diff options
Diffstat (limited to 'python-flask-cognito.spec')
| -rw-r--r-- | python-flask-cognito.spec | 216 |
1 files changed, 216 insertions, 0 deletions
diff --git a/python-flask-cognito.spec b/python-flask-cognito.spec new file mode 100644 index 0000000..c973374 --- /dev/null +++ b/python-flask-cognito.spec @@ -0,0 +1,216 @@ +%global _empty_manifest_terminate_build 0 +Name: python-Flask-Cognito +Version: 1.18 +Release: 1 +Summary: Authenticate users to Cognito user pool via JWT. +License: MIT +URL: https://github.com/jetbridge/flask_cognito +Source0: https://mirrors.nju.edu.cn/pypi/web/packages/4f/99/f15c214389e0354b0b0712f11ad5379d9844b9749bca9928a438bbd8e526/Flask-Cognito-1.18.tar.gz +BuildArch: noarch + + +%description +Authenticate users based on AWS Cognito JWT. +# Initialization +```python3 +# configuration +app.config.extend({ + 'COGNITO_REGION': 'eu-central-1', + 'COGNITO_USERPOOL_ID': 'eu-central-1c3fea2', + # optional + 'COGNITO_APP_CLIENT_ID': 'abcdef123456', # client ID you wish to verify user is authenticated against + 'COGNITO_CHECK_TOKEN_EXPIRATION': False, # disable token expiration checking for testing purposes + 'COGNITO_JWT_HEADER_NAME': 'X-MyApp-Authorization', + 'COGNITO_JWT_HEADER_PREFIX': 'Bearer', +}) +# initialize extension +from flask_cognito import CognitoAuth +cogauth = CognitoAuth(app) +@cogauth.identity_handler +def lookup_cognito_user(payload): + """Look up user in our database from Cognito JWT payload.""" + return User.query.filter(User.cognito_username == payload['username']).one_or_none() +``` +# Check Authentication +```python3 +from flask_cognito import cognito_auth_required, current_user, current_cognito_jwt +@route('/api/private') +@cognito_auth_required +def api_private(): + # user must have valid cognito access or ID token in header + # (accessToken is recommended - not as much personal information contained inside as with idToken) + return jsonify({ + 'cognito_username': current_cognito_jwt['username'], # from cognito pool + 'user_id': current_user.id, # from your database + }) +``` +# Restrict access by Cognito Group +```python3 +from flask_cognito import cognito_auth_required, current_user, current_cognito_jwt +@route('/api/foo') +@cognito_auth_required +@cognito_group_permissions(['admin','developer']) +def api_private(): + # user must belongs to "admin" or "developer" groups + return jsonify({ + 'foo': "bar" + }) +``` +### Acknowledgements +* Uses [cognitojwt](https://github.com/borisrozumnuk/cognitojwt) at its core. +* Based on [flask-jwt](https://github.com/mattupstate/flask-jwt/). + +%package -n python3-Flask-Cognito +Summary: Authenticate users to Cognito user pool via JWT. +Provides: python-Flask-Cognito +BuildRequires: python3-devel +BuildRequires: python3-setuptools +BuildRequires: python3-pip +%description -n python3-Flask-Cognito +Authenticate users based on AWS Cognito JWT. +# Initialization +```python3 +# configuration +app.config.extend({ + 'COGNITO_REGION': 'eu-central-1', + 'COGNITO_USERPOOL_ID': 'eu-central-1c3fea2', + # optional + 'COGNITO_APP_CLIENT_ID': 'abcdef123456', # client ID you wish to verify user is authenticated against + 'COGNITO_CHECK_TOKEN_EXPIRATION': False, # disable token expiration checking for testing purposes + 'COGNITO_JWT_HEADER_NAME': 'X-MyApp-Authorization', + 'COGNITO_JWT_HEADER_PREFIX': 'Bearer', +}) +# initialize extension +from flask_cognito import CognitoAuth +cogauth = CognitoAuth(app) +@cogauth.identity_handler +def lookup_cognito_user(payload): + """Look up user in our database from Cognito JWT payload.""" + return User.query.filter(User.cognito_username == payload['username']).one_or_none() +``` +# Check Authentication +```python3 +from flask_cognito import cognito_auth_required, current_user, current_cognito_jwt +@route('/api/private') +@cognito_auth_required +def api_private(): + # user must have valid cognito access