Authenticator plugins for Requests that support JWT bearer tokens
Project description
requests-jwtauth
Authenticator plugins for Requests that support JWT bearer tokens.
Description
This package contains two classes, HTTPBearerAuth
and JWTSecretAuth
,
that implement the AuthBase interface from the Requests package. The
HTTPBearerAuth
class takes a single bearer token value at initialization,
and adds that to an Authorization: Bearer
header. The
JWTSecretAuth
class takes a shared secret, and uses that to generate and
sign short-lived JWT tokens to be added to an Authorization: Bearer
request header. By default, these tokens are valid for 1 hour (3600
seconds), and may contain arbitrary JWT claims in their payload.
Dependencies
Installation
pip install requests-jwtauth
Usage
HTTPBearerAuth
import requests
from requests_jwtauth import HTTPBearerAuth
# send a request with a pre-obtained bearer token
my_token = '...'
r = requests.get('http://example.com', auth=HTTPBearerAuth(my_token))
JWTSecretAuth
import requests
from requests_jwtauth import JWTSecretAuth
# use a shared secret to generate (and automatically regenerate)
# short-lived JWT bearer tokens
secret_auth = JWTSecretAuth(
# shared secret with the service that requires authentication
secret='...',
# JWT claims to place in the token payload
# this class takes care of providing the 'exp' (expiration time) key
claims={
'sub': '...'
},
# Time-To-Live, in seconds; default is 3600 (i.e., 1 hour)
ttl=3600,
# instead of waiting for it to actually expire,
# renew the token whenever the remaining time-to-live is
# less than this number of seconds; default is 60
expiration_buffer=60,
# signing algorithm to use; defaults to H256
signing_algorithm='H256'
)
r = requests.get('http://example.com', auth=secret_auth)
Development Setup
git clone git@github.com:umd-lib/requests-jwtauth.git
cd requests-jwtauth
pyenv install $(cat .python-version) --skip-existing
python -m venv .venv --prompt "requests-jwtauth-py$(cat .python-version)"
source .venv/bin/activate
pip install -e .[test]
Testing
Using pytest:
pytest
With test coverage information:
pytest --cov-report=term-missing --cov src
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for requests_jwtauth-1.0.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 2358b346b92f3692d90bec1bfc700df568ef8fbcc7e75ebf1fc772b35bb7ee94 |
|
MD5 | 6954085579e784efbefa4af20c729eda |
|
BLAKE2b-256 | b9a7344c4620cb4f41e555a4d7d2405098a9b5eb7eb277a63e61a97b358772e8 |