update README.md, unify examples, bump to 0.3.1

Author: icedevml

README.md

@@ -18,82 +18,9 @@ Library available on PyPi: [pyksef](https://pypi.org/project/pyksef/)
 pip3 install pyksef
 ```
 
-## CLI Usage
-
-### List available PKCS#11 tokens
-Command:
-```bash
-p11_list_tokens \
-    --pkcs11-dll "C:\Program Files\Krajowa Izba Rozliczeniowa S.A\Szafir 2.0\bin\CCGraphiteP11p.x64.dll"
-```
-Example output:
-```
-TokenRecord(slot=<Slot (slotID=2 flags=7)>, label='PKI Token 1 (Primary)', serial='31333132303030313233343536373839', manufacturer_id='CryptoTech P.S.A.', model='CCGraphitePro', hardware_version=(0, 0), firmware_version=(0, 0), flags=<TokenFlag.LOGIN_REQUIRED|USER_PIN_INITIALIZED|TOKEN_INITIALIZED: 1036>)
-TokenRecord(slot=<Slot (slotID=3 flags=7)>, label='PKI Token 2 (QSCD)', serial='31333132303030313233343536373839', manufacturer_id='CryptoTech P.S.A.', model='CCGraphitePro', hardware_version=(0, 0), firmware_version=(0, 0), flags=<TokenFlag.WRITE_PROTECTED|LOGIN_REQUIRED|USER_PIN_INITIALIZED|TOKEN_INITIALIZED: 1038>)
-```
-
-### List available private keys/certificates for PKCS#11 token
-Command:
-```bash
-p11_list_objects \
-    --pkcs11-dll "C:\Program Files\Krajowa Izba Rozliczeniowa S.A\Szafir 2.0\bin\CCGraphiteP11p.x64.dll" \
-    --token-label "PKI Token 2 (QSCD)" \
-    --token-serial "31333132303030313233343536373839"
-```
-Example output:
-```
-CertificateRecord(x509_cert=<Certificate(subject=<Name(C=PL,2.5.4.5=PNOPL-12345678900,CN=Jan Kowalski,2.5.4.42=Jan,2.5.4.4=Kowalski)>, ...)>)
-PrivateKeyRecord(label='No Friendly Name Available', id='6572df736d642974a2bab6ddba753aefb89afcce', key_type=<KeyType.RSA>)
-```
-
-### Fetch certificates stored on a PKCS#11 token
-Command:
-```bash
-p11_list_objects \
-    --pkcs11-dll "C:\Program Files\Krajowa Izba Rozliczeniowa S.A\Szafir 2.0\bin\CCGraphiteP11p.x64.dll" \
-    --token-label "PKI Token 2 (QSCD)" \
-    --token-serial "31333132303030313233343536373839" \
-    --output certificates
-```
-Example output:
-```
------BEGIN CERTIFICATE-----
-MIIHe...
------END CERTIFICATE-----
-```
-
-### Perform KSeF authentication using private key available through PKCS#11
-Command:
-```bash
-ksef_auth_pkcs11 \
-    --pkcs11-dll "C:\Program Files\Krajowa Izba Rozliczeniowa S.A\Szafir 2.0\bin\CCGraphiteP11p.x64.dll" \
-    --token-label "PKI Token 2 (QSCD)" \
-    --key-id 6572df736d642974a2bab6ddba753aefb89afcce \
-    --context-id-type nip \
-    --context-id 5421234567
-```
-Example output:
-```json
-{"referenceNumber": "XXXXXXXX-XX-XXXXXXXXXX-XXXXXXXXXX-XX", "authenticationToken": {"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", "validUntil": "2026-02-04T15:20:15.6254824+00:00"}}
-```
-
-### Perform KSeF authentication using certificate/private key file pair stored on disk
-Command:
-```bash
-ksef_auth_file \
-    --cert-file ksef.crt \
-    --key-file ksf.key \
-    --context-id-type nip \
-    --context-id 5421234567
-```
-Example output:
-```json
-{"referenceNumber": "XXXXXXXX-XX-XXXXXXXXXX-XXXXXXXXXX-XX", "authenticationToken": {"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", "validUntil": "2026-02-04T15:20:15.6254824+00:00"}}
-```
-
 ## Usage via Python
 
-### PKCS#11 List tokens available with certain provider
+### List tokens available with certain PKCS#11 provider
 
