symphony.bdk.core.auth.ext_app_authenticator.ExtensionAppAuthenticatorCert#

class symphony.bdk.core.auth.ext_app_authenticator.ExtensionAppAuthenticatorCert(certificate_authentication_api: symphony.bdk.gen.auth_api.certificate_authentication_api.CertificateAuthenticationApi, certificate_pod_api: symphony.bdk.gen.auth_api.certificate_pod_api.CertificatePodApi, app_id: str, retry_config: symphony.bdk.core.config.model.bdk_retry_config.BdkRetryConfig, tokens_repository: Optional[symphony.bdk.core.auth.tokens_repository.TokensRepository] = None)#

Bases: symphony.bdk.core.auth.ext_app_authenticator.ExtensionAppAuthenticator

A subclass of ExtensionAppAuthenticator specific to extension app certificate authentication.

__init__(certificate_authentication_api: symphony.bdk.gen.auth_api.certificate_authentication_api.CertificateAuthenticationApi, certificate_pod_api: symphony.bdk.gen.auth_api.certificate_pod_api.CertificatePodApi, app_id: str, retry_config: symphony.bdk.core.config.model.bdk_retry_config.BdkRetryConfig, tokens_repository: Optional[symphony.bdk.core.auth.tokens_repository.TokensRepository] = None)#
Parameters
  • certificate_authentication_api – the CertificateAuthenticationApi instance

  • certificate_pod_api – the CertificatePodApi instance

  • app_id – the application ID

  • retry_config – Retry configuration

  • tokens_repository – the tokens repository to store existing valid sessions. Defaults to InMemoryTokensRepository

Methods

__init__(certificate_authentication_api, ...)

param certificate_authentication_api

the CertificateAuthenticationApi instance

authenticate_and_retrieve_tokens(app_token)

Actually authenticates and retrieves the tokens.

authenticate_extension_app(app_token)

Authenticates an extension app.

is_token_pair_valid(app_token, symphony_token)

Validates if appToken and symphonyToken corresponds to an existing session.

validate_jwt(jwt)

Validates a jwt against the pod certificate.

async authenticate_and_retrieve_tokens(app_token: str) symphony.bdk.gen.login_model.extension_app_tokens.ExtensionAppTokens#

Actually authenticates and retrieves the tokens. Save the tokens in the tokens repository.

Parameters

app_token – the token generated by the application backend

Returns

the extension app tokens

async authenticate_extension_app(app_token: str) symphony.bdk.core.auth.auth_session.AppAuthSession#

Authenticates an extension app.

Parameters

app_token – the token generated by the application backend

Returns

the extension app authentication session

async is_token_pair_valid(app_token: str, symphony_token: str) bool#

Validates if appToken and symphonyToken corresponds to an existing session.

Parameters
  • app_token – the application token

  • symphony_token – the Symphony token

Returns

True if token pair is valid, False otherwise

async validate_jwt(jwt: str) dict#

Validates a jwt against the pod certificate.

Parameters

jwt – the jwt to be validated

Returns

the dictionary of jwt claims

Raises

AuthInitializationError – If the pod certificate or jwt are invalid.