v0.0.6

Author: RobertoPrevato

.flake8

@@ -0,0 +1,8 @@
+[flake8]
+exclude = __pycache__,built,build,venv
+ignore = E203, E266, W503
+max-line-length = 88
+max-complexity = 18
+select = B,C,E,F,W,T4,B9
+per-file-ignores =
+  guardpost/__init__.py:F401

.github/workflows/build.yml

@@ -0,0 +1,101 @@
+name: Build
+
+on:
+  release:
+    types: [published]
+  push:
+    branches:
+      - master
+      - ci
+  pull_request:
+    branches:
+      - "*"
+
+env:
+  PROJECT_NAME: guardpost
+
+jobs:
+  build:
+    runs-on: ubuntu-18.04
+    strategy:
+      matrix:
+        python-version: [3.6, 3.7, 3.8, 3.9]
+
+    steps:
+      - uses: actions/checkout@v1
+        with:
+          fetch-depth: 9
+          submodules: false
+
+      - name: Use Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v1
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - uses: actions/cache@v1
+        id: depcache
+        with:
+          path: deps
+          key: requirements-pip-${{ matrix.python-version }}-${{ hashFiles('requirements.txt') }}
+
+      - name: Download dependencies
+        if: steps.depcache.outputs.cache-hit != 'true'
+        run: |
+          pip download --dest=deps -r requirements.txt
+
+      - name: Install dependencies
+        run: |
+          pip install -U --no-index --find-links=deps deps/*
+
+      - name: Run tests
+        run: |
+          flake8 && pytest --doctest-modules --junitxml=junit/pytest-results-${{ matrix.python-version }}.xml --cov=$PROJECT_NAME --cov-report=xml tests/
+
+      - name: Upload pytest test results
+        uses: actions/upload-artifact@master
+        with:
+          name: pytest-results-${{ matrix.python-version }}
+          path: junit/pytest-results-${{ matrix.python-version }}.xml
+        if: always()
+
+      - name: Codecov
+        run: |
+          bash <(curl -s https://codecov.io/bash)
+
+      - name: Install distribution dependencies
+        run: pip install --upgrade twine setuptools wheel
+        if: matrix.python-version == 3.8 || matrix.python-version == 3.9
+
+      - name: Create distribution package
+        run: python setup.py sdist bdist_wheel
+        if: matrix.python-version == 3.8 || matrix.python-version == 3.9
+
+      - name: Upload distribution package
+        uses: actions/upload-artifact@master
+        with:
+          name: dist-package-${{ matrix.python-version }}
+          path: dist
+        if: matrix.python-version == 3.8 || matrix.python-version == 3.9
+
+  publish:
+    runs-on: ubuntu-18.04
+    needs: build
+    if: github.event_name == 'release'
+    steps:
+      - name: Download a distribution artifact
+        uses: actions/download-artifact@v2
+        with:
+          name: dist-package-3.9
+          path: dist
+      - name: Publish distribution 📦 to Test PyPI
+        uses: pypa/gh-action-pypi-publish@master
+        with:
+          skip_existing: true
+          user: __token__
+          password: ${{ secrets.test_pypi_password }}
+          repository_url: https://test.pypi.org/legacy/
+      - name: Publish distribution 📦 to PyPI
+        uses: pypa/gh-action-pypi-publish@master
+        with:
+          user: __token__
+          password: ${{ secrets.pypi_password }}

