Skip to main content

OpenStax authentication strategies

Project description

auth-python

Build Status

A Python package with strategies for reading OpenStax authentication cookies.

Usage

pip install oxauth

from oxauth import Strategy2

strategy = Strategy2(
    signature_public_key="-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----"
    signature_algorithm="RS256",
    encryption_private_key="encryption_private_key_here",
    encryption_algorithm="A256GCM",
    encryption_method="dir"
)

payload = strategy.decrypt(cookie) # cookie is the body of the auth cookie

payload.user_uuid # this is the user's UUID

Note that the part that is hidden above is the signature private key, without which others cannot forge a cookie value.

If the cookie is bad or the keys don't work on it, the payload will have value None.

Development

All development is done inside a docker container. From your host running Docker, in this directory run:

$> docker-compose up -d
%> ./docker/bash

This will drop you into the running container

Run tests

From within the container, you can run tests with:

$ /code> python -m pytest

For debugging, you can use ipdb, e.g.

import ipdb; ipdb.set_trace()

When running tests with the debugger make sure to use the -s option to prevent pytest from capturing output.

$> python -m pytest -s tests -k 'test_decrypts'

Note that pytest is also on the PATH so you can call it directly.

Distributing

From within the container, build the distributions:

$> python setup.py sdist bdist_wheel

To upload:

$> python -m twine upload dist/*

Note on names

We started naming the package openstax_auth but there seems to be weirdness in how different parts of the Python tooling replace underscores with hyphens. We want the package name to be simple and not confusing on import so we shortened to oxauth.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for oxauth, version 0.0.2
Filename, size File type Python version Upload date Hashes
Filename, size oxauth-0.0.2-py3-none-any.whl (4.0 kB) File type Wheel Python version py3 Upload date Hashes View
Filename, size oxauth-0.0.2.tar.gz (2.9 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page