def sign_csr(account_id=None, payload=None, endpoint="sign_csr(account_id, payload, endpoint)"):
if account_id is None:
raise AttributeError("Provide account_id as parameter")
if payload is None:
raise AttributeError("Provide ssr_payload as parameter")
logger.info("Signing Service Link Status Record")
# Sign csr
try:
csr_signed_json = generate_and_sign_jws(account_id=account_id, jws_payload=json.dumps(payload))
except Exception as exp:
logger.error('Could not create Consent Status Record: ' + repr(exp))
raise ApiError(code=500, title="Failed to create Consent Status Record", detail=repr(exp), source=endpoint)
else:
logger.info('Consent Status Record created and signed')
logger.debug('csr_signed_json: ' + csr_signed_json)
try:
logger.info("Converting signed CSR from json to dict")
csr_signed_dict = json.loads(csr_signed_json)
except Exception as exp:
logger.error('Could not convert signed CSR from json to dict: ' + repr(exp))
raise ApiError(code=500, title="Failed to convert signed CSR from json to dict", detail=repr(exp), source=endpoint)
else:
logger.info('Converted signed CSR from json to dict')
logger.debug('csr_signed_dict: ' + json.dumps(csr_signed_dict))
return csr_signed_dict
def sign_cr(account_id=None,
payload=None,
endpoint="sign_slr(account_id, payload, endpoint)"):
if account_id is None:
raise AttributeError("Provide account_id as parameter")
if payload is None:
raise AttributeError("Provide payload as parameter")
logger.info("Signing Consent Record")
# Get Account owner's public key
try:
account_public_key, account_kid = get_account_public_key(
account_id=account_id)
account_public_key = json.loads(account_public_key)
except Exception as exp:
logger.error("Could not get account owner's public key: " + repr(exp))
raise ApiError(code=500,
title="Failed to get account owner's public key",
detail=repr(exp),
source=endpoint)
else:
logger.info("Account owner's public key and kid fetched")
# Sign cr
try:
cr_signed_json = generate_and_sign_jws(account_id=account_id,
jws_payload=json.dumps(payload))
except Exception as exp:
logger.error('Could not create Consent Record: ' + repr(exp))
raise ApiError(code=500,
title="Failed to create Consent Record",
detail=repr(exp),
source=endpoint)
else:
logger.info('Consent Record created and signed')
logger.debug('cr_signed_json: ' + cr_signed_json)
try:
logger.info("Converting signed CR from json to dict")
cr_signed_dict = json.loads(cr_signed_json)
except Exception as exp:
logger.error('Could not convert signed CSR from json to dict: ' +
repr(exp))
raise ApiError(
code=500,
title="Failed to convert signed CSR from json to dict",
detail=repr(exp),
source=endpoint)
else:
logger.info('Converted signed CR from json to dict')
logger.debug('cr_signed_dict: ' + json.dumps(cr_signed_dict))
return cr_signed_dict
def sign_csr(account_id=None,
payload=None,
endpoint="sign_csr(account_id, payload, endpoint)"):
if account_id is None:
raise AttributeError("Provide account_id as parameter")
if payload is None:
raise AttributeError("Provide ssr_payload as parameter")
logger.info("Signing Service Link Status Record")
# Fill timestamp to created in slr
try:
timestamp_to_fill = get_utc_time()
except Exception as exp:
logger.error("Could not get UTC time: " + repr(exp))
raise ApiError(code=500,
title="Could not get UTC time",
detail=repr(exp),
source=endpoint)
else:
logger.info("timestamp_to_fill: " + timestamp_to_fill)
try:
payload['iat'] = timestamp_to_fill
except Exception as exp:
logger.error("Could not fill timestamp to iat in csr_payload: " +
repr(exp))
raise ApiError(code=500,
title="Failed to fill timestamp to iat in csr_payload",
detail=repr(exp),
source=endpoint)
else:
logger.info("Timestamp filled to created in csr_payload")
# Sign csr
try:
csr_signed = generate_and_sign_jws(account_id=account_id,
jws_payload=json.dumps(payload))
except Exception as exp:
logger.error('Could not create Consent Status Record: ' + repr(exp))
raise ApiError(code=500,
title="Failed to create Consent Status Record",
detail=repr(exp),
source=endpoint)
else:
logger.info('SConsent Status Record created and signed')
logger.debug('csr_signed: ' + csr_signed)
return csr_signed, timestamp_to_fill
def sign_slr(account_id=None,
slr_payload=None,
endpoint="sign_slr(account_id, slr_payload, endpoint)"):
if account_id is None:
raise AttributeError("Provide account_id as parameter")
if slr_payload is None:
raise AttributeError("Provide slr_payload as parameter")
logger.info("Signing Service Link Record")
# Get Account owner's public key
try:
account_public_key, account_kid = get_account_public_key(
account_id=account_id)
account_public_key_log_entry = account_public_key
account_public_key = json.loads(account_public_key)
except Exception as exp:
logger.error("Could not get account owner's public key: " + repr(exp))
raise ApiError(code=500,
title="Failed to get account owner's public key",
detail=repr(exp),
source=endpoint)
else:
logger.info("Account owner's public key and kid fetched")
logger.debug("account_public_key: " + account_public_key_log_entry)
# Fill Account key to cr_keys
try:
keys = []
keys.append(account_public_key)
slr_payload['cr_keys'] = keys
except Exception as exp:
logger.error("Could not fill account owner's public key to cr_keys: " +
repr(exp))
raise ApiError(
code=500,
title="Failed to fill account owner's public key to cr_keys",
