Metadata-Version: 2.4
Name: jwt-authenticator
Version: 1.11.3
Summary: Simple JWT token flask service security library.
Project-URL: Source, https://github.com/TeleTrackingTechnologies/jwt_authenticator
Author-email: Mike Nacey <nobody@teletracking.com>
License: The MIT License (MIT)
        
        Copyright (c) 2019 Tele-Tracking Technologies, Inc.
        
        Permission is hereby granted, free of charge, to any person obtaining a copy
        of this software and associated documentation files (the "Software"), to deal
        in the Software without restriction, including without limitation the rights
        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
        copies of the Software, and to permit persons to whom the Software is
        furnished to do so, subject to the following conditions:
        
        The above copyright notice and this permission notice shall be included in all
        copies or substantial portions of the Software.
        
        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
        SOFTWARE.
License-File: LICENSE
Keywords: authentication,flask,jwt
Classifier: Development Status :: 3 - Alpha
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Requires-Python: >=3.9
Requires-Dist: cryptography>=43.0.3
Requires-Dist: flask>=3.0.3
Requires-Dist: pyjwt>=2.9.0
Description-Content-Type: text/markdown

[![Build Status](https://github.com/TeleTrackingTechnologies/jwt_authenticator/actions/workflows/workflow.yml/badge.svg)
[![PyPI version](https://badge.fury.io/py/jwt-authenticator.svg)](https://badge.fury.io/py/jwt-authenticator)
# jwt_authenticator

jwt_authenticator is a simply python library for adding JWT token authentication/authorization in flask web sites/services. It controls access either by checking for just a validated token, or optionally, a single role claim from the token. Access is controlled by decorating the endpoint functions with an attribute.

## Installation

Use the package manager [pip](https://pip.pypa.io/en/stable/) to install jwt_authenticator.

```bash
pip install jwt-authenticator
```

If using RS256, you must also:
```bash
pip install cryptography
```

## Usage
In the main application initialization area

```python
from flask import Flask
from jwt_authenticator import AuthenticationHandler

APP = Flask(__name__)
AuthenticationHandler.load_configuration(APP)
```
In the endpoints

```python
from jwt_authenticator import AuthenticationHandler, AuthError

@api.route('/<name>', methods=['GET'])
@AuthenticationHandler.requires_auth("admin")
def get_one(name):
    return f"Hello {name}"

@api.route('/<name>', methods=['GET'])
@AuthenticationHandler.requires_auth()
def get_one(name):
    return f"Hello {name}"
```

## Configuration
jwt_authenticator requires two configuration values to work. These can be specified either in the normal Flask application configuration or as environment variables. Environment variable values will override application configuration values, when

```python
AuthenticationHanlder.load_configuration(app)
```
is called.

### APP.config (i.e. flask application configuration)

* SECRET - the key used to sign the JWT token. Option if JWKS_URL specified.
* AUDIENCE - the audience claim used in the JWT token
* JKWS_URL - [OPTIONAL] OIDC key discovery URL
* GROUPS_CLAIM - [OPTIONAL] which claim has the list of groups. Defaults to "groups"

### Environment Variables

* JWT_SECRET - will override SECRET
* JWT_AUDIENCE - will override AUDIENCE
* JWKS_URL - will override JWKS_URL
* GROUPS_CLAIM - will override GROUPS_CLAIM

## Contributing
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

Please make sure to update tests as appropriate.

## Building
* Requires 'make'

```bash
make init
make test
make package
```

## License
[MIT](https://choosealicense.com/licenses/mit/)

