Skip to content
This repository was archived by the owner on Apr 17, 2025. It is now read-only.

Add create jwt function #62

Merged
whu-lyft merged 5 commits into from
Mar 17, 2025
Merged

Add create jwt function #62

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
7275ba3
Add create jwt function to get_jwt
whu-lyft Mar 17, 2025
0f5e578
Update README.md
whu-lyft Mar 17, 2025
771a8f6
Update release version
whu-lyft Mar 17, 2025
e9ae70d
Fix test and lint
whu-lyft Mar 17, 2025
546c4a1
Add a help to get_jwt expiry argument
whu-lyft Mar 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
## 2.6.4

* add create jwt function to get_jwt

## 2.5.4

* add 403 as a valid response code for get_service call
Expand Down
25 changes: 0 additions & 25 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,28 +10,3 @@ Docs
* [Configuration](https://lyft.github.io/confidant/configuration)
* [Usage](https://lyft.github.io/confidant/using_confidant)
* [Contribution](https://lyft.github.io/confidant/contributing)

Reporting security vulnerabilities
----------------------------------

If you've found a vulnerability or a potential vulnerability in Confidant
please let us know at security@lyft.com. We'll send a confirmation email to
acknowledge your report, and we'll send an additional email when we've
identified the issue positively or negatively.

Getting support or asking questions
-----------------------------------

We have a mailing list for discussion, and a low volume list for announcements:

* https://groups.google.com/forum/#!forum/confidant-users
* https://groups.google.com/forum/#!forum/confidant-announce

We also have an IRC channel on freenode and a Gitter channel:

* [#confidant](http://webchat.freenode.net/?channels=confidant)
* [lyft/confidant on Gitter](https://gitter.im/lyft/confidant)

Feel free to drop into either Gitter or the IRC channel for any reason, even
if just to chat. It doesn't matter which one you join, the messages are sync'd
between the two.
5 changes: 4 additions & 1 deletion confidant_client/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -504,12 +504,15 @@ def update_credential(
ret['result'] = True
return ret

def get_jwt(self, environment, resource_id):
def get_jwt(self, environment, resource_id, expiry):
ret = {'result': False}
url = '{0}/v1/jwks/token'.format(self.config['url'])
if resource_id:
url += '/{0}'.format(resource_id)

if expiry:
url += '/{0}'.format(expiry)

try:
response = self._execute_request(
'get',
Expand Down
11 changes: 10 additions & 1 deletion confidant_client/cli.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -597,6 +597,14 @@ def _parse_args():
type=str,
dest='resource_id',
default=None,
help='The actual name of the resource to generate a JWT for',
)
get_jwt.add_argument(
'--expiry',
type=int,
dest='expiry',
default=None,
help='The expiry of the JWT in seconds',
)
return parser.parse_args()

Expand Down Expand Up @@ -795,7 +803,8 @@ def main():
logging.exception('An unexpected general error occurred.')
elif args.subcommand == 'get_jwt':
try:
ret = client.get_jwt(args.environment, args.resource_id)
ret = client.get_jwt(args.environment, args.resource_id,
args.expiry)
except Exception:
logging.exception('An unexpected general error occurred.')

Expand Down
2 changes: 1 addition & 1 deletion setup.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@

setup(
name="confidant-client",
version="2.5.4",
version="2.6.4",
packages=find_packages(exclude=["test*"]),
install_requires=[
# Boto3 is the Amazon Web Services (AWS) Software Development Kit (SDK)
Expand Down
29 changes: 27 additions & 2 deletions tests/unit/confidant_client/client_test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -876,7 +876,7 @@ def test_get_jwt_no_resource(self):
client.request_session.request = mock_200

self.assertEqual(
client.get_jwt('development', None),
client.get_jwt('development', None, None),
{'result': True}
)
client.request_session.request.assert_called_with(
Expand All @@ -901,7 +901,7 @@ def test_get_jwt(self):
client.request_session.request = mock_200

self.assertEqual(
client.get_jwt('development', 'test-resource'),
client.get_jwt('development', 'test-resource', None),
{'result': True}
)
client.request_session.request.assert_called_with(
Expand All @@ -912,3 +912,28 @@ def test_get_jwt(self):
timeout=5,
params={'environment': 'development'},
)

def test_get_jwt_creation(self):
client = confidant_client.ConfidantClient(
'http://localhost',
'alias/authnz-testing',
{'from': 'confidant-unittest',
'to': 'test',
'user_type': 'service'},
)
token_mock = MagicMock()
client._get_token = token_mock
client.request_session.request = mock_200

self.assertEqual(
client.get_jwt('development', 'test-resource', 3600),
{'result': True}
)
client.request_session.request.assert_called_with(
'GET',
'http://localhost/v1/jwks/token/test-resource/3600',
auth=('2/service/confidant-unittest', token_mock()),
allow_redirects=False,
timeout=5,
params={'environment': 'development'},
)