Python library for SPIFFE support
Project description
spiffe package
Overview
The spiffe package, part of the py-spiffe library,
provides SPIFFE support and essential
tools for interacting with
the SPIFFE Workload API. It simplifies
the management and validation of SPIFFE identities,
supporting X509-SVIDs, JWT-SVIDs,
and X.509 CA and JWKS Bundles.
Features
- Automatic Management of SPIFFE Identities: Streamlines fetching, renewing, and validation of X.509 and JWT SVIDs.
- Seamless Integration with SPIFFE Workload API: Facilitates communication with SPIRE or other SPIFFE Workload API compliant systems.
- Continuous Update Handling: Automatically receives and applies updates for SVIDs and bundles, ensuring your application always uses valid certificates.
Prerequisites
- A running instance of SPIRE or another SPIFFE Workload API implementation.
- The
SPIFFE_ENDPOINT_SOCKETenvironment variable set to the address of the Workload API (e.g.,unix: /tmp/spire-agent/public/api.sock), or provided programmatically.
Usage
Below are examples demonstrating the core functionalities of the spiffe package.
WorkloadApiClient
from spiffe import WorkloadApiClient
# Fetch X.509 and JWT SVIDs
with WorkloadApiClient() as client:
x509_svid = client.fetch_x509_svid()
print(f'SPIFFE ID: {x509_svid.spiffe_id}')
jwt_svid = client.fetch_jwt_svid(audience={"test"})
print(f'SPIFFE ID: {jwt_svid.spiffe_id}')
X509Source
from spiffe import X509Source
# Automatically manage X.509 SVIDs and CA bundles
with X509Source() as source:
x509_svid = source.svid
print(f'SPIFFE ID: {x509_svid.spiffe_id}')
JwtSource
from spiffe import JwtSource
# Manage and validate JWT SVIDs and JWKS bundles
with JwtSource() as source:
jwt_svid = source.fetch_svid(audience={'test'})
print(f'SPIFFE ID: {jwt_svid.spiffe_id}')
print(f'Token: {jwt_svid.token}')
Contributing
We welcome contributions to the spiffe package! Please see
our contribution guidelines for more
details. For feedback and issues, please submit them through
the GitHub issue tracker.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file spiffe-0.2.3.tar.gz.
File metadata
- Download URL: spiffe-0.2.3.tar.gz
- Upload date:
- Size: 34.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/2.2.1 CPython/3.9.25 Linux/6.11.0-1018-azure
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
28f754eba056caa3a5c2b7bd816ac9bf24fad20333b2989ca6977dff51372c41
|
|
| MD5 |
4770e197cff6001880177f14fdcffa18
|
|
| BLAKE2b-256 |
6a7397d5a9e5f79e2d61555066f4197e06279e2adfddd3ad67125b9f3776f772
|
File details
Details for the file spiffe-0.2.3-py3-none-any.whl.
File metadata
- Download URL: spiffe-0.2.3-py3-none-any.whl
- Upload date:
- Size: 56.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/2.2.1 CPython/3.9.25 Linux/6.11.0-1018-azure
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
562fcee9e611953fc7622b3d5638e9ce1652015d29216fd6d4a82dac309673d9
|
|
| MD5 |
a5232cb86056d47a433817f7368cc0e9
|
|
| BLAKE2b-256 |
154df867f134a350e8dc9eb83b4f92cb68fdeaed0437450aaffbd1e73fa09658
|
