diff options
| author | CoprDistGit <infra@openeuler.org> | 2023-05-17 03:31:23 +0000 |
|---|---|---|
| committer | CoprDistGit <infra@openeuler.org> | 2023-05-17 03:31:23 +0000 |
| commit | f32164a66bf82343ded2168e23c4db9f591ff34e (patch) | |
| tree | 14b3866fabfd1929ae853848b1c05ffef53e2701 | |
| parent | d2e359cf617750192c7dfbca1d436984a04fa09a (diff) | |
automatic import of python-aad-token-verify
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | python-aad-token-verify.spec | 334 | ||||
| -rw-r--r-- | sources | 1 |
3 files changed, 336 insertions, 0 deletions
@@ -0,0 +1 @@ +/aad-token-verify-0.1.4.tar.gz diff --git a/python-aad-token-verify.spec b/python-aad-token-verify.spec new file mode 100644 index 0000000..cfbcdd9 --- /dev/null +++ b/python-aad-token-verify.spec @@ -0,0 +1,334 @@ +%global _empty_manifest_terminate_build 0 +Name: python-aad-token-verify +Version: 0.1.4 +Release: 1 +Summary: A python utility library to verify an Azure Active Directory OAuth token +License: MIT +URL: https://github.com/GeneralMills/azure-ad-token-verify +Source0: https://mirrors.nju.edu.cn/pypi/web/packages/c5/66/0e9689e40a901a4f97bf7f80a17a2002b9c5f0a8c8f391587a9cf6de2df9/aad-token-verify-0.1.4.tar.gz +BuildArch: noarch + +Requires: python3-requests +Requires: python3-PyJWT +Requires: python3-cryptography +Requires: python3-cachetools + +%description +[](https://github.com/GeneralMills/azure-ad-token-verify/actions) +[](https://pypi.python.org/pypi/aad-token-verify) +# aad-token-verify +A python utility library to verify an Azure Active Directory OAuth token. Meant for resource servers serving secured API endpoints (eg FastAPI) + +## Install + +```bash +python3 -m pip install aad-token-verify +``` + +## Usage + +To use stand alone, simply import the verify payload function and call. + +```python +from aad_token_verify import get_verified_payload + +token_verifier = get_verified_payload(token, tenant_id="YOUR_TENANT_ID", audience_uris=["AUDIENCE_URI"]) +``` + +To use with FastAPI, there's some setup to get the Swagger docs to work + +```python +from fastapi import Depends, FastAPI +from fastapi.openapi.models import OAuthFlowImplicit, OAuthFlows +from fastapi.middleware.cors import CORSMiddleware +from fastapi.security import OAuth2 + +from aad_token_verify import get_verified_payload + +# TODO Update these with your Tenant ID, Audience URI, and Client ID +_TENANT_ID = "ISSUER_TENANT_ID" +_AUDIENCE_URI = "https://YOUR_AUDIENCE_URI" +_AAD_CLIENT_ID = "CLIENT_ID" + +oauth2_scheme = OAuth2( + flows=OAuthFlows( + implicit=OAuthFlowImplicit( + authorizationUrl=f"https://login.microsoftonline.com/{_TENANT_ID}/oauth2/v2.0/authorize", + scopes={ + f"{_AUDIENCE_URI}/.default": "Custom Audience URI scope", + "openid": "OpenID scope", + "profile": "Profile scope", + "email": "email scope", + }, + ) + ) +) + +async def get_current_user( + auth_header: str = Depends(oauth2_scheme), # noqa: B008 +): + scheme, _, token = auth_header.partition(" ") + return get_verified_payload( + token, + tenantId=_TENANT_ID, + audience_uris=[_AUDIENCE_URI], + ) + +app = FastAPI() + +app.add_middleware( + CORSMiddleware, + allow_origins=["*"], + allow_credentials=True, + allow_methods=["*"], + allow_headers=["*"], +) + +app.swagger_ui_init_oauth = { + "usePkceWithAuthorizationCodeGrant": True, + "clientId": _AAD_CLIENT_ID, + "scopes": [f"{_AUDIENCE_URI}.default"], +} + +@app.get("/") +async def secured_endpoint(user=Depends(get_current_user)): + return user +``` + +## Contributing + +Feel free to submit issues and pull requests! + + + + +%package -n python3-aad-token-verify +Summary: A python utility library to verify an Azure Active Directory OAuth token +Provides: python-aad-token-verify +BuildRequires: python3-devel +BuildRequires: python3-setuptools +BuildRequires: python3-pip +%description -n python3-aad-token-verify +[](https://github.com/GeneralMills/azure-ad-token-verify/actions) +[](https://pypi.python.org/pypi/aad-token-verify) +# aad-token-verify +A python utility library to verify an Azure Active Directory OAuth token. Meant for resource servers serving secured API endpoints (eg FastAPI) + +## Install + +```bash +python3 -m pip install aad-token-verify +``` + +## Usage + +To use stand alone, simply import the verify payload function and call. + +```python +from aad_token_verify import get_verified_payload + +token_verifier = get_verified_payload(token, tenant_id="YOUR_TENANT_ID", audience_uris=["AUDIENCE_URI"]) +``` + +To use with FastAPI, there's some setup to get the Swagger docs to work + +```python +from fastapi import Depends, FastAPI +from fastapi.openapi.models import OAuthFlowImplicit, OAuthFlows +from fastapi.middleware.cors import CORSMiddleware +from fastapi.security import OAuth2 + +from aad_token_verify import