Python implementation of the Atlassian Service to Service Authentication specification.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for asecurityteam from gravatar.com asecurityteam Avatar for dblack from gravatar.com dblack Avatar for mbertrand80 from gravatar.com mbertrand80

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Atlassian
Classifiers
Report project as malware

Project description

https://github.com/atlassian/asap-authentication-python/workflows/Tests/badge.svg https://img.shields.io/pypi/v/atlassian-jwt-auth.svg

This package provides an implementation of the Service to Service Authentication specification.

Installation

To install simply run

$ pip install atlassian-jwt-auth

Using this library

To create a JWT for authentication

import atlassian_jwt_auth


signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
a_jwt = signer.generate_jwt('audience')

To create a JWT using a file on disk in the conventional location

Each time you call generate_jwt this will find the latest active key file (ends with .pem) and use it to generate your JWT.

import atlassian_jwt_auth


signer = atlassian_jwt_auth.create_signer_from_file_private_key_repository('issuer', '/opt/jwtprivatekeys')
a_jwt = signer.generate_jwt('audience')

To create a JWT using a data uri

import atlassian_jwt_auth
from atlassian_jwt_auth.key import DataUriPrivateKeyRetriever

key_id, private_key_pem = DataUriPrivateKeyRetriever('Your base64 encoded data uri').load('issuer')
signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
a_jwt = signer.generate_jwt('audience')

To make an authenticated HTTP request

If you use the atlassian_jwt_auth.contrib.requests.JWTAuth provider, you can automatically generate JWT tokens when using the requests library to perform authenticated HTTP requests.

import atlassian_jwt_auth
from atlassian_jwt_auth.contrib.requests import JWTAuth

signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
response = requests.get(
    'https://your-url',
    auth=JWTAuth(signer, 'audience')
)

One can also use atlassian_jwt_auth.contrib.aiohttp.JWTAuth to authenticate aiohttp requests:

import aiohttp

import atlassian_jwt_auth
from atlassian_jwt_auth.contrib.aiohttp import JWTAuth

signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)

async with aiohttp.ClientSession() as session:
    async with session.get('https://your-url',
                           auth=JWTAuth(signer, 'audience')) as resp:
        ...

If you want to reuse tokens that have the same claim within their period of validity then pass through reuse_jwts=True when calling create_signer. For example:

import atlassian_jwt_auth
import requests
from atlassian_jwt_auth.contrib.requests import JWTAuth

signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem, reuse_jwts=True)
response = requests.get(
    'https://your-url',
    auth=JWTAuth(signer, 'audience')
)

If you want to generate tokens with a longer lifetime than the default 1 minute period, you can do so via specifying a lifetime value to create_signer. For example:

import datetime

import atlassian_jwt_auth
import requests
from atlassian_jwt_auth.contrib.requests import JWTAuth

signer = atlassian_jwt_auth.create_signer(
    'issuer', 'issuer/key', private_key_pem,
    reuse_jwts=True, lifetime=datetime.timedelta(minutes=2))
response = requests.get(
    'https://your-url',
    auth=JWTAuth(signer, 'audience')
)

To verify a JWT

import atlassian_jwt_auth

public_key_retriever = atlassian_jwt_auth.HTTPSPublicKeyRetriever('https://example.com')
verifier = atlassian_jwt_auth.JWTAuthVerifier(public_key_retriever)
verified_claims = verifier.verify_jwt(a_jwt, 'audience')

For Python versions starting from Python 3.5, note this library no longer supports python 3.5, atlassian_jwt_auth.contrib.aiohttp provides drop-in replacements for the components that perform HTTP requests, so that they use aiohttp instead of requests:

import atlassian_jwt_auth.contrib.aiohttp

public_key_retriever = atlassian_jwt_auth.contrib.aiohttp.HTTPSPublicKeyRetriever('https://example.com')
verifier = atlassian_jwt_auth.contrib.aiohttp.JWTAuthVerifier(public_key_retriever)
verified_claims = await verifier.verify_jwt(a_jwt, 'audience')

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for asecurityteam from gravatar.com asecurityteam Avatar for dblack from gravatar.com dblack Avatar for mbertrand80 from gravatar.com mbertrand80

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Atlassian
Classifiers

Release history Release notifications | RSS feed

This version

22.0.0

21.0.1.dev3 pre-release yanked

Reason this release was yanked:

not needed

21.0.0

20.0.0

19.1.0

19.0.0

18.0.1

18.0.0

17.0.1

17.0.0

16.0.0

15.0.1

15.0.0

14.0.1

14.0.0

13.0.0

12.0.1

11.0.1

11.0.0

10.1.0

10.0.0

9.0.0

8.0.2

8.0.1

8.0.0

7.1.0

7.0.0

6.0.0

5.0.3

5.0.2

5.0.1

5.0.0

4.1.2

4.1.1

4.1.0

4.0.2

4.0.1

4.0.0

4.0.0.dev3 pre-release

3.6.0

3.5.0

3.4.0

3.3.1

3.3.0

3.2.2

3.2.2.dev1 pre-release

3.2.1

3.1.0

3.0.1

3.0.0

2.11.2

2.11.1

2.11.0

2.10.2

2.10.1

2.10.0

2.9.0

2.8.1

2.8.0

2.7.0

2.6.0

2.5.2

2.5.1

2.5.0

2.4.0

2.3.0

2.2.0

2.1.2.dev4 pre-release

2.1.1

2.1.1.dev5 pre-release

2.1.0

2.0.1.dev4 pre-release

2.0.1.dev3 pre-release

2.0.0

2.0.0.dev18 pre-release

2.0.0.dev17 pre-release

2.0.0.dev11 pre-release

1.0.9

1.0.9.dev4 pre-release

1.0.9.dev3 pre-release

1.0.9.dev2 pre-release

1.0.9.dev1 pre-release

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

atlassian_jwt_auth-22.0.0.tar.gz (45.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

atlassian_jwt_auth-22.0.0-py2.py3-none-any.whl (53.8 kB view details)

Uploaded Python 2Python 3

File details

Details for the file atlassian_jwt_auth-22.0.0.tar.gz.

File metadata

  • Download URL: atlassian_jwt_auth-22.0.0.tar.gz
  • Upload date:
  • Size: 45.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.14.3

File hashes

Hashes for atlassian_jwt_auth-22.0.0.tar.gz
Algorithm Hash digest
SHA256 f248ac9640b20999d59ae7ea4fcfd5bae013fe8e96355b84e170b3596f6ff8f7
MD5 728440ab16188fec897cc7ba1772055c
BLAKE2b-256 557ae1df09a09b5c0e8f25e173bcd17f436018f95cd71af9e38a642cca25e3a6

See more details on using hashes here.

File details

Details for the file atlassian_jwt_auth-22.0.0-py2.py3-none-any.whl.

File metadata

File hashes

Hashes for atlassian_jwt_auth-22.0.0-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 29a2aa842b7cd030983463946e7f460fd26c929d90f1189efdaae444549282a6
MD5 d265dd7cef4c2c4c713ba172c8dc3057
BLAKE2b-256 fa26a3c7cea14b8f8466c6b22287493cd01b34997e5faa495dc87283a8336cab

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page