or ID token in header + # (accessToken is recommended - not as much personal information contained inside as with idToken) + return jsonify({ + 'cognito_username': current_cognito_jwt['username'], # from cognito pool + 'user_id': current_user.id, # from your database + }) +``` +# Restrict access by Cognito Group +```python3 +from flask_cognito import cognito_auth_required, current_user, current_cognito_jwt +@route('/api/foo') +@cognito_auth_required +@cognito_group_permissions(['admin','developer']) +def api_private(): + # user must belongs to "admin" or "developer" groups + return jsonify({ + 'foo': "bar" + }) +``` +### Acknowledgements +* Uses [cognitojwt](https://github.com/borisrozumnuk/cognitojwt) at its core. +* Based on [flask-jwt](https://github.com/mattupstate/flask-jwt/). + +%package help +Summary: Development documents and examples for Flask-Cognito +Provides: python3-Flask-Cognito-doc +%description help +Authenticate users based on AWS Cognito JWT. +# Initialization +```python3 +# configuration +app.config.extend({ + 'COGNITO_REGION': 'eu-central-1', + 'COGNITO_USERPOOL_ID': 'eu-central-1c3fea2', + # optional + 'COGNITO_APP_CLIENT_ID': 'abcdef123456', # client ID you wish to verify user is authenticated against + 'COGNITO_CHECK_TOKEN_EXPIRATION': False, # disable token expiration checking for testing purposes + 'COGNITO_JWT_HEADER_NAME': 'X-MyApp-Authorization', + 'COGNITO_JWT_HEADER_PREFIX': 'Bearer', +}) +# initialize extension +from flask_cognito import CognitoAuth +cogauth = CognitoAuth(app) +@cogauth.identity_handler +def lookup_cognito_user(payload): + """Look up user in our database from Cognito JWT payload.""" + return User.query.filter(User.cognito_username == payload['username']).one_or_none() +``` +# Check Authentication +```python3 +from flask_cognito import cognito_auth_required, current_user, current_cognito_jwt +@route('/api/private') +@cognito_auth_required +def api_private(): + # user must have valid cognito access or ID token in header + # (accessToken is recommended - not as much personal information contained inside as with idToken) + return jsonify({ + 'cognito_username': current_cognito_jwt['username'], # from cognito pool + 'user_id': current_user.id, # from your database + }) +``` +# Restrict access by Cognito Group +```python3 +from flask_cognito import cognito_auth_required, current_user, current_cognito_jwt +@route('/api/foo') +@cognito_auth_required +@cognito_group_permissions(['admin','developer']) +def api_private(): + # user must belongs to "admin" or "developer" groups + return jsonify({ + 'foo': "bar" + }) +``` +### Acknowledgements +* Uses [cognitojwt](https://github.com/borisrozumnuk/cognitojwt) at its core. +* Based on [flask-jwt](https://github.com/mattupstate/flask-jwt/). + +%prep +%autosetup -n Flask-Cognito-1.18 + +%build +%py3_build + +%install +%py3_install +install -d -m755 %{buildroot}/%{_pkgdocdir} +if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi +if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi +if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi +if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi +pushd %{buildroot} +if [ -d usr/lib ]; then + find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/lib64 ]; then + find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/bin ]; then + find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/sbin ]; then + find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst +fi +touch doclist.lst +if [ -d usr/share/man ]; then + find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst +fi +popd +mv %{buildroot}/filelist.lst . +mv %{buildroot}/doclist.lst . + +%files -n python3-Flask-Cognito -f filelist.lst +%dir %{python3_sitelib}/* + +%files help -f doclist.lst +%{_docdir}/* + +%changelog +* Mon Apr 10 2023 Python_Bot <Python_Bot@openeuler.org> - 1.18-1 +- Package Spec generated |