HTTP server managing identities.
Project description
Kisee — Identity Provider Server
Name
The name "Kisee", inspired from "KISS" ("Keep it simple, stupid.") is
spoken as the french phrase "Qui c'est ?", [kis‿ɛ].
Overview
Kisee is an API giving JWTs in exchange for valid usernames/password pairs. That's it.
Kisee is better used as a backend of the Pasee identity manager: Pasee handle groups and can handle multiple identity backends (one or many Kisee instances, twitter, facebook, ...).
Kisee can use your existing database (or use a dedicated one) to query the username and passwrds if you're willing to implement a simple Python class to query it, so Kisee can query anything: LDAP, a flat file, a PostgreSQL database with a strange schema, whatever.
Quick start
Once you've cloned the repo and created a venv, install kisee in it:
$ python3 -m pip install -e .[dev]
Start kisee:
$ kisee --settings example-settings.toml
This starts Kisee with a very dumb backend, just so you can play.
The dumb backend works like this:
- Any user exists.
- Any password less or equal than 4 characters will be considered wrong.
- Any other password will pass.
So now we can query it:
$ curl http://0.0.0.0:8140/jwt/ -XPOST -d '{"login": "John", "password": "secure"}'
{
"_type": "document",
"_meta": {
"url": "/jwt/",
"title": "JSON Web Tokens"
},
"tokens": [
"eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJleGFtcGxlLmNvbSIsInN1YiI6IkpvaG4iLCJleHAiOjE1NTMyNzQyNjEsImp0aSI6IjlXb0piV1g2OGpmQVo5N1dNRWRjNDQifQ.iYAgA-018VHQo9tWLfk7XIxtrDKYk_CTWhHXo7bMBGDz9HGKRIwV_mh0Wla6tf6z-_JH5KRTQRnQl5DLLlIelg"
],
"add_token": {
"_type": "link",
"action": "post",
"title": "Create a new JWT",
"description": "POSTing to this endpoint create JWT tokens.",
"fields": [
{
"name": "login",
"required": true
},
{
"name": "password",
"required": true
}
]
}
}
FAQ
Internals
The Kisee daemon does not store (login, password) tuples, but uses
a Python class, a backend you can configure in settings.toml to
handle this.
Kisee provides some demo backends and test backends so you can
play with it. You can provide your own backend to hit your own
database, your LDAP server, or another IdP as needed.
TODO
- Admin interface
- Status page
- Token invalidation (
DELETE /jwt{/jti}). - Rate-limiting
- Better error messages (Maybe https://github.com/blongden/vnd.error?)
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file kisee-19.7.0.tar.gz.
File metadata
- Download URL: kisee-19.7.0.tar.gz
- Upload date:
- Size: 28.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: python-requests/2.22.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 0f34a420f4ee4d130745c528129134c5dde41e068b47741dff2b473038d0fdf8 |
|
| MD5 | 33de20c8fb3a919e1c1c71b5a92dac92 |
|
| BLAKE2b-256 | 032d936d636a08dcaf46b7d641ffc2c94bc89f06d12f6b5ca0035b7b7e888bbb |
File details
Details for the file kisee-19.7.0-py3-none-any.whl.
File metadata
- Download URL: kisee-19.7.0-py3-none-any.whl
- Upload date:
- Size: 30.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: python-requests/2.22.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 5fa91e3e279cbaebb3afbc044606f43b6f7fd142c4ed48329e2eb0f0d48dc15b |
|
| MD5 | d246b29675c45f89df86655468e87f1c |
|
| BLAKE2b-256 | 1d1b51870b63c29a4079e324ba9dc177f5edc0b99d11e1232091c908077efae6 |