 ```python
 from pyksef.p11 import PKCS11Lib
@@ -112,7 +39,7 @@ TokenRecord(slot=<Slot (slotID=2 flags=7)>, label='PKI Token 1 (Primary)', seria
 TokenRecord(slot=<Slot (slotID=3 flags=7)>, label='PKI Token 2 (QSCD)', serial='31333132303030313233343536373839', manufacturer_id='CryptoTech P.S.A.', model='CCGraphitePro', hardware_version=(0, 0), firmware_version=(0, 0), flags=<TokenFlag.WRITE_PROTECTED|LOGIN_REQUIRED|USER_PIN_INITIALIZED|TOKEN_INITIALIZED: 1038>)
 ```
 
-### PKCS#11 List private keys/certificates available with certain token
+### List private keys/certificates available with certain PKCS#11 token
 
 ```python
 import getpass
@@ -139,8 +66,8 @@ CertificateRecord(x509_cert=<Certificate(subject=<Name(C=PL,2.5.4.5=PNOPL-123456
 PrivateKeyRecord(label='No Friendly Name Available', id='6572df736d642974a2bab6ddba753aefb89afcce', key_type=<KeyType.RSA>)
 ```
 
-### PKCS#11 Authentication
-
+### KSeF XAdES Authentication
+#### Using a private key available over PKCS#11
 ```python
 import binascii
 import getpass
@@ -191,53 +118,20 @@ auth_res = ksef_auth_xades(
 )
 
 # poll authentication state and redeem the actual token
+# we may need to wait a little bit before the authentication is approved
 auth_state = ksef_poll_auth_finalized(
     api_base_url=PROD_API_BASE_URL,
     reference_number=auth_res["referenceNumber"],
     authentication_token=auth_res["authenticationToken"]["token"]
 )
 
 print(json.dumps({
-    "ksefAuthPKCS11Result": auth_res,
+    "ksefAuthInitResult": auth_res,
     "ksefPollAuthFinalizedResult": auth_state,
 }, indent=4))
 ```
-Example output:
-```json
-{
-    "ksefAuthPKCS11Result": {
-        "referenceNumber": "XXXXXXXX-XX-XXXXXXXXXX-XXXXXXXXXX-XX",
-        "authenticationToken": {
-            "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
-            "validUntil": "2026-02-09T16:08:59.2602376+00:00"
-        }
-    },
-    "ksefPollAuthFinalizedResult": {
-        "redeemResult": {
-            "accessToken": {
-                "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
-                "validUntil": "2026-02-09T15:38:58.1201962+00:00"
-            },
-            "refreshToken": {
-                "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
-                "validUntil": "2026-02-16T15:23:58.1201962+00:00"
-            }
-        },
-        "authState": {
-            "startDate": "2026-02-09T15:23:58.1401992+00:00",
-            "authenticationMethod": "QualifiedSignature",
-            "status": {
-                "code": 200,
-                "description": "Uwierzytelnianie zako\u0144czone sukcesem"
-            },
-            "isTokenRedeemed": false
-        }
-    }
-}
-```
-
-### Authentication with private key on local disk
 
+#### Using private key available as PEM file locally on the hard disk
 ```python
 import getpass
 import json
@@ -284,21 +178,24 @@ auth_res = ksef_auth_xades(
 )
 
 # poll authentication state and redeem the actual token
+# we may need to wait a little bit before the authentication is approved
 auth_state = ksef_poll_auth_finalized(
     api_base_url=PROD_API_BASE_URL,
     reference_number=auth_res["referenceNumber"],
     authentication_token=auth_res["authenticationToken"]["token"]
 )
 
