Skip to main content

Python library for the Verified Email Protocol

Project description

This is a python client library for the Verified Email Protocol, a.k.a Mozilla’s BrowserID project. See here for details:

https://wiki.mozilla.org/Identity/Verified_Email_Protocol

And see here for how to integrate it into your website:

https://browserid.org/

For the vast majority of deployments, you will simply want to call the “verify” functon to verify a given assertion:

>>> data = vep.verify(BROWSERIDASSERTION, "http://mysite.com")
>>> print data["email"]
"test@example.com"

The precise implementation of this function will change depending on the current recommendedations of the BrowserID team. Currently it POSTs the assertion to the remote verifier services on browserid.org.

For improved performance, or if you just want to live on the bleeding edge, you can explicitly perform verification locally like so:

>>> data = vep.verify_local(BROWSERIDASSERTION, "http://mysite.com")
>>> print data["email"]
"test@example.com"

Note that the details of the Verified Email Protocol are still in flux, so local verification might break due to incompatible changes. As things stabilise this will become the default implementation.

If you have specialised needs, you can also create a “verifier” class to encapsulate any custom settings you may require. For example, here is how to do remote verification using a custom url-opening function:

>>> verifier = vep.RemoteVerifier(urlopen=my_urlopen_func)
>>> data = verifier.verify_local(BROWSERIDASSERTION, "http://mysite.com")
>>> print data["email"]
"test@example.com"

0.3.1 - 2012-01-24

  • Update the audience-extraction code in RemoteVerifier to support the new-style assertion format; thanks junkafarian.

0.3.0 - 2012-01-06

  • Support the “new-style” VEP assertion format. This avoids double-b64- encoding and generally results in smaller assertions.

  • Warn rather than fail if we can’t find the CA certificates. This will help new users get up and running more easily.

  • Add shortcut functions for verification with the default options. They are vep.verify(), vep.verify_remote(), vep.verify_local(), and vep.verify_dummy().

  • Add vep.utils.get_assertion_info(), which parses useful information out of an assertion without actually verifying it.

  • Make LocalVerifier expire cached public keys after 6 hours by default.

  • Allow LocalVerifier to take a user-specified cache object so that public keys can be stored in e.g. memcached.

  • Update to the latest issuer-key-fetch protocol (using /.well-known/vep).

  • Add InvalidIssuerError to report on invalid or untrusted issuers.

  • Clean up the internal JWT interface. It now uses module-level functions rather than classmethods.

0.2.1 - 2011-12-16

  • Use M2Crypto for faster DSA operations.

  • DummyVerifier: fix hex formatting for compatability with jwcrypto.

  • DummyVerifier: don’t emit FutureWarning on initialisation.

0.2.0 - 2011-12-07

  • do more validation of the assertion before checking the certificates, to avoid expensive crypto ops for things we know to be invalid.

  • implement DummyVerifier class to aid in testing, both of this package and of packages that are using PyVEP.

  • add exception hierarchy in vep.errors, so that calling code can easily tell why verification failed.

0.1.1 - 2011-12-01

  • add “diresworb.org” to default list of trusted secondaries.

  • implement additional signature algorithms.

  • if “hostname/.well-known/host-meta” gives a 404, fall back to “hostname/pk” to find the public key.

0.1.0 - 2011-11-23

  • initial release.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

PyVEP-0.3.1.tar.gz (30.4 kB view details)

Uploaded Source

File details

Details for the file PyVEP-0.3.1.tar.gz.

File metadata

  • Download URL: PyVEP-0.3.1.tar.gz
  • Upload date:
  • Size: 30.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for PyVEP-0.3.1.tar.gz
Algorithm Hash digest
SHA256 b8c5868f99ff747a568e9bd2687003adb1f8a2304b1a7ffc2b994711bee1e86a
MD5 c79c49252c08ca3f4b3473293a21f407
BLAKE2b-256 4d39cb709c451a917034a6dab6f39e1e07b31cd995fadbfbef2086e31272c711

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page