.gitignore

@@ -1,106 +1,8 @@
-# Byte-compiled / optimized / DLL files
-__pycache__/
-*.py[cod]
-*$py.class
-
-# C extensions
-*.so
-
-# Distribution / packaging
-.Python
-build/
-develop-eggs/
-dist/
-downloads/
-eggs/
-.eggs/
-lib/
-lib64/
-parts/
-sdist/
-var/
-wheels/
-*.egg-info/
-.installed.cfg
-*.egg
-MANIFEST
-
-# PyInstaller
-#  Usually these files are written by a python script from a template
-#  before PyInstaller builds the exe, so as to inject date/other infos into it.
-*.manifest
-*.spec
-
-# Installer logs
-pip-log.txt
-pip-delete-this-directory.txt
-
-# Unit test / coverage reports
-htmlcov/
-.tox/
+.vscode
+venv
+htmlcov
 .coverage
-.coverage.*
-.cache
-nosetests.xml
-coverage.xml
-*.cover
-.hypothesis/
-.pytest_cache/
-
-# Translations
-*.mo
-*.pot
-
-# Django stuff:
-*.log
-local_settings.py
-db.sqlite3
-
-# Flask stuff:
-instance/
-.webassets-cache
-
-# Scrapy stuff:
-.scrapy
-
-# Sphinx documentation
-docs/_build/
-
-# PyBuilder
-target/
-
-# Jupyter Notebook
-.ipynb_checkpoints
-
-# pyenv
-.python-version
-
-# celery beat schedule file
-celerybeat-schedule
-
-# SageMath parsed files
-*.sage.py
-
-# Environments
-.env
-.venv
-env/
-venv/
-ENV/
-env.bak/
-venv.bak/
-
-# Spyder project settings
-.spyderproject
-.spyproject
-
-# Rope project settings
-.ropeproject
-
-# mkdocs documentation
-/site
-
-# mypy
-.mypy_cache/
-
-.idea/
+__pycache__
+*.egg-info
+*.tar.gz
+.mypy_cache

CHANGELOG.md

@@ -0,0 +1,13 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.0.6] - 2020-12-12 :octocat:
+- Completely migrates to GitHub Workflows
+- Improves build to test Python 3.6 and 3.9
+- Adds a changelog
+- Improves badges
+- Improves code quality using `flake8` and `black`

README.md

@@ -1,29 +1,55 @@
-[![Build status](https://dev.azure.com/robertoprevato/GuardPost/_apis/build/status/GuardPost-CI)](https://dev.azure.com/robertoprevato/GuardPost/_build/latest?definitionId=15) [![pypi](https://img.shields.io/pypi/v/GuardPost.svg?color=blue)](https://pypi.org/project/GuardPost/) [![Test coverage](https://img.shields.io/azure-devops/coverage/robertoprevato/GuardPost/15.svg)](https://robertoprevato.visualstudio.com/GuardPost/_build?definitionId=15)
+[![Build](https://github.com/Neoteroi/guardpost/workflows/Build/badge.svg)](https://github.com/Neoteroi/guardpost/actions?query=workflow%3ABuild)
+[![pypi](https://img.shields.io/pypi/v/guardpost.svg?color=blue)](https://pypi.org/project/guardpost/)
+[![versions](https://img.shields.io/pypi/pyversions/guardpost.svg)](https://github.com/Neoteroi/guardpost)
+[![license](https://img.shields.io/github/license/Neoteroi/guardpost.svg)](https://github.com/Neoteroi/guardpost/blob/master/LICENSE)
+[![codecov](https://codecov.io/gh/Neoteroi/guardpost/branch/master/graph/badge.svg?token=sBKZG2D1bZ)](https://codecov.io/gh/Neoteroi/guardpost)
 
 # GuardPost
-GuardPost provides a basic framework to handle authentication and authorization in any kind of Python application.
+GuardPost provides a basic framework to handle authentication and authorization
+in any kind of Python application.
 
 ```bash
 pip install guardpost
 ```
 
-This library is freely inspired by [authorization in ASP.NET Core](https://docs.microsoft.com/en-us/aspnet/core/security/authorization/policies?view=aspnetcore-2.2); although its implementation is extremely different.
+This library is freely inspired by [authorization in ASP.NET
+Core](https://docs.microsoft.com/en-us/aspnet/core/security/authorization/policies?view=aspnetcore-2.2);
+although its implementation is extremely different.
 
