency',
    criteria_narrative='Must pass the Python assessment',
)
credential = OpenBadgeCredential(
    issuer=issuer,
    recipient_id='mailto:recipient@example.com',
    achievement=achievement,
)

with open('sign.pem', 'rb') as f:
    priv_pem = f.read()
signer = OB3Signer(privkey_pem=priv_pem, algorithm='RS256')

# Bake the signed JWT-VC into a badge image
with open('badge.svg', 'rb') as f:
    baked_svg = signer.sign_into_svg(credential, f.read())

# Verify
with open('verify.pem', 'rb') as f:
    verifier = OB3Verifier(pubkey_pem=f.read())
token = OB3Verifier.extract_token_from_svg(baked_svg)
restored = verifier.verify(token, expected_recipient='recipient@example.com')
print('Recipient:', restored.recipient_id)

Documentation

  • User & developer guide — the project Wiki: installation, configuration, concepts, the security model, CLI reference and how-to guides.
  • API reference — generated from the docstrings and published at luisgf.github.io/openbadgeslib.

Running the test suite

pytest
pytest --cov=openbadgeslib      # with coverage report
flake8 openbadgeslib tests      # lint
mypy                            # type check (config in pyproject.toml)

Changelog

See Changelog.txt for the full history, and the GitHub Releases page for release notes.

License

The library (openbadgeslib/ package) is licensed under the GNU Lesser General Public License v3 (LGPLv3). The command-line wrapper tools are licensed under the BSD 2-Clause license.

Authors

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

openbadgeslib-1.1.6.tar.gz (106.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

openbadgeslib-1.1.6-py3-none-any.whl (59.1 kB view details)

Uploaded Python 3

File details

Details for the file openbadgeslib-1.1.6.tar.gz.

File metadata

  • Download URL: openbadgeslib-1.1.6.tar.gz
  • Upload date:
  • Size: 106.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for openbadgeslib-1.1.6.tar.gz
Algorithm Hash digest
SHA256 ebd4e65fd9b353c7d520fd32f2887ee5ba48ee9d0e88b0b7ca2c199bbb0e4e44
MD5 a543bb054ca391e7042ad8fdf93ed742
BLAKE2b-256 41b4e8672b28f8c3490aaf08f028de24abd59cf54c0b212e403b3ce18899558f

See more details on using hashes here.

File details

Details for the file openbadgeslib-1.1.6-py3-none-any.whl.

File metadata

  • Download URL: openbadgeslib-1.1.6-py3-none-any.whl
  • Upload date:
  • Size: 59.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for openbadgeslib-1.1.6-py3-none-any.whl
Algorithm Hash digest
SHA256 9aabffc1b2116eed21ac08896d7044174104dcfa75017b2ee8adc40e02ad7ca2
MD5 d19d89d81296d26a13060df1b89f8ea4
BLAKE2b-256 7eed324dbc34a6848a853175ce7bf0cbd98301933cfce441c189e8ec83c9c931

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page