From 87db2163b6798eb7faa81389f122cc7d62c81196 Mon Sep 17 00:00:00 2001 From: David Black Date: Mon, 3 Jun 2024 17:17:14 +1000 Subject: [PATCH] Sem-Ver: api-break Change the default token lifetime to be 1 minute - it was previously 1 hour Signed-off-by: David Black --- README.rst | 21 +++++++++++++++++++++ atlassian_jwt_auth/signer.py | 2 +- atlassian_jwt_auth/tests/test_signer.py | 2 +- 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/README.rst b/README.rst index 9243659..3f52cf4 100644 --- a/README.rst +++ b/README.rst @@ -105,6 +105,7 @@ For example: .. code:: python import atlassian_jwt_auth + import requests from atlassian_jwt_auth.contrib.requests import JWTAuth signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem, reuse_jwts=True) @@ -113,6 +114,26 @@ For example: auth=JWTAuth(signer, 'audience') ) +If you want to generate tokens with a longer lifetime than the default 1 minute period, +you can do so via specifying a `lifetime` value to `create_signer`. +For example: + + +.. code:: python + + import datetime + + import atlassian_jwt_auth + import requests + from atlassian_jwt_auth.contrib.requests import JWTAuth + + signer = atlassian_jwt_auth.create_signer( + 'issuer', 'issuer/key', private_key_pem, + reuse_jwts=True, lifetime=datetime.timedelta(minutes=2)) + response = requests.get( + 'https://your-url', + auth=JWTAuth(signer, 'audience') + ) To verify a JWT diff --git a/atlassian_jwt_auth/signer.py b/atlassian_jwt_auth/signer.py index 284e95d..92ef48a 100644 --- a/atlassian_jwt_auth/signer.py +++ b/atlassian_jwt_auth/signer.py @@ -15,7 +15,7 @@ class JWTAuthSigner(object): def __init__(self, issuer, private_key_retriever, **kwargs): self.issuer = issuer self.private_key_retriever = private_key_retriever - self.lifetime = kwargs.get('lifetime', datetime.timedelta(hours=1)) + self.lifetime = kwargs.get('lifetime', datetime.timedelta(minutes=1)) self.algorithm = kwargs.get('algorithm', 'RS256') self.subject = kwargs.get('subject', None) self._private_keys_cache = dict() diff --git a/atlassian_jwt_auth/tests/test_signer.py b/atlassian_jwt_auth/tests/test_signer.py index 8fcf60f..5d83145 100644 --- a/atlassian_jwt_auth/tests/test_signer.py +++ b/atlassian_jwt_auth/tests/test_signer.py @@ -29,7 +29,7 @@ def test__generate_claims(self): for additional_claims in [{}, {'extra': 'thing'}]: expected_claims = { 'iss': expected_iss, - 'exp': expected_now + datetime.timedelta(hours=1), + 'exp': expected_now + datetime.timedelta(minutes=1), 'iat': expected_now, 'aud': expected_audience, 'nbf': expected_now,