Metadata-Version: 2.4
Name: blade-auth-client
Version: 0.3.0
Summary: Shared Casdoor authentication client for Blade ecosystem services.
Project-URL: Homepage, https://pypi.org/project/blade-auth-client/
Author-email: yangliu35 <so.2liu@gmail.com>
License-Expression: MIT
Requires-Python: >=3.12
Requires-Dist: httpx
Requires-Dist: pydantic-settings
Requires-Dist: pydantic>=2
Requires-Dist: pyjwt[crypto]
Requires-Dist: pyyaml
Requires-Dist: sqlalchemy
Provides-Extra: dev
Requires-Dist: pytest; extra == 'dev'
Requires-Dist: pytest-asyncio; extra == 'dev'
Requires-Dist: respx; extra == 'dev'
Requires-Dist: ruff; extra == 'dev'
Provides-Extra: fastapi
Requires-Dist: fastapi; extra == 'fastapi'
Requires-Dist: starlette; extra == 'fastapi'
Provides-Extra: socketio
Requires-Dist: python-socketio; extra == 'socketio'
Description-Content-Type: text/markdown

# blade-auth-client

`blade-auth-client` 是 Blade 生态的共享 Casdoor 认证客户端包。它抽离了统一的 token 校验、FastAPI 装配和 Socket.IO 握手接口，供各个服务复用。

## 安装

```bash
pip install blade-auth-client[fastapi,socketio]
```

## Casdoor 配置要求

Casdoor 的 application、scope 和 redirect URI 约束见 [docs/casdoor-setup.md](docs/casdoor-setup.md)。

## 快速上手

```python
from fastapi import FastAPI

from blade_auth_client import (
    AuthConfig,
    OidcClient,
    TokenVerifier,
    create_auth_router,
    make_current_user_dep,
)

app = FastAPI()
config = AuthConfig()
oidc_client = OidcClient(config)
verifier = TokenVerifier(config)
current_user = make_current_user_dep(config, verifier=verifier, provisioner=...)

app.include_router(
    create_auth_router(config, verifier=verifier, provisioner=..., oidc_client=oidc_client)
)
```

## 版本策略

`0.0.x` 版本仅用于占位发布和联调验证，不承诺可用性。`0.2.0` 起采用仅校验 `iss` + 签名 + `exp` 的简化策略。

## 发布

仓库已经预留了 GitHub Actions 发布流水线：

- PR 校验：`.github/workflows/python-sdk-ci.yml`
- PyPI 发布：`.github/workflows/python-sdk-publish.yml`

首次配置 Trusted Publishing 时，在 PyPI 项目的 Publishing 页面添加 GitHub publisher，填写：

- Owner: `blade-hq`
- Repository name: `blade-oauth`
- Workflow name: `python-sdk-publish.yml`

日常发版流程：

```bash
# 1. 修改 sdk/python/pyproject.toml 里的 version

# 2. 推送代码到默认分支后，创建并推送同版本 tag
git tag blade-auth-client-vX.Y.Z
git push origin blade-auth-client-vX.Y.Z
```

发布 workflow 会校验 tag 版本与 `pyproject.toml` 一致，然后自动构建并发布到 PyPI。
