Metadata-Version: 2.4
Name: indus-cloudauth
Version: 0.1.0
Summary: indus-cloudauth is a secure, unified solution for generating and validating authentication tokens across multiple cloud platforms.
Author: abhinavkaurav, cloudinduscom
License: MIT
Project-URL: homepage, https://github.com/cloudinduscom/indus-cloudauth
Project-URL: source, https://github.com/cloudinduscom/indus-cloudauth
Project-URL: issues, https://github.com/cloudinduscom/indus-cloudauth/issues
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Education
Classifier: License :: OSI Approved :: MIT License
Classifier: Natural Language :: English
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Programming Language :: Python :: Implementation :: CPython
Classifier: Programming Language :: Python :: Implementation :: PyPy
Classifier: Topic :: Software Development :: Libraries
Classifier: Topic :: Security :: Cryptography
Requires-Python: >=3.9
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: boto3==1.37.24
Provides-Extra: test
Requires-Dist: pytest>=7.4.0; extra == "test"
Requires-Dist: pytest-cov>=3.0.0; extra == "test"
Requires-Dist: pytest-mock>=3.9.0; extra == "test"
Dynamic: license-file

# indus-cloudauth
``indus-cloudauth`` is a secure, unified solution for generating and validating authentication tokens across multiple cloud platforms.

## Features

* Standardizes authentication with a consistent interface for token management and authentication.
* Simplifies secret key retrieval from AWS Secrets Manager. Azure Key Vault, GCP Secret Manager and more coming soon.
* Enhances security by eliminating manual credential handling.
* Provided option to encrypt more information using `auth_id` and set token expiry using `expiry_seconds`.
* Reduces boilerplate code with easy-to-use methods for token generation and validation.

## Requirements

Python 3.9+

## Usage

You can use the `indus-cloudauth` package in your Python code to generate authentication token using cloud provider of your choice for accessing the secret.

### Example 1 - using secret key stored in aws secret manager

It uses your local aws credentials and configs from `~/.aws` see [Using Boto3](https://github.com/boto/boto3). Only key stored as plaintext will work.

```python
from indus_cloudauth import cloud_provider, auth

keyname = "keyname_in_your_aws_secret_manager"
_auth = auth.use_hmac256_token(keyname=keyname, cloud=cloud_provider.AWS) # initializes the auth module
token = _auth.generate_token() # generates your token
valid, auth_id, message = _auth.validate_token(token) # validates your token

```

### Example 2 - using secret key stored in environment variable

```python
from indus_cloudauth import cloud_provider, auth

keyname = "keyname_in_your_enviroment"
_auth = auth.use_hmac256_token(keyname=keyname, cloud=cloud_provider.LOCAL) # initializes the auth module
token = _auth.generate_token() # generates your token
valid, auth_id, message = _auth.validate_token(token) # validates your token

```

### Example 3 - using secret key directly

```python
from indus_cloudauth import cloud_provider, auth

secret_key = "anysecretkeyyoucanpass"
_auth = auth.use_hmac256_token(secretkey=secretkey) # initializes the auth module
token = _auth.generate_token() # generates your token
valid, auth_id, message = _auth.validate_token(token) # validates your token

```


### Example 4 - using token expiry_time and auth_id

By default the token expiry time set to 1 hour. You can encrypt any useful information using auth_id.

```python
from indus_cloudauth import cloud_provider, auth

keyname = "keyname_in_your_enviroment"
auth_id = "userid_etc"
expiry = 60 # 1 minute
_auth = auth.use_hmac256_token(keyname=keyname, cloud=cloud_provider.LOCAL) # initializes the auth module
token = _auth.generate_token(auth_id=authid, expiry_seconds=expiry) # generates your token
valid, auth_id, message = _auth.validate_token(token) # validates your token

```





