OIDC helper library

These details have not been verified by PyPI

Project links

Homepage

Project description

py-identity-model

WIP - OIDC helper library. This project is very immature and rough, so check back in periodically as more features and documentation are added.

TODO:

See GitHub issues

Inspired By:

Examples

Discovery

Only a subset of fields is currently mapped.

import os

from py_identity_model import DiscoveryDocumentRequest, get_discovery_document

DISCO_ADDRESS = os.environ["DISCO_ADDRESS"]
    
disco_doc_request = DiscoveryDocumentRequest(address=DISCO_ADDRESS)
disco_doc_response = get_discovery_document(disco_doc_request)    
print(disco_doc_response)

JWKs

import os

from py_identity_model import (
	DiscoveryDocumentRequest, 
   	get_discovery_document,
    JwksRequest, 
    get_jwks,
)

DISCO_ADDRESS = os.environ["DISCO_ADDRESS"]
    
disco_doc_request = DiscoveryDocumentRequest(address=DISCO_ADDRESS)
disco_doc_response = get_discovery_document(disco_doc_request)  

jwks_request = JwksRequest(address=disco_doc_response.jwks_uri)
jwks_response = get_jwks(jwks_request)
print(jwks_response)

Basic Token Validation

Token validation validates the signature of a JWT against the values provided from an OIDC discovery document. The function will throw an exception if the token is expired or signature validation fails.

If an alg value is not provided as part of the JWKs discovery document, RS256 is assumed.

import os

from py_oidc import PyOidcException, validate_token

DISCO_ADDRESS = os.environ["DISCO_ADDRESS"]

token = get_token() # Get the token in the manner best suited to your application

claims = validate_token(jwt=token, disco_doc_address)
print(claims)

Token Generation

The only current supported flow is the client_credentials flow. Load configuration parameters in the method your application supports. Environment variables are used here for demonstration purposes.

Example:

import os

from py_identity_model import (
    ClientCredentialsTokenRequest,
    request_client_credentials_token,
    get_discovery_document,
    DiscoveryDocumentRequest,
)

DISCO_ADDRESS = os.environ["DISCO_ADDRESS"]
CLIENT_ID = os.environ["CLIENT_ID"]
CLIENT_SECRET = os.environ["CLIENT_SECRET"]
SCOPE = os.environ["SCOPE"]

disco_doc_response = get_discovery_document(
    DiscoveryDocumentRequest(address=DISCO_ADDRESS)
)

client_creds_req = ClientCredentialsTokenRequest(
	client_id=CLIENT_ID,
    client_secret=CLIENT_SECRET,
    address=disco_doc_response.token_endpoint,
    scope=SCOPE,
)
client_creds_token = request_client_credentials_token(client_creds_req)
print(client_creds_token)

Project details

These details have not been verified by PyPI

Project links

Homepage

Release history Release notifications | RSS feed

0.13.0

Sep 14, 2024

0.12.1

Sep 6, 2024

0.12.0

Aug 25, 2024

0.11.5

Jul 9, 2024

0.11.4

Jun 21, 2024

0.11.3

Jun 17, 2024

0.11.2

Feb 24, 2024

0.11.1

Feb 24, 2024

0.11.0

Feb 11, 2024

0.10.0

Jun 9, 2021

0.9.0

Apr 21, 2021

0.8.2

Oct 30, 2024

0.8.1

Jan 25, 2021

0.8.0

Jul 21, 2020

0.7.0

Jul 19, 2020

0.6.0

Jul 19, 2020

0.5.0

Jul 5, 2020

0.4.0

Jul 5, 2020

0.3.0

Jul 5, 2020

This version

0.2.0

Jul 5, 2020

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

py_identity_model-0.2.0.tar.gz (4.2 kB view details)

Uploaded Jul 5, 2020 Source

File details

Details for the file py_identity_model-0.2.0.tar.gz.

File metadata

Download URL: py_identity_model-0.2.0.tar.gz
Upload date: Jul 5, 2020
Size: 4.2 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/47.3.1 requests-toolbelt/0.9.1 tqdm/4.47.0 CPython/3.7.7

File hashes

Hashes for py_identity_model-0.2.0.tar.gz
Algorithm	Hash digest
SHA256	`4c5bcef157c2395a19ef557d25aabd1051156c42a2ffcbae64a6d6d6119e35e8`
MD5	`cd0c690296fddb6da5915f1ceb608fef`
BLAKE2b-256	`ba97d3c9a93bfd71a5d279b00759b17d1fdc0221256cbfd318dde6a05ce20e4b`