I'm not sure this is in scope for the cryptography package, but while the int.from_bytes(os.random(num_bytes)) recipe is fairly clear for securely generating a random integer, it's not particularly how to safely generate a secure text token based on os.urandom data.

Pyramid apparently uses binascii.hexlify(os.urandom(n)) for secure token generation, while Django uses random = random.SystemRandom(); ''.join(random.choice(alphabet) for _ in range(n))

This is a common source of recommendations to use the standard library's random module, and I'm not aware of any standalone third party packages that cover it (it's not part of cryptography, passlib, or itsdangerous, which where the ones I checked)