 Notable differences are:
-1. GuardPost is abstracted from the code that executes it, so it's not bound to the context of a web framework.
-1. GuardPost implements both classes for use with synchronous code (not necessarily I/O bound), and classes using `async/await` syntax (optimized for authentication and authorization rules that involve I/O bound operations such as web requests and communications with databases).
-1. GuardPost leverages Python function decorators for the authorization part, so any function can be wrapped to be executed after handling authorization.
+1. GuardPost is abstracted from the code that executes it, so it's not bound to
+   the context of a web framework.
+1. GuardPost implements both classes for use with synchronous code (not
+   necessarily I/O bound), and classes using `async/await` syntax (optimized
+   for authentication and authorization rules that involve I/O bound operations
+   such as web requests and communications with databases).
+1. GuardPost leverages Python function decorators for the authorization part,
+   so any function can be wrapped to be executed after handling authorization.
 1. The code API is simpler.
 
 ## More documentation and examples
-For documentation and [examples](https://github.com/RobertoPrevato/GuardPost/wiki/Examples), refer to the project [Wiki](https://github.com/RobertoPrevato/GuardPost/wiki).
+For documentation and
+[examples](https://github.com/RobertoPrevato/GuardPost/wiki/Examples), refer to
+the project [Wiki](https://github.com/RobertoPrevato/GuardPost/wiki).
+
+To see how `guardpost` is used in `blacksheep` web framework, read the
+documentation here:
+
+* [Authentication](https://www.neoteroi.dev/blacksheep/authentication/)
+* [Authorization](https://www.neoteroi.dev/blacksheep/authorization/)
 
 ## Both for async/await and synchronous code
-GuardPost can be used both with async/await code and with synchronous code, according to use cases and users' preference.
+GuardPost can be used both with async/await code and with synchronous code,
+according to use cases and users' preference.
 
 ## If you have doubts about authentication vs authorization...
-`Authentication` answers the question: _Who is the user who is executing the action?_, or more in general: _Who is the user, or what is the service, that is executing the action?_.
+`Authentication` answers the question: _Who is the user who is executing the
+action?_, or more in general: _Who is the user, or what is the service, that is
+executing the action?_.
 
-`Authorization` answers the question: _Is the user, or service, authorized to do something?_.
+`Authorization` answers the question: _Is the user, or service, authorized to
+do something?_.
 
-Usually, to implement authorization, is necessary to have the context of the entity that is executing the action. Anyway, the two things are logically separated and GuardPost is designed to keep them separate.
+Usually, to implement authorization, is necessary to have the context of the
+entity that is executing the action. Anyway, the two things are logically
+separated and GuardPost is designed to keep them separate.

guardpost/__init__.py

@@ -1,2 +1,8 @@
-from .authentication import User, Identity, ClaimValueType
-from .authorization import Policy, PolicyNotFoundError, AuthorizationError, UnauthorizedError, BaseRequirement
+from .authentication import User, Identity
+from .authorization import (
+    Policy,
+    PolicyNotFoundError,
+    AuthorizationError,
+    UnauthorizedError,
+    BaseRequirement,
+)

guardpost/asynchronous/authentication.py

@@ -1,22 +1,24 @@
 from abc import abstractmethod
 from typing import Any, Optional, Sequence
-from guardpost.authentication import Identity, BaseAuthenticationHandler, BaseAuthenticationStrategy
+from guardpost.authentication import (
+    Identity,
+    BaseAuthenticationHandler,
+    BaseAuthenticationStrategy,
+)
 
 
 class AuthenticationHandler(BaseAuthenticationHandler):
-
     @abstractmethod
     async def authenticate(self, context: Any) -> Optional[Identity]:
         """Obtains an identity from a context."""
 
 
 class AuthenticationStrategy(BaseAuthenticationStrategy):
-
-    async def authenticate(self,
-                           context: Any,
-                           authentication_schemes: Optional[Sequence[str]] = None):
+    async def authenticate(
+        self, context: Any, authentication_schemes: Optional[Sequence[str]] = None
+    ):
         if not context:
-            raise ValueError('Missing context to evaluate authentication')
+            raise ValueError("Missing context to evaluate authentication")
 
         for handler in self.get_handlers(authentication_schemes):
             identity = await handler.authenticate(context)