Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

atlassian-jwt-auth

Package Overview
Dependencies
Maintainers
3
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

atlassian-jwt-auth

Python implementation of the Atlassian Service to Service Authentication specification.

  • 20.0.0
  • PyPI
  • Socket score

Maintainers
3

============================ Atlassian JWT authentication

.. image:: https://github.com/atlassian/asap-authentication-python/workflows/Tests/badge.svg .. image:: https://img.shields.io/pypi/v/atlassian-jwt-auth.svg :target: https://pypi.org/project/atlassian-jwt-auth

This package provides an implementation of the Service to Service Authentication <https://s2sauth.bitbucket.io/spec/>_ specification.


Installation

To install simply run

.. code:: sh

$ pip install atlassian-jwt-auth

Using this library

To create a JWT for authentication


.. code:: python

    import atlassian_jwt_auth


    signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
    a_jwt = signer.generate_jwt('audience')


To create a JWT using a file on disk in the conventional location

Each time you call generate_jwt this will find the latest active key file (ends with .pem) and use it to generate your JWT.

.. code:: python

import atlassian_jwt_auth


signer = atlassian_jwt_auth.create_signer_from_file_private_key_repository('issuer', '/opt/jwtprivatekeys')
a_jwt = signer.generate_jwt('audience')

To create a JWT using a data uri


.. code:: python

    import atlassian_jwt_auth
    from atlassian_jwt_auth.key import DataUriPrivateKeyRetriever

    key_id, private_key_pem = DataUriPrivateKeyRetriever('Your base64 encoded data uri').load('issuer')
    signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
    a_jwt = signer.generate_jwt('audience')



To make an authenticated HTTP request
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If you use the ``atlassian_jwt_auth.contrib.requests.JWTAuth`` provider, you
can automatically generate JWT tokens when using the ``requests`` library to
perform authenticated HTTP requests.

.. code:: python

    import atlassian_jwt_auth
    from atlassian_jwt_auth.contrib.requests import JWTAuth

    signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)
    response = requests.get(
        'https://your-url',
        auth=JWTAuth(signer, 'audience')
    )

One can also use ``atlassian_jwt_auth.contrib.aiohttp.JWTAuth``
to authenticate ``aiohttp`` requests:

.. code:: python

    import aiohttp

    import atlassian_jwt_auth
    from atlassian_jwt_auth.contrib.aiohttp import JWTAuth

    signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem)

    async with aiohttp.ClientSession() as session:
        async with session.get('https://your-url',
                               auth=JWTAuth(signer, 'audience')) as resp:
            ...


If you want to reuse tokens that have the same claim within their period of validity
then pass through `reuse_jwts=True` when calling  `create_signer`.
For example:


.. code:: python

    import atlassian_jwt_auth
    import requests
    from atlassian_jwt_auth.contrib.requests import JWTAuth

    signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem, reuse_jwts=True)
    response = requests.get(
        'https://your-url',
        auth=JWTAuth(signer, 'audience')
    )

If you want to generate tokens with a longer lifetime than the default 1 minute period,
you can do so via specifying a `lifetime` value to `create_signer`.
For example:


.. code:: python

    import datetime

    import atlassian_jwt_auth
    import requests
    from atlassian_jwt_auth.contrib.requests import JWTAuth

    signer = atlassian_jwt_auth.create_signer(
        'issuer', 'issuer/key', private_key_pem,
        reuse_jwts=True, lifetime=datetime.timedelta(minutes=2))
    response = requests.get(
        'https://your-url',
        auth=JWTAuth(signer, 'audience')
    )


To verify a JWT
~~~~~~~~~~~~~~~

.. code:: python

    import atlassian_jwt_auth

    public_key_retriever = atlassian_jwt_auth.HTTPSPublicKeyRetriever('https://example.com')
    verifier = atlassian_jwt_auth.JWTAuthVerifier(public_key_retriever)
    verified_claims = verifier.verify_jwt(a_jwt, 'audience')

For Python versions starting from ``Python 3.5``, note this library no longer supports python 3.5, ``atlassian_jwt_auth.contrib.aiohttp``
provides drop-in replacements for the components that
perform HTTP requests, so that they use ``aiohttp`` instead of ``requests``:

.. code:: python

    import atlassian_jwt_auth.contrib.aiohttp

    public_key_retriever = atlassian_jwt_auth.contrib.aiohttp.HTTPSPublicKeyRetriever('https://example.com')
    verifier = atlassian_jwt_auth.contrib.aiohttp.JWTAuthVerifier(public_key_retriever)
    verified_claims = await verifier.verify_jwt(a_jwt, 'audience')

FAQs


Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc