Metadata-Version: 2.1
Name: mauth-client
Version: 1.2.1
Summary: MAuth Client for Python
Home-page: https://github.com/mdsol/mauth-client-python
License: MIT
Author: Medidata Solutions
Author-email: support@mdsol.com
Requires-Python: >=3.6,<4.0
Classifier: Development Status :: 3 - Alpha
Classifier: Environment :: Web Environment
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Requires-Dist: cachetools (>=4.1,<5.0)
Requires-Dist: importlib-metadata (>=1.0,<2.0); python_version < "3.8"
Requires-Dist: requests (>=2.23,<3.0)
Requires-Dist: rsa (>=4.0,<5.0)
Project-URL: Repository, https://github.com/mdsol/mauth-client-python
Description-Content-Type: text/markdown

# MAuth Client Python
[![Build
Status](https://travis-ci.com/mdsol/mauth-client-python.svg?token=YCqgqZjJBpwz6GCprYaV&branch=develop)](https://travis-ci.com/mdsol/mauth-client-python)

MAuth Client Python is an authentication library to manage the information needed to both sign and authenticate requests and responses for Medidata's MAuth authentication system.


## Pre-requisites

To use MAuth Authenticator you will need:

* An MAuth app ID
* An MAuth private key (with the public key registered with Medidata's MAuth server)


## Installation

To resolve packages using pip, add the following to ~/.pip/pip.conf:
```
[global]
index-url = https://<username>:<password>@mdsol.jfrog.io/mdsol/api/pypi/pypi-packages/simple/
```

Install using pip:
```
$ pip install mauth-client
```

Or directly from GitHub:
```
$ pip install git+https://github.com/mdsol/mauth-client-python.git
```

This will also install the dependencies.

To resolve using a requirements file, the index URL can be specified in the first line of the file:
```
--index-url https://<username>:<password>@mdsol.jfrog.io/mdsol/api/pypi/pypi-packages/simple/
mauth-client==<latest version>
```

## Usage

### Signing Outgoing Requests

```python
import requests
from mauth_client.requests_mauth import MAuth

# MAuth configuration
APP_UUID = "<MAUTH_APP_UUID>"
private_key = open("private.key", "r").read()
mauth = MAuth(APP_UUID, private_key)

# Call an MAuth protected resource, in this case an iMedidata API
# listing the studies for a particular user
user_uuid = "10ac3b0e-9fe2-11df-a531-12313900d531"
url = "https://innovate.imedidata.com/api/v2/users/{}/studies.json".format(user_uuid)

# Make the requests call, passing the auth client
result = requests.get(url, auth=mauth)

# Print results
if result.status_code == 200:
    print([r["uuid"] for r in result.json()["studies"]])
print(result.text)
```

The `mauth_sign_versions` option can be set as an environment variable to specify protocol versions to sign outgoing requests:

| Key                   | Value                                                                                |
| --------------------- | ------------------------------------------------------------------------------------ |
| `MAUTH_SIGN_VERSIONS` | **(optional)** Comma-separated protocol versions to sign requests. Defaults to `v1`. |

This option can also be passed to the constructor:

```python
mauth_sign_versions = "v1,v2"
mauth = MAuth(APP_UUID, private_key, mauth_sign_versions)
```


### Authenticating Incoming Requests

MAuth Client Python supports AWS Lambda functions and Flask applications to authenticate MAuth signed requests.

The following variables are **required** to be configured in the environment variables:

| Key            | Value                                                         |
| -------------- | ------------------------------------------------------------- |
| `APP_UUID`     | APP_UUID for the AWS Lambda function                          |
| `PRIVATE_KEY`  | Encrypted private key for the APP_UUID                        |
| `MAUTH_URL`    | MAuth service URL (e.g. https://mauth-innovate.imedidata.com) |


The following variables can optionally be set in the environment variables:

| Key                    | Value                                                                                     |
| ---------------------- | ----------------------------------------------------------------------------------------- |
| `MAUTH_API_VERSION`    | **(optional)** MAuth API version. Only `v1` exists as of this writing. Defaults to `v1`.  |
| `MAUTH_MODE`           | **(optional)** Method to authenticate requests. `local` or `remote`. Defaults to `local`. |
| `V2_ONLY_AUTHENTICATE` | **(optional)** Authenticate requests with only V2. Defaults to `False`.                   |


#### AWS Lambda functions

```python
from mauth_client.lambda_authenticator import LambdaAuthenticator

authenticator = LambdaAuthenticator(method, url, headers, body)
authentic, status_code, message = authenticator.is_authentic()
app_uuid = authenticator.get_app_uuid()
```

#### Flask applications

You will need to create an application instance and initialize it with FlaskAuthenticator:

```python
from flask import Flask
from mauth_client.flask_authenticator import FlaskAuthenticator

app = Flask("Some Sample App")
authenticator = FlaskAuthenticator()
authenticator.init_app(app)
```

To specify routes that need to be authenticated use the `requires_authentication` decorator:

```python
from flask import Flask
from mauth_client.flask_authenticator import requires_authentication

@app.route("/some/private/route", methods=["GET"])
@requires_authentication
def private_route():
    return "Wibble"

@app.route("/app_status", methods=["GET"])
def app_status():
    return "OK"
```


## Contributing

See [CONTRIBUTING](CONTRIBUTING.md)

