Python client library for ID4me protocol - Relying Party side. See: https://id4me.org

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for id4me from gravatar.com id4me Avatar for pawel-kowalik-1and1 from gravatar.com pawel-kowalik-1and1

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: https://gitlab.com/ID4me/id4me-rp-client-python/blob/master/LICENSE
  • Author: Pawel Kowalik
Classifiers

Project description

id4me-rp-client

Python Relying Party client library for ID4me protocol. For details of the protocol, please visit: https://id4me.org

Library offers Relying Party functionality for authentication with Identity Authority and claim request from the Identity Agent..

Specification reference

https://gitlab.com/ID4me/documentation/blob/master/id4ME%20Technical%20Specification.adoc

  • Version: 1.0
  • Revision: 02

Installation

pip install id4me-rp-client

Usage

Register the client and authorize with Identity Authority

from id4me_rp_client import *

# these imports are just needed in this example
from builtins import input
import json

registrations = dict()

# a routine to save client registration at authority
def save_authority_registration(auth_name, auth_content):
    registrations[auth_name] = auth_content
    pass


# a routine to load client registration at authority
def load_authority_registration(auth_name):
    return registrations[auth_name]

# create client object with basic parameters of your app
client = ID4meClient(
    get_client_registration=load_authority_registration,
    save_client_registration=save_authority_registration,
    validate_url='https://dynamicdns.domainconnect.org/ddnscode',
    client_name='Foo app',
    logo_url='https://upload.wikimedia.org/wikipedia/commons/7/76/Foobar2000_logo_2014.png',
    policy_url='https://foo.com/policy',
    tos_url='https://foo.com/tos',
    private_jwks_json=ID4meClient.generate_new_private_keys_set())

try:
    # make a discovery of identity authority and register if needed
    # find_authority and save_authority are optional, but when missing client will be registered each time anew
    ctx = client.get_rp_context(
        id4me='id200.connect.domains')    

    # get a link to login routine
    link = client.get_consent_url(
        ctx,
        claimsrequest=ID4meClaimsRequest(
            userinfo_claims={
                OIDCClaim.name: ID4meClaimRequestProperties(reason='To call you by name'),
                OIDCClaim.email: ID4meClaimRequestProperties(essential=True, reason='To be able to contact you'),
                OIDCClaim.email_verified: ID4meClaimRequestProperties(reason='To know if your E-mail was verified'),
            })
        )
    print('Please open the link:\n{}'.format(link))

    # Normally code will arrive as query param on client.validateUrl
    code = input('Please enter code: ')
    # Get ID token
    client.get_idtoken(context=ctx, get_client_registration=load_authority_registration, code=code)
    # Get User Info
    userinfo = client.get_user_info(context=ctx, get_client_registration=load_authority_registration)
    print('User Info:\n{}'.format(json.dumps(userinfo, sort_keys=True, indent=4)))    
except ID4meException as e:
    print('Exception: {}'.format(e))

Output:

