Authenticated and encrypted API tokens using modern crypto

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for tuupola from gravatar.com tuupola

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT License (MIT)

Author: Mika Tuupola

Maintainer: Mika Tuupola

Tags api, token, jwt, xchacha20, poly1305

Classifiers

Project description

Branca Tokens for Python

Authenticated and encrypted API tokens using modern crypto.

Latest Version Software License Build Status Coverage

What?

Branca is a secure easy to use token format which makes it hard to shoot yourself in the foot. It uses IETF XChaCha20-Poly1305 AEAD symmetric encryption to create encrypted and tamperproof tokens. Payload itself is an arbitrary sequence of bytes. You can use for example a JSON object, plain text string or even binary data serialized by MessagePack or Protocol Buffers.

Although not a design goal, it is possible to use Branca as an alternative to JWT.

Install

Install the library using pip. Note that you also must have libsodium installed.

$ brew install libsodium
$ pip install pybranca

Usage

The payload of the token can be anything, like a simple string.

import secrets
from branca import Branca

key = secrets.token_bytes(32)
branca = Branca(key)

token = branca.encode("Hello world!")
payload = branca.decode(token)

print(token)
print(payload)

# 87xqn4ACMhqDZvoNuO0pXykuDlCwRz4Vg7LS3klfHpTiOUw1ramOqfWoaA6bvsGwOQ49MDFOERU0T
# b'Hello world!'

For more complicated data structures JSON is an usual choice.

import json
import secrets
from branca import Branca

key = secrets.token_bytes(32)
branca = Branca(key)

string = json.dumps({"scope" : ["read", "write", "delete"]})

token = branca.encode(string)
payload = branca.decode(token)

print(token)
print(payload)
print(json.loads(payload))

# 6AlLJaBIFpXbwKTFsI3xXsk4se8YsdEKOtxYwtYDQHpoqabwZzmxAUS99BLxBJpmfJqnJ9VvzJYO1FXfsX78d0YsvTe43opYbUPgUao0EGV5qBli
# b'{"scope": ["read", "write", "delete"]}'
# {'scope': ['read', 'write', 'delete']}

By using MessagePack you can have more compact tokens.

import msgpack
from branca import Branca

key = secrets.token_bytes(32)
branca = Branca(key)

packed = msgpack.dumps({"scope" : ["read", "write", "delete"]})

token = branca.encode(packed)
payload = branca.decode(token)

print(token)
print(payload)
print(msgpack.loads(payload, raw=False))

# 3iJOQqw5CWjCRRDnsd7Jh4dfsyf7a4qbuEO0uT8MBEvnMVaR8rOW4dFKBVFKKgxZkVlNchGJSIgPdHtHIM4rF4mZYsriTE37
# b'\x81\xa5scope\x93\xa4read\xa5write\xa6delete'
# {'scope': ['read', 'write', 'delete']}

License

The MIT License (MIT). Please see License File for more information.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for tuupola from gravatar.com tuupola

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT License (MIT)

Author: Mika Tuupola

Maintainer: Mika Tuupola

Tags api, token, jwt, xchacha20, poly1305

Classifiers

Release history Release notifications | RSS feed

This version

0.5.0

0.4.0

0.3.0

0.2.0

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pybranca-0.5.0.tar.gz (5.9 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page