Metadata-Version: 2.4
Name: acmadauth
Version: 1.2.1
Summary: ACMAD Authentication Library
Author-email: Jan Hettenhausen <j.hettenhausen@griffith.edu.au>
Requires-Python: >=3.12
Description-Content-Type: text/markdown
Requires-Dist: httpx>=0.28.1
Requires-Dist: keyring>=25.7.0
Requires-Dist: marshmallow>=4.2.0
Requires-Dist: marshmallow-dataclass>=8.7.1
Requires-Dist: pyjwt>=2.10.1
Requires-Dist: pyqrcode>=1.2.1
Requires-Dist: qrcode>=8.2
Requires-Dist: requests>=2.32.5

# acmadauth

Device flow authentication helper for Keycloak OIDC clients, designed for use
in end-user applications. It provides a handler for the device authorisation
flow and an httpx auth class that injects bearer tokens and refreshes them as
needed.

## Installation

```bash
pip install acmadauth
```

## Usage

```python
from acmadauth.handlers import KeycloakOIDCDeviceFlowHandler
from acmadauth.tokencaches import MemoryTokenCache
from pprint import pprint
from acmadauth.auth import HttpxDeviceFlowAuth
import httpx

realm = "https://auth.acmad.cloud.edu.au/realms/ACMADCI"
client_id = "acmad-ci"

handler = KeycloakOIDCDeviceFlowHandler(realm, client_id)
cache = MemoryTokenCache()

auth = HttpxDeviceFlowAuth(handler, cache, open_browser=True)

client = httpx.Client(auth=auth)
resp = client.get("https://acmad-ci.acmad.cloud.edu.au/api/v1/user/current_user/")
print(f"Request Status Code: {resp.status_code}")
pprint(resp.json())
```

## Notes

- JWT signatures are not verified. Tokens are used only for expiry checks and transport.
- Use `KeyringTokenCache` for secure storage. `JsonFileTokenCache` is for testing only.

## Documentation

Sphinx documentation is available under `docs/`.