get_verified_payload + +# TODO Update these with your Tenant ID, Audience URI, and Client ID +_TENANT_ID = "ISSUER_TENANT_ID" +_AUDIENCE_URI = "https://YOUR_AUDIENCE_URI" +_AAD_CLIENT_ID = "CLIENT_ID" + +oauth2_scheme = OAuth2( + flows=OAuthFlows( + implicit=OAuthFlowImplicit( + authorizationUrl=f"https://login.microsoftonline.com/{_TENANT_ID}/oauth2/v2.0/authorize", + scopes={ + f"{_AUDIENCE_URI}/.default": "Custom Audience URI scope", + "openid": "OpenID scope", + "profile": "Profile scope", + "email": "email scope", + }, + ) + ) +) + +async def get_current_user( + auth_header: str = Depends(oauth2_scheme), # noqa: B008 +): + scheme, _, token = auth_header.partition(" ") + return get_verified_payload( + token, + tenantId=_TENANT_ID, + audience_uris=[_AUDIENCE_URI], + ) + +app = FastAPI() + +app.add_middleware( + CORSMiddleware, + allow_origins=["*"], + allow_credentials=True, + allow_methods=["*"], + allow_headers=["*"], +) + +app.swagger_ui_init_oauth = { + "usePkceWithAuthorizationCodeGrant": True, + "clientId": _AAD_CLIENT_ID, + "scopes": [f"{_AUDIENCE_URI}.default"], +} + +@app.get("/") +async def secured_endpoint(user=Depends(get_current_user)): + return user +``` + +## Contributing + +Feel free to submit issues and pull requests! + + + + +%package help +Summary: Development documents and examples for aad-token-verify +Provides: python3-aad-token-verify-doc +%description help +[](https://github.com/GeneralMills/azure-ad-token-verify/actions) +[](https://pypi.python.org/pypi/aad-token-verify) +# aad-token-verify +A python utility library to verify an Azure Active Directory OAuth token. Meant for resource servers serving secured API endpoints (eg FastAPI) + +## Install + +```bash +python3 -m pip install aad-token-verify +``` + +## Usage + +To use stand alone, simply import the verify payload function and call. + +```python +from aad_token_verify import get_verified_payload + +token_verifier = get_verified_payload(token, tenant_id="YOUR_TENANT_ID", audience_uris=["AUDIENCE_URI"]) +``` + +To use with FastAPI, there's some setup to get the Swagger docs to work + +```python +from fastapi import Depends, FastAPI +from fastapi.openapi.models import OAuthFlowImplicit, OAuthFlows +from fastapi.middleware.cors import CORSMiddleware +from fastapi.security import OAuth2 + +from aad_token_verify import get_verified_payload + +# TODO Update these with your Tenant ID, Audience URI, and Client ID +_TENANT_ID = "ISSUER_TENANT_ID" +_AUDIENCE_URI = "https://YOUR_AUDIENCE_URI" +_AAD_CLIENT_ID = "CLIENT_ID" + +oauth2_scheme = OAuth2( + flows=OAuthFlows( + implicit=OAuthFlowImplicit( + authorizationUrl=f"https://login.microsoftonline.com/{_TENANT_ID}/oauth2/v2.0/authorize", + scopes={ + f"{_AUDIENCE_URI}/.default": "Custom Audience URI scope", + "openid": "OpenID scope", + "profile": "Profile scope", + "email": "email scope", + }, + ) + ) +) + +async def get_current_user( + auth_header: str = Depends(oauth2_scheme), # noqa: B008 +): + scheme, _, token = auth_header.partition(" ") + return get_verified_payload( + token, + tenantId=_TENANT_ID, + audience_uris=[_AUDIENCE_URI], + ) + +app = FastAPI() + +app.add_middleware( + CORSMiddleware, + allow_origins=["*"], + allow_credentials=True, + allow_methods=["*"], + allow_headers=["*"], +) + +app.swagger_ui_init_oauth = { + "usePkceWithAuthorizationCodeGrant": True, + "clientId": _AAD_CLIENT_ID, + "scopes": [f"{_AUDIENCE_URI}.default"], +} + +@app.get("/") +async def secured_endpoint(user=Depends(get_current_user)): + return user +``` + +## Contributing + +Feel free to submit issues and pull requests! + + + + +%prep +%autosetup -n aad-token-verify-0.1.4 + +%build +%py3_build + +%install +%py3_install +install -d -m755 %{buildroot}/%{_pkgdocdir} +if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi +if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi +if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi +if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi +pushd %{buildroot} +if [ -d usr/lib ]; then + find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/lib64 ]; then + find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/bin ]; then + find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/sbin ]; then + find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst +fi +touch doclist.lst +if [ -d usr/share/man ]; then + find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst +fi +popd +mv %{buildroot}/filelist.lst . +mv %{buildroot}/doclist.lst . + +%files -n python3-aad-token-verify -f filelist.lst +%dir %{python3_sitelib}/* + +%files help -f doclist.lst +%{_docdir}/* + +%changelog +* Wed May 17 2023 Python_Bot <Python_Bot@openeuler.org> - 0.1.4-1 +- Package Spec generated @@ -0,0 +1 @@ +40df38e8680b5255671386128d43dbd3 aad-token-verify-0.1.4.tar.gz |