detail=repr(exp),
source=endpoint)
else:
logger.info("Account owner's public key added to cr_keys")
# Sign slr
slr_signed = {}
try:
slr_signed_json = generate_and_sign_jws(
account_id=account_id, jws_payload=json.dumps(slr_payload))
except Exception as exp:
logger.error('Could not create Service Link Record: ' + repr(exp))
raise ApiError(code=500,
title="Failed to create Service Link Record",
detail=repr(exp),
source=endpoint)
else:
logger.info('Service Link Record created and signed')
logger.debug("slr_payload: " + json.dumps(slr_payload))
logger.debug("slr_signed_json: " + slr_signed_json)
try:
logger.info("Converting signed CSR from json to dict")
slr_signed_dict = json.loads(slr_signed_json)
except Exception as exp:
logger.error('Could not convert signed SLR from json to dict: ' +
repr(exp))
raise ApiError(
code=500,
title="Failed to convert signed SLR from json to dict",
detail=repr(exp),
source=endpoint)
else:
logger.info('Converted signed SLR from json to dict')
logger.debug('slr_signed_dict: ' + json.dumps(slr_signed_dict))
return slr_signed_dict
def sign_cr(account_id=None,
payload=None,
endpoint="sign_slr(account_id, payload, endpoint)"):
if account_id is None:
raise AttributeError("Provide account_id as parameter")
if payload is None:
raise AttributeError("Provide payload as parameter")
logger.info("Signing Consent Record")
# Get Account owner's public key
try:
account_public_key, account_kid = get_account_public_key(
account_id=account_id)
account_public_key = json.loads(account_public_key)
except Exception as exp:
logger.error("Could not get account owner's public key: " + repr(exp))
raise ApiError(code=500,
title="Failed to get account owner's public key",
detail=repr(exp),
source=endpoint)
else:
logger.info("Account owner's public key and kid fetched")
# Fill timestamp to created in slr
try:
timestamp_to_fill = get_utc_time()
except Exception as exp:
logger.error("Could not get UTC time: " + repr(exp))
raise ApiError(code=500,
title="Could not get UTC time",
detail=repr(exp),
source=endpoint)
else:
logger.info("timestamp_to_fill: " + timestamp_to_fill)
try:
payload['common_part']['issued'] = timestamp_to_fill
except Exception as exp:
logger.error("Could not fill timestamp to created in cr: " + repr(exp))
raise ApiError(code=500,
title="Failed to fill timestamp to created in cr",
detail=repr(exp),
source=endpoint)
else:
logger.info("Timestamp filled to issued in cr")
# Sign cr
try:
cr_signed = generate_and_sign_jws(account_id=account_id,
jws_payload=json.dumps(payload))
except Exception as exp:
logger.error('Could not create Consent Record: ' + repr(exp))
raise ApiError(code=500,
title="Failed to create Consent Record",
detail=repr(exp),
source=endpoint)
else:
logger.info('Service Link Record created and signed')
logger.debug('cr_signed: ' + cr_signed)
return cr_signed, timestamp_to_fill
def sign_slr(account_id=None, slr_payload=None, endpoint="sign_slr(account_id, slr_payload, endpoint)"):
if account_id is None:
raise AttributeError("Provide account_id as parameter")
if slr_payload is None:
raise AttributeError("Provide slr_payload as parameter")
logger.info("Signing Service Link Record")
# Get Account owner's public key
try:
account_public_key, account_kid = get_account_public_key(account_id=account_id)
account_public_key_log_entry = account_public_key
account_public_key = json.loads(account_public_key)
except Exception as exp:
logger.error("Could not get account owner's public key: " + repr(exp))
raise ApiError(code=500, title="Failed to get account owner's public key", detail=repr(exp), source=endpoint)
else:
logger.info("Account owner's public key and kid fetched")
finally:
logger.debug("account_public_key: " + account_public_key_log_entry)
# Fill Account key to cr_keys
try:
keys = []
keys.append(account_public_key)
slr_payload['cr_keys'] = keys
except Exception as exp:
logger.error("Could not fill account owner's public key to cr_keys: " + repr(exp))
raise ApiError(code=500, title="Failed to fill account owner's public key to cr_keys", detail=repr(exp), source=endpoint)
else:
logger.info("Account owner's public key added to cr_keys")
# Fill timestamp to created in slr
try:
timestamp_to_fill = get_utc_time()
except Exception as exp:
logger.error("Could not get UTC time: " + repr(exp))
raise ApiError(code=500, title="Could not get UTC time", detail=repr(exp), source=endpoint)
else:
logger.info("timestamp_to_fill: " + timestamp_to_fill)
timestamp_to_fill = int(time())
try:
slr_payload['created'] = timestamp_to_fill
except Exception as exp:
logger.error("Could not fill timestamp to created in slr: " + repr(exp))
raise ApiError(code=500, title="Failed to fill timestamp to created in slr", detail=repr(exp), source=endpoint)
else:
logger.info("Timestamp filled to created in slr")
# Sign slr
slr_signed = {}
try:
slr_signed = generate_and_sign_jws(account_id=account_id, jws_payload=json.dumps(slr_payload))
except Exception as exp:
logger.error('Could not create Service Link Record: ' + repr(exp))
raise ApiError(code=500, title="Failed to create Service Link Record", detail=repr(exp), source=endpoint)
else:
logger.info('Service Link Record created and signed')
return slr_signed
finally:
logger.debug("slr_payload: " + json.dumps(slr_payload))
logger.debug("slr_signed: " + slr_signed)
