Auth0 middleware for multiple client configurations
Project description
This is an Auth0 middleware for multiple client configurations.
It adds 4 keys to environ mapping:
wsgiauth0.jwt_claims: The decoded claims dict or None if any error occurred. Example:
{ 'iss': 'issuer', 'sub': 'auth0|user_id', 'aud': 'https://example.com, 'exp': 1234567890, 'iat': 1134567890, }
wsgiauth0.jwt_error: A mapping with keys code and description or None if no error occurred, Example:
{ 'code': 'invalid_header', 'description': 'Authorization header must be "Bearer token".', }
wsgiauth0.jwt_client: A mapping with the client info used if any info were successfully deduced from json web token received:
{ 'id': 'NieY4eekoo3aed2fe9ei', 'audience': 'https://example.com', 'secret': 'shei6eehuF2ui9OphahW', }
REMOTE_USER: The decoded subject from wsgiauth0.jwt_claims or None if any error occurred.
Usage
Configure your wsgi pipeline in paste deploy ini file:
[filter:wsgiauth0] use = egg:wsgiauth0#middleware clients_config_file = %(here)s/auth0_clients_config.yml [pipeline:main] pipeline = wsgiauth0 myapp [app:myapp] use = egg:wsgiapp#main [server:main] use = egg:waitress#main host = 0.0.0.0 port = 6543
Configuration with DynamoDB
It expects a clients_config_file key pointing to auth0 client configuration yaml file.
Here is an example of a yaml configuration file.
Client 1:
id: oZ0ahm4Thoh1Oghiqu4oe9qu
audience: oZ0ahm4Thoh1Oghiqu4oe9qu
secret:
value: noh4feibaighikeeD0inah9Rei3nei6yeenoa7uar2Dah2yaeKioph8Jux8ahte
type: base64_url_encoded
Client 2:
id: Aen1XobahDoh7queing3eaS0@clients
audience: https://example.com/
secret:
value: |
-----BEGIN CERTIFICATE REQUEST-----
MIIBZjCB0AIBADANMQswCQYDVQQGEwJDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
gYkCgYEAx2LwsUexPKQ/0GIHqugXZtIGZxSOovO754KWn3ZWBbDvm/wuh+QfmMj8
ZTxnxRymHjSNJ04nCMcqtzl3VDwapMkM433CnyZjoJjA/fRwLRjUepLAMbmoqkOG
k1BKNAyidyko7DBnkMayzJRfmnCwFy1hsuikh6oFSinU7MP3LBsCAwEAAaAaMBgG
CSqGSIb3DQEJBzELEwljaGFsbGVuZ2UwDQYJKoZIhvcNAQELBQADgYEAP819zy3q
1gh5z5FLeFanc3TpdlcGHCQxcTMC/x9iyMpbSd2XkKLrZ02Is1Y8Ox/XeT8zNjOg
/nulPg6YrIsywpKFR4orMvuUUMZ8uT8UVNj1pnatmXy9ikjdGtBXeU+EKkMZ4q6a
OrG8qyB4o/WETphyxfneazWt3jrLHkKBvXA=
-----END CERTIFICATE REQUEST-----
type: certiticate
Configuration with DynamoDB
DynamoDB can be used as a configuration source. The configuration table should have an item for each key that should be used for authentication.
Specify the table name with the clients_config_table key, and the service name with clients_config_service.
The table should have a hash key on the service field, and a sort key on the label field (a human friendly description for the key). The other fields are id, audience, and secret with sub-keys type and value.
You should require the dynamodb extra dependency (i.e. wsgiauth0[dynamodb]).
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file wsgiauth0-0.0.19.tar.gz
.
File metadata
- Download URL: wsgiauth0-0.0.19.tar.gz
- Upload date:
- Size: 6.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | d2a46b1cd3d2fa249d8832cf27289b9d0ac7b6a341dd4d2e13a5a1b0cca964e4 |
|
MD5 | dad1456fe7267acf9269d7c71b1a884d |
|
BLAKE2b-256 | d094250bc198c7e31e9b63b214455b472384328c07a2a70f9c685bb7b6f52f58 |