Resolving "_openid.id200.connect.domains."
Checking TXT record "v=OID1;iau=auth.freedom-id.de;iag=identityagent.de"
identity_authority = auth.freedom-id.de
registering with new identity authority (auth.freedom-id.de)
destination = https://auth.freedom-id.de/login?scope=openid&response_type=code&client_id=hmkzay2riyon4&redirect_uri=https%3A//foo.com/validate&login_hint=id200.connect.domains&state=&claims=%7B%22userinfo%22%3A%20%7B%22email_verified%22%3A%20%7B%22reason%22%3A%20%22To%20know%20if%20your%20E-mail%20was%20verified%22%7D%2C%20%22email%22%3A%20%7B%22reason%22%3A%20%22To%20be%20able%20to%20contact%20you%22%2C%20%22essential%22%3A%20true%7D%2C%20%22name%22%3A%20%7B%22reason%22%3A%20%22To%20call%20you%20by%20name%22%7D%7D%7D
Please open the link:
https://auth.freedom-id.de/login?scope=openid&response_type=code&client_id=hmkzay2riyon4&redirect_uri=https%3A//foo.com/validate&login_hint=id200.connect.domains&state=&claims=%7B%22userinfo%22%3A%20%7B%22email_verified%22%3A%20%7B%22reason%22%3A%20%22To%20know%20if%20your%20E-mail%20was%20verified%22%7D%2C%20%22email%22%3A%20%7B%22reason%22%3A%20%22To%20be%20able%20to%20contact%20you%22%2C%20%22essential%22%3A%20true%7D%2C%20%22name%22%3A%20%7B%22reason%22%3A%20%22To%20call%20you%20by%20name%22%7D%7D%7D
Please enter code: >? 9jNXCX9OZ4HQLr2YZWKisw.5mSDkoR-5YJQoTp3f1vuxg
User Info:
{
    "aud": "hmkzay2riyon4", 
    "email": "foo@bar.de", 
    "email_verified": true, 
    "exp": 1538762218, 
    "iat": 1538761918, 
    "id4me.identifier": "id200.connect.domains", 
    "id4me.identity": "id200.connect.domains", 
    "iss": "https://auth.freedom-id.de", 
    "nbf": 1538761918, 
    "sub": "uiw3pTRRLVaKJqbnbSwr4EVuhEPTHvRgci91RbhYU2rab/YVDqDmqTKzTVAdDMm+", 
    "updated_at": 1538564738
}

CHANGELOG:

0.0.11 - 2019-02-21 - BUGFIX, error when serializing ID4meContext 0.0.10 - 2019-02-18 - Breaking change, client configuration loading callback moved to client object in order to remove secret data from the ID4meContext which can be in some frameworks sent over cookies

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for id4me from gravatar.com id4me Avatar for pawel-kowalik-1and1 from gravatar.com pawel-kowalik-1and1

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: https://gitlab.com/ID4me/id4me-rp-client-python/blob/master/LICENSE
  • Author: Pawel Kowalik
Classifiers

Release history Release notifications | RSS feed

0.0.24

0.0.23

0.0.22

0.0.21

0.0.20

0.0.19

0.0.18

0.0.17

0.0.16

0.0.15

0.0.14

0.0.13

0.0.12

This version

0.0.11

0.0.10

0.0.9

0.0.8

0.0.7

0.0.6

0.0.5

0.0.4

0.0.2

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

id4me-rp-client-0.0.11.tar.gz (15.4 kB view details)

Uploaded Source

Built Distribution

id4me_rp_client-0.0.11-py2.py3-none-any.whl (16.5 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file id4me-rp-client-0.0.11.tar.gz.

File metadata

  • Download URL: id4me-rp-client-0.0.11.tar.gz
  • Upload date:
  • Size: 15.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/39.1.0 requests-toolbelt/0.9.1 tqdm/4.31.1 CPython/3.7.2

File hashes

Hashes for id4me-rp-client-0.0.11.tar.gz
Algorithm Hash digest
SHA256 1ca7e2f50c5f52c6fe2fd657e00d426316b1f2d47bb99a9737c88a5de1bdb9ca
MD5 a680305ea3b36115776b60ecbce98a88
BLAKE2b-256 83af65b8bc3a1e059bfc4d5035ec243406e6e0a317935d8ecab85ba43352c83d

See more details on using hashes here.

File details

Details for the file id4me_rp_client-0.0.11-py2.py3-none-any.whl.

File metadata

  • Download URL: id4me_rp_client-0.0.11-py2.py3-none-any.whl
  • Upload date:
  • Size: 16.5 kB
  • Tags: Python 2, Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/39.1.0 requests-toolbelt/0.9.1 tqdm/4.31.1 CPython/3.7.2

File hashes

Hashes for id4me_rp_client-0.0.11-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 061ed1d4a70635f97b6b11ca69d499a11bfb4190f3053237883c71cd8206f2d2
MD5 7a2ec131808c2f11d62860db60500dc5
BLAKE2b-256 6cbdda91adfb07e565887a213078e3f2556098f9928c8c3a58857de8bce0b3a0

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page