Skip to main content

Manipulate PyPI API tokens

Project description

Deployed to PyPI Deployed to PyPI GitHub Repository Continuous Integration Documentation Coverage MIT License Contributor Covenant

PyPIToken is an open-source Python library for generating and manipulating PyPI tokens.

PyPI tokens are very powerful, as that they are based on Macaroons. They allow the bearer to add additional restrictions to an existing token. For example, given a PyPI token that can upload releases for any project of its owner, you can generate a token that will only allow some projects, or even a single one.

Here’s an example:

$ pip install pypitoken
import pypitoken

token = pypitoken.Token.load("pypi-foobartoken")

print(token.restrictions)
# [ProjectIDsRestriction(project_ids=["00000000-0000-0000-0000-000000000000"])]

token.restrict(project_names=["requests"])

print(token.restrictions)
# [
#     ProjectIDsRestriction(project_ids=["00000000-0000-0000-0000-000000000000"]),
#     ProjectNamesRestriction(project_names=["requests"]),
# ]

token.dump()
# pypi-newfoobartoken

This token we’ve created above will be restricted to uploading releases of requests. Of course, your PyPI user will still need to have upload permissions on requests for this to happen.

The aim of this library is to provide a simple toolbelt for manipulating PyPI tokens. Ideally, someday, PyPI (Warehouse) itself may generate their tokens using this library too. This should make it easier to iterate on new kinds of restrictions for PyPI tokens, such as those discussed in the original implementation issue.

A discussion for integrating this library to the Warehouse environment is ongoing:

Where to go from here

The complete docs is probably the best place to learn about the project.

If you encounter a bug, or want to get in touch, you’re always welcome to open a ticket.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pypitoken-7.1.1.tar.gz (198.5 kB view details)

Uploaded Source

Built Distribution

pypitoken-7.1.1-py3-none-any.whl (12.8 kB view details)

Uploaded Python 3

File details

Details for the file pypitoken-7.1.1.tar.gz.

File metadata

  • Download URL: pypitoken-7.1.1.tar.gz
  • Upload date:
  • Size: 198.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for pypitoken-7.1.1.tar.gz
Algorithm Hash digest
SHA256 2e91822471f2de99183f6a881ddb173372f2a2f8e7c55b574235aee1b0417e42
MD5 ee8cbe483985d65cec01a0b9efcb6410
BLAKE2b-256 21d61b52d35f6aab68d75a0b38211bd6ea6eca0aceefb3e95cd6ca30be03adf9

See more details on using hashes here.

Provenance

The following attestation bundles were made for pypitoken-7.1.1.tar.gz:

Publisher: ci.yml on ewjoachim/pypitoken

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file pypitoken-7.1.1-py3-none-any.whl.

File metadata

  • Download URL: pypitoken-7.1.1-py3-none-any.whl
  • Upload date:
  • Size: 12.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for pypitoken-7.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 013e1b273168b37c46d5fbdf572f0d7a454a52fae492d0d7a5f2da600f75bca7
MD5 9c3f34c1bc7fdef03c8f15ba902c2e4f
BLAKE2b-256 43ddfdcf4e9bfe80a8ebd9f3b47cd77b7722e2933e6923e32ddf1da2e321d464

See more details on using hashes here.

Provenance

The following attestation bundles were made for pypitoken-7.1.1-py3-none-any.whl:

Publisher: ci.yml on ewjoachim/pypitoken

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page