Skip to main content

OpenStax authentication strategies

Project description

auth-python

Build Status

A Python package with strategies for reading OpenStax authentication cookies.

Usage

pip install oxauth

from oxauth import Strategy2

strategy = Strategy2(
    signature_public_key="-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----"
    signature_algorithm="RS256",
    encryption_private_key="encryption_private_key_here",
    encryption_algorithm="A256GCM",
    encryption_method="dir"
)

payload = strategy.decrypt(cookie) # cookie is the body of the auth cookie

payload.user_uuid # this is the user's UUID

Note that the part that is hidden above is the signature private key, without which others cannot forge a cookie value.

If the cookie is bad or the keys don't work on it, the payload will have value None.

Development

All development is done inside a docker container. From your host running Docker, in this directory run:

$> docker-compose up -d
%> ./docker/bash

This will drop you into the running container

Run tests

From within the container, you can run tests with:

$ /code> python -m pytest

For debugging, you can use ipdb, e.g.

import ipdb; ipdb.set_trace()

When running tests with the debugger make sure to use the -s option to prevent pytest from capturing output.

$> python -m pytest -s tests -k 'test_decrypts'

Note that pytest is also on the PATH so you can call it directly.

Distributing

From within the container, build the distributions:

$> python setup.py sdist bdist_wheel

To upload:

$> python -m twine upload dist/*

Note on names

We started naming the package openstax_auth but there seems to be weirdness in how different parts of the Python tooling replace underscores with hyphens. We want the package name to be simple and not confusing on import so we shortened to oxauth.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

oxauth-0.0.2.tar.gz (2.9 kB view details)

Uploaded Source

Built Distribution

oxauth-0.0.2-py3-none-any.whl (4.0 kB view details)

Uploaded Python 3

File details

Details for the file oxauth-0.0.2.tar.gz.

File metadata

  • Download URL: oxauth-0.0.2.tar.gz
  • Upload date:
  • Size: 2.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/45.2.0 requests-toolbelt/0.9.1 tqdm/4.43.0 CPython/3.7.6

File hashes

Hashes for oxauth-0.0.2.tar.gz
Algorithm Hash digest
SHA256 1729026c22257c2ff0d0b3d7f261b9ccb9e88273986e8a76c45a8b971649fcd3
MD5 8fa33d36e948f534b1d45e3b14e32260
BLAKE2b-256 3b4d7726c4b28bba9528a10a0b483c28695879dc84d8fcf2a81efb347dc424ad

See more details on using hashes here.

File details

Details for the file oxauth-0.0.2-py3-none-any.whl.

File metadata

  • Download URL: oxauth-0.0.2-py3-none-any.whl
  • Upload date:
  • Size: 4.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/45.2.0 requests-toolbelt/0.9.1 tqdm/4.43.0 CPython/3.7.6

File hashes

Hashes for oxauth-0.0.2-py3-none-any.whl
Algorithm Hash digest
SHA256 eee23bc761f70d17fd7dffdb48334252e1ceca29dbda928b2151ae574016adaa
MD5 ac52f2f7b80eaf87f2e58974c703664f
BLAKE2b-256 0401a170abe02f3dac54fb551cce85c246bd890cedd24d259429c0047c14661b

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page