Metadata-Version: 2.4
Name: noesis-auth
Version: 0.1.0
Summary: Python Auth SDK for AI tool integration with the Noesis AIToolCenter platform
Author: Noesis AI Technologies
License-Expression: MIT
Project-URL: Homepage, https://github.com/Noesis-AI-Technologies/AIToolCenter
Project-URL: Documentation, https://github.com/Noesis-AI-Technologies/AIToolCenter/blob/main/docs/auth-sdk-guide.md
Project-URL: Repository, https://github.com/Noesis-AI-Technologies/AIToolCenter
Project-URL: Issues, https://github.com/Noesis-AI-Technologies/AIToolCenter/issues
Keywords: auth,oauth2,jwt,sdk,ai-tools
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Classifier: Typing :: Typed
Requires-Python: >=3.11
Description-Content-Type: text/markdown
Requires-Dist: httpx>=0.24.0
Requires-Dist: python-jose[cryptography]>=3.3.0
Provides-Extra: fastapi
Requires-Dist: fastapi>=0.100.0; extra == "fastapi"

# noesis-auth (Python)

Python Auth SDK for AI tool integration with the [Noesis AIToolCenter](https://github.com/Noesis-AI-Technologies/AIToolCenter) platform.

## Installation

```bash
pip install noesis-auth

# With FastAPI middleware support:
pip install noesis-auth[fastapi]
```

## Quick Start

### JWT Validation (Tool-side)

```python
from auth_sdk import JWTValidator

validator = JWTValidator(
    jwks_url="https://your-platform.com/.well-known/jwks.json"
)

payload = await validator.validate(token)
print(payload["sub"])  # user ID
```

### FastAPI Middleware

```python
from fastapi import Depends, FastAPI
from auth_sdk import AuthMiddleware, TokenPayload

app = FastAPI()
auth = AuthMiddleware(jwks_url="https://your-platform.com/.well-known/jwks.json")

@app.get("/api/generate")
async def generate(payload: TokenPayload = Depends(auth.require_tool("your-tool-id"))):
    user_id = payload.sub
    # ... your tool logic
```

### OAuth2 Client (PKCE)

```python
from auth_sdk import AuthClient

client = AuthClient(base_url="https://your-platform.com")

# Generate PKCE pair
pkce = AuthClient.generate_pkce()

# Build authorization URL
url = client.build_authorize_url(
    client_id="your-client-id",
    redirect_uri="http://localhost:3000/callback",
    code_challenge=pkce.code_challenge,
)

# Exchange code for tokens
tokens = await client.exchange_code(
    code=auth_code,
    redirect_uri="http://localhost:3000/callback",
    client_id="your-client-id",
    code_verifier=pkce.code_verifier,
)
```

### Activation Code Redemption

```python
result = await client.redeem_code(user_token="...", code="AXKF-M3PQ-7RBN-W2YT")
print(result.tool_id, result.expires_at)
```

## Features

- **JWT Validation** — RS256 (JWKS) and HS256 (shared secret) with auto-detection
- **FastAPI Middleware** — Drop-in authentication and tool access verification
- **OAuth2 Client** — Authorization URL builder, code exchange, token refresh
- **PKCE Support** — S256 code challenge generation for public clients
- **Token Introspection** — Remote token validation endpoint
- **Activation Codes** — Redeem activation codes for tool entitlements
- **JWKS Caching** — 6-hour cache with stale-while-revalidate and retry on failure

## Requirements

- Python >= 3.11
- `httpx` >= 0.24
- `python-jose[cryptography]` >= 3.3
- `fastapi` >= 0.100 (optional, for middleware)

## License

MIT