 print(json.dumps({
-    "ksefAuthFileResult": auth_res,
+    "ksefAuthInitResult": auth_res,
     "ksefPollAuthFinalizedResult": auth_state,
 }, indent=4))
 ```
-Example output:
+
+#### Example output
+All snippets in this section output their results in the same format.
 ```json
 {
-    "ksefAuthPKCS11Result": {
+    "ksefAuthInitResult": {
         "referenceNumber": "XXXXXXXX-XX-XXXXXXXXXX-XXXXXXXXXX-XX",
         "authenticationToken": {
             "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
@@ -329,6 +226,71 @@ Example output:
 }
 ```
 
+## CLI Usage
+
+### List available PKCS#11 tokens
+Command:
+```bash
+p11_list_tokens \
+    --pkcs11-dll "C:\Program Files\Krajowa Izba Rozliczeniowa S.A\Szafir 2.0\bin\CCGraphiteP11p.x64.dll"
+```
+Example output:
+```
+TokenRecord(slot=<Slot (slotID=2 flags=7)>, label='PKI Token 1 (Primary)', serial='31333132303030313233343536373839', manufacturer_id='CryptoTech P.S.A.', model='CCGraphitePro', hardware_version=(0, 0), firmware_version=(0, 0), flags=<TokenFlag.LOGIN_REQUIRED|USER_PIN_INITIALIZED|TOKEN_INITIALIZED: 1036>)
+TokenRecord(slot=<Slot (slotID=3 flags=7)>, label='PKI Token 2 (QSCD)', serial='31333132303030313233343536373839', manufacturer_id='CryptoTech P.S.A.', model='CCGraphitePro', hardware_version=(0, 0), firmware_version=(0, 0), flags=<TokenFlag.WRITE_PROTECTED|LOGIN_REQUIRED|USER_PIN_INITIALIZED|TOKEN_INITIALIZED: 1038>)
+```
+
+### List available private keys/certificates for PKCS#11 token
+Command:
+```bash
+p11_list_objects \
+    --pkcs11-dll "C:\Program Files\Krajowa Izba Rozliczeniowa S.A\Szafir 2.0\bin\CCGraphiteP11p.x64.dll" \
+    --token-label "PKI Token 2 (QSCD)" \
+    --token-serial "31333132303030313233343536373839"
+```
+Example output:
+```
+CertificateRecord(x509_cert=<Certificate(subject=<Name(C=PL,2.5.4.5=PNOPL-12345678900,CN=Jan Kowalski,2.5.4.42=Jan,2.5.4.4=Kowalski)>, ...)>)
+PrivateKeyRecord(label='No Friendly Name Available', id='6572df736d642974a2bab6ddba753aefb89afcce', key_type=<KeyType.RSA>)
+```
+
+### Fetch certificates stored on a PKCS#11 token
+Command:
+```bash
+p11_list_objects \
+    --pkcs11-dll "C:\Program Files\Krajowa Izba Rozliczeniowa S.A\Szafir 2.0\bin\CCGraphiteP11p.x64.dll" \
+    --token-label "PKI Token 2 (QSCD)" \
+    --token-serial "31333132303030313233343536373839" \
+    --output certificates
+```
+Example output:
+```
+-----BEGIN CERTIFICATE-----
+MIIHe...
+-----END CERTIFICATE-----
+```
+
+### Perform KSeF authentication using private key available through PKCS#11
+Command:
+```bash
+ksef_auth_pkcs11 \
+    --pkcs11-dll "C:\Program Files\Krajowa Izba Rozliczeniowa S.A\Szafir 2.0\bin\CCGraphiteP11p.x64.dll" \
+    --token-label "PKI Token 2 (QSCD)" \
+    --key-id 6572df736d642974a2bab6ddba753aefb89afcce \
+    --context-id-type nip \
+    --context-id 5421234567
+```
+
+### Perform KSeF authentication using certificate/private key file pair stored on disk
+Command:
+```bash
+ksef_auth_file \
+    --cert-file ksef.crt \
+    --key-file ksf.key \
+    --context-id-type nip \
+    --context-id 5421234567
+```
+
 ## Troubleshooting
 
 If you see the following exception even though the DLL physically exists at the path indicated:

pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "pyksef"
-version = "0.3.0"
+version = "0.3.1"
 description = "KSeF Authentication library"
 readme = "README.md"
 authors = [

src/pyksef/__init__.py

@@ -1,6 +1,6 @@
 """KSeF XAdES Authentication Library"""
 
-__version__ = "0.3.0"
+__version__ = "0.3.1"
 
 from pyksef.auth import ksef_auth_xades
 

src/pyksef/cli/ksef_auth_file.py

@@ -82,7 +82,7 @@ def cli():
     )
 
     print(json.dumps({
-        "ksefAuthFileResult": auth_res,
+        "ksefAuthInitResult": auth_res,
         "ksefPollAuthFinalizedResult": auth_state,
     }, indent=4))
 

src/pyksef/cli/ksef_auth_pkcs11.py

@@ -104,7 +104,7 @@ def cli():
     )
 
     print(json.dumps({
-        "ksefAuthPKCS11Result": auth_res,
+        "ksefAuthInitResult": auth_res,
         "ksefPollAuthFinalizedResult": auth_state,
     }, indent=4))