Python library for SPIFFE support

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for maxlambrecht from gravatar.com maxlambrecht

Unverified details

These details have not been verified by PyPI
Meta
  • License: Apache Software License (Apache-2.0)
  • Author: Max Lambrecht
  • Requires: Python <4.0, >=3.9
Classifiers

Project description

spiffe package

Overview

The spiffe package, part of the py-spiffe library, provides SPIFFE support and essential tools for interacting with the SPIFFE Workload API. It simplifies the management and validation of SPIFFE identities, supporting X509-SVIDs, JWT-SVIDs, and X.509 CA and JWKS Bundles.

Features

  • Automatic Management of SPIFFE Identities: Streamlines fetching, renewing, and validation of X.509 and JWT SVIDs.
  • Seamless Integration with SPIFFE Workload API: Facilitates communication with SPIRE or other SPIFFE Workload API compliant systems.
  • Continuous Update Handling: Automatically receives and applies updates for SVIDs and bundles, ensuring your application always uses valid certificates.

Prerequisites

  • A running instance of SPIRE or another SPIFFE Workload API implementation.
  • The SPIFFE_ENDPOINT_SOCKET environment variable set to the address of the Workload API (e.g., unix: /tmp/spire-agent/public/api.sock), or provided programmatically.

Usage

Below are examples demonstrating the core functionalities of the spiffe package.

WorkloadApiClient

from spiffe import WorkloadApiClient

# Fetch X.509 and JWT SVIDs
with WorkloadApiClient() as client:
    x509_svid = client.fetch_x509_svid()
    print(f'SPIFFE ID: {x509_svid.spiffe_id}')

    jwt_svid = client.fetch_jwt_svid(audience={"test"})
    print(f'SPIFFE ID: {jwt_svid.spiffe_id}')

X509Source

from spiffe import X509Source

# Automatically manage X.509 SVIDs and CA bundles
with X509Source() as source:
    x509_svid = source.svid
    print(f'SPIFFE ID: {x509_svid.spiffe_id}')

JwtSource

from spiffe import JwtSource

# Manage and validate JWT SVIDs and JWKS bundles
with JwtSource() as source:
    jwt_svid = source.fetch_svid(audience={'test'})
    print(f'SPIFFE ID: {jwt_svid.spiffe_id}')
    print(f'Token: {jwt_svid.token}')

Contributing

We welcome contributions to the spiffe package! Please see our contribution guidelines for more details. For feedback and issues, please submit them through the GitHub issue tracker.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for maxlambrecht from gravatar.com maxlambrecht

Unverified details

These details have not been verified by PyPI
Meta
  • License: Apache Software License (Apache-2.0)
  • Author: Max Lambrecht
  • Requires: Python <4.0, >=3.9
Classifiers

Release history Release notifications | RSS feed

0.1.3

0.1.2

This version

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

spiffe-0.1.1.tar.gz (35.6 kB view hashes)

Uploaded Source

Built Distribution

spiffe-0.1.1-py3-none-any.whl (55.8 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page