Python middleware adapter for Rampart IAM — JWT verification for FastAPI and Flask

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for manimgh from gravatar.com manimgh

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Requires: Python >=3.9
  • Provides-Extra: dev , fastapi , flask
Report project as malware

Project description

Rampart Python Middleware

JWT verification middleware for Rampart IAM server. Supports FastAPI and Flask.

Installation

# Core (PyJWT + cryptography)
pip install rampart-python

# With FastAPI support
pip install rampart-python[fastapi]

# With Flask support
pip install rampart-python[flask]

FastAPI

Basic Authentication

from fastapi import Depends, FastAPI
from rampart import RampartClaims
from rampart.fastapi import rampart_auth

app = FastAPI()
auth = rampart_auth("https://auth.example.com")

@app.get("/me")
async def me(claims: RampartClaims = Depends(auth)):
    return {
        "user_id": claims.sub,
        "email": claims.email,
        "roles": claims.roles,
    }

Role-Based Access Control

from rampart.fastapi import rampart_auth, require_roles_from_claims

auth = rampart_auth("https://auth.example.com")
check_admin = require_roles_from_claims("admin")

@app.get("/admin/users")
async def list_users(claims: RampartClaims = Depends(auth)):
    check_admin(claims)  # Raises 403 if "admin" role is missing
    return {"users": ["..."]}

Flask

Basic Authentication

from flask import Flask, g
from rampart.flask import rampart_auth

app = Flask(__name__)

@app.route("/me")
@rampart_auth("https://auth.example.com")
def me():
    return {
        "user_id": g.auth.sub,
        "email": g.auth.email,
        "roles": g.auth.roles,
    }

Role-Based Access Control

from rampart.flask import rampart_auth, require_roles

@app.route("/admin/users")
@rampart_auth("https://auth.example.com")
@require_roles("admin")
def list_users():
    return {"users": ["..."]}

Direct Usage (No Framework)

from rampart import RampartAuth

auth = RampartAuth(issuer="https://auth.example.com")
claims = auth.verify_token(raw_jwt_string)

print(claims.sub)       # "user-123"
print(claims.email)     # "user@example.com"
print(claims.roles)     # ["admin", "user"]
print(claims.org_id)    # "org-456"

Claims

Verified tokens return a RampartClaims dataclass:

Field Type Description
sub str Subject (user ID)
iss str Issuer URL
iat int Issued-at timestamp
exp int Expiration timestamp
org_id `str None`
preferred_username `str None`
email `str None`
email_verified `bool None`
given_name `str None`
family_name `str None`
roles list[str] Assigned roles

Configuration Options

RampartAuth(
    issuer="https://auth.example.com",  # Required: Rampart server URL
    audience="my-api",                   # Optional: expected audience claim
    jwks_cache_ttl=300,                  # JWKS cache lifetime in seconds (default: 300)
    algorithms=["RS256"],                # Allowed JWT algorithms (default: ["RS256"])
)

Running Tests

pip install -e ".[dev]"
pytest tests/

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for manimgh from gravatar.com manimgh

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Requires: Python >=3.9
  • Provides-Extra: dev , fastapi , flask

Release history Release notifications | RSS feed

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

rampart_python-0.1.0.tar.gz (4.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

rampart_python-0.1.0-py3-none-any.whl (3.1 kB view details)

Uploaded Python 3

File details

Details for the file rampart_python-0.1.0.tar.gz.

File metadata

  • Download URL: rampart_python-0.1.0.tar.gz
  • Upload date:
  • Size: 4.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.0

File hashes

Hashes for rampart_python-0.1.0.tar.gz
Algorithm Hash digest
SHA256 4f96d55dcbe30eeb0fc538c688fa9d2e863862e27fc94754a7f7d8c95d5ff931
MD5 db91d143bf06d43adcf55dab72ddf347
BLAKE2b-256 d83cd72564440d9d6eec93f4e3342a769f3f6852fd67bd94eec860ed4e74ecaf

See more details on using hashes here.

File details

Details for the file rampart_python-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: rampart_python-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 3.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.0

File hashes

Hashes for rampart_python-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 4007895e07ac5c2d4eeec4d39de04529098d5fa718d9d062e0ed6797b58b60bf
MD5 8566724b2a2bf470c469fab0a759172e
BLAKE2b-256 d1fa59d186b94b19288f6222c6939eec9509ca0a613c136cbd78d26f9104e295

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page