Skip to main content

A library to sign and verify OpenBadges

Project description

OpenBadgesLib

CI PyPI Python License

A Python library and CLI for signing and verifying Open Badges embedded in SVG and PNG image files. It supports both OpenBadges 2.0 (JWS compact serialisation) and OpenBadges 3.0 (W3C Verifiable Credentials / JWT-VC).

Features

  • Sign badge images (SVG and PNG) with a JWS assertion (OB 2.0)
  • Issue and verify OpenBadges 3.0 JWT-VC credentials
  • Bake OB 3.0 JWT tokens into SVG and PNG badge images
  • RSA 2048-bit (RS256) and ECC NIST P-256 (ES256) key support
  • SHA-256 hashed recipient identity with salt (OB 2.0)
  • Expiration and revocation checking
  • Five command-line tools included

Requirements

Installation

pip install openbadgeslib

All dependencies are installed automatically. For a development checkout with the test suite and linters:

pip install -e ".[dev]"

Quick Start

# 1. Initialize a configuration directory
openbadges-init ./config/

# 2. Generate a key pair for a badge
openbadges-keygenerator -c ./config/config.ini -g 1

# 3a. Sign a badge — OpenBadges 2.0 (default)
openbadges-signer -c ./config/config.ini -b 1 -r recipient@example.com -o /tmp/ -E

# 3b. Sign a badge — OpenBadges 3.0
openbadges-signer -c ./config/config.ini -b 1 -r recipient@example.com -o /tmp/ -E -V 3

# 4a. Verify — OpenBadges 2.0 (pin a trusted key with -l/--local or -k/--pubkey)
openbadges-verifier -i /tmp/badge_1_recipient@example.com.svg \
    -r recipient@example.com -l 1

# 4b. Verify — OpenBadges 3.0
openbadges-verifier -i /tmp/badge_1_recipient@example.com.svg \
    -r recipient@example.com -V 3 -k ./config/keys/verify_rsa_key_1.pem

See the Quick Start and CLI Reference wiki pages for the full walkthrough and every flag.

Using the library — OpenBadges 2.0

from openbadgeslib.ob2 import Badge, BadgeImgType, BadgeType, Signer
from openbadgeslib.keys import KeyType

with open('sign.pem', 'rb') as f:
    priv_pem = f.read()
with open('verify.pem', 'rb') as f:
    pub_pem = f.read()
with open('badge.svg', 'rb') as f:
    image = f.read()

badge = Badge(
    ini_name='my_badge',
    name='My Badge',
    description='Awarded for excellence',
    image_type=BadgeImgType.SVG,
    image=image,
    image_url='https://example.com/badge.svg',
    criteria_url='https://example.com/criteria.html',
    json_url='https://example.com/badge.json',
    verify_key_url='https://example.com/verify.pem',
    key_type=KeyType.RSA,
    privkey_pem=priv_pem,
    pubkey_pem=pub_pem,
)

signer = Signer(identity='recipient@example.com', badge_type=BadgeType.SIGNED)
signed = signer.sign_badge(badge)
signed.save_to_file('/tmp/signed_badge.svg')

Using the library — OpenBadges 3.0 (JWT-VC)

from openbadgeslib.ob3 import (
    Issuer, Achievement, OpenBadgeCredential, OB3Signer, OB3Verifier,
)

issuer = Issuer(id='https://example.com/issuer', name='Example Org')
achievement = Achievement(
    id='https://example.com/achievements/python',
    name='Python Developer',
    description='Awarded for Python proficiency',
    criteria_narrative='Must pass the Python assessment',
)
credential = OpenBadgeCredential(
    issuer=issuer,
    recipient_id='mailto:recipient@example.com',
    achievement=achievement,
)

with open('sign.pem', 'rb') as f:
    priv_pem = f.read()
signer = OB3Signer(privkey_pem=priv_pem, algorithm='RS256')

# Bake the signed JWT-VC into a badge image
with open('badge.svg', 'rb') as f:
    baked_svg = signer.sign_into_svg(credential, f.read())

# Verify
with open('verify.pem', 'rb') as f:
    verifier = OB3Verifier(pubkey_pem=f.read())
token = OB3Verifier.extract_token_from_svg(baked_svg)
restored = verifier.verify(token, expected_recipient='recipient@example.com')
print('Recipient:', restored.recipient_id)

Documentation

  • User & developer guide — the project Wiki: installation, configuration, concepts, the security model, CLI reference and how-to guides.
  • API reference — generated from the docstrings and published at luisgf.github.io/openbadgeslib.

Running the test suite

pytest
pytest --cov=openbadgeslib      # with coverage report
flake8 openbadgeslib tests      # lint
mypy                            # type check (config in pyproject.toml)

Changelog

See Changelog.txt for the full history, and the GitHub Releases page for release notes.

License

The library (openbadgeslib/ package) is licensed under the GNU Lesser General Public License v3 (LGPLv3). The command-line wrapper tools are licensed under the BSD 2-Clause license.

Authors

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

openbadgeslib-1.2.0.tar.gz (119.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

openbadgeslib-1.2.0-py3-none-any.whl (68.3 kB view details)

Uploaded Python 3

File details

Details for the file openbadgeslib-1.2.0.tar.gz.

File metadata

  • Download URL: openbadgeslib-1.2.0.tar.gz
  • Upload date:
  • Size: 119.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for openbadgeslib-1.2.0.tar.gz
Algorithm Hash digest
SHA256 5d910d53b130c1717c15378e05c81d03a32363a4a8cee938e41e91e907ccba35
MD5 f901ae641732b9c2106200d3ce8870b4
BLAKE2b-256 f7b0757eacfb8b4bdbcd290f2d21b532fe5e2f2567235e779cda7917e76a7de9

See more details on using hashes here.

File details

Details for the file openbadgeslib-1.2.0-py3-none-any.whl.

File metadata

  • Download URL: openbadgeslib-1.2.0-py3-none-any.whl
  • Upload date:
  • Size: 68.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for openbadgeslib-1.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 2b62d58ecb9f6e1860a5d7042128be53c1e8a8ba9c382202207d0990f2b4c7c6
MD5 38288cca0d6a5ea41560535be26e0857
BLAKE2b-256 e31ad34729190eb366627e0de28073e9481360d1d3e9c7532b41c19a3a5031e8

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page