JWT token service for Swarmauri
Project description
swarmauri_tokens_jwt
A standard JWT token service for the Swarmauri framework. This service implements minting and verifying JSON Web Tokens and exposes a JWKS endpoint for public key discovery.
Usage
JWTTokenService requires an IKeyProvider to supply signing material. The
example below shows how to mint and verify a symmetric HS256 token using a
minimal in‑memory key provider.
import asyncio
import base64
from swarmauri_tokens_jwt import JWTTokenService
from swarmauri_core.keys import (
ExportPolicy,
IKeyProvider,
KeyRef,
KeyUse,
)
from swarmauri_core.crypto.types import JWAAlg, KeyType
class InMemoryKeyProvider(IKeyProvider):
def __init__(self) -> None:
self.secret = b"secret"
self.kid = "sym"
self.version = 1
def supports(self) -> dict[str, list[str]]:
return {}
async def create_key(self, spec):
raise NotImplementedError
async def import_key(self, spec, material, *, public=None):
raise NotImplementedError
async def rotate_key(self, kid, *, spec_overrides=None):
raise NotImplementedError
async def destroy_key(self, kid, version=None) -> bool:
return False
async def get_key(self, kid, version=None, *, include_secret=False) -> KeyRef:
material = self.secret if include_secret else None
return KeyRef(
kid=self.kid,
version=self.version,
type=KeyType.OPAQUE,
uses=(KeyUse.SIGN,),
export_policy=ExportPolicy.SECRET_WHEN_ALLOWED,
material=material,
)
async def list_versions(self, kid):
return (self.version,)
async def get_public_jwk(self, kid, version=None):
return {}
async def jwks(self) -> dict:
k = base64.urlsafe_b64encode(self.secret).rstrip(b"=").decode()
return {"keys": [{"kty": "oct", "kid": f"{self.kid}.{self.version}", "k": k}]}
async def random_bytes(self, n: int) -> bytes:
return b"\x00" * n
async def hkdf(self, ikm: bytes, *, salt: bytes, info: bytes, length: int) -> bytes:
return b"\x00" * length
async def main() -> None:
svc = JWTTokenService(InMemoryKeyProvider(), default_issuer="issuer")
token = await svc.mint({"sub": "alice"}, alg=JWAAlg.HS256, kid="sym")
claims = await svc.verify(token, issuer="issuer")
assert claims["sub"] == "alice"
asyncio.run(main())
The service also supports asymmetric algorithms such as RS256, ES256 and EdDSA when the key provider exposes the appropriate keys.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file swarmauri_tokens_jwt-0.3.0.dev3.tar.gz.
File metadata
- Download URL: swarmauri_tokens_jwt-0.3.0.dev3.tar.gz
- Upload date:
- Size: 3.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.8.17
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
bc243daf9c50d1a0dd297a195e94ce76c34e58b8ec4c934f501413f515cf0dbb
|
|
| MD5 |
57e16945fa58c20c930d9b32122bc7e4
|
|
| BLAKE2b-256 |
09b6b809277a615197aa8d5351724cac39785dfb1448426b9759441c02c2b8db
|
File details
Details for the file swarmauri_tokens_jwt-0.3.0.dev3-py3-none-any.whl.
File metadata
- Download URL: swarmauri_tokens_jwt-0.3.0.dev3-py3-none-any.whl
- Upload date:
- Size: 4.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.8.17
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4c0e1dbd0d452d3f3a49bc90c2a3fd958533d38781e6bca0d99208bba9ff572d
|
|
| MD5 |
6fbd9559cc112b89f16ef3857d5e577a
|
|
| BLAKE2b-256 |
a560705c12dc607ecbe1301bf4d8986c2e46553c65fe099fbb526ca283305d1f
|
