Beispiel #1
0
def deser_id_token(inst, str=""):
    if not str:
        return None

    jso = json.loads(jwt.unpack(str)[1])

    # gather all the necessary keys
    # my own first
    collection = inst.keystore.get_verify_key()

    if "iss" in jso:
        for key, val in inst.keystore.collect_keys(jso["iss"]).items():
            try:
                collection[key].extend(val)
            except KeyError:
                collection[key] = val

    if "aud" in jso:
        for key, val in inst.keystore.collect_keys(jso["aud"]).items():
            try:
                collection[key].extend(val)
            except KeyError:
                collection[key] = val

    jwt.verify(str, collection)

    return IdToken().from_dict(jso)
Beispiel #2
0
def test_hmac_512():
    payload = "Please take a moment to register today"
    keycol = {"hmac": "My hollow echo"}

    _jwt = jwt.sign(payload, keycol, "HS512")

    info = jwt.verify(_jwt, keycol)

    assert info == payload
Beispiel #3
0
    def from_jwt(self, txt, key, verify=True):
        """
        Given a signed JWT, verify its correctness and then create a class
        instance from the content.

        :param txt: The JWT
        :param key: keys that might be used to verify the signature of the JWT
        :param verify: Whether the signature should be verified or not
        :return: A class instance
        """
        try:
            jso = jwt.unpack(txt)[1]
            if isinstance(jso, basestring):
                jso = json.loads(jso)
            if verify:
                if key is None:
                    key = {}

                try:
                    _keys = key['.']
                except KeyError:
                    _keys = {}

                for ent in ["iss", "aud", "client_id"]:
                    _keys = gather_keys(_keys, key, jso, ent)

                if "iss" not in jso and "aud" not in jso:
                    for owner, _spec in key.items():
                        if owner == ".":
                            continue
                        for typ, keys in _spec.items():
                            try:
                                _keys[typ].extend(keys)
                            except KeyError:
                                _keys[typ] = keys

                jwt.verify(txt, _keys)
        except Exception:
            raise

        return self.from_dict(jso)
Beispiel #4
0
    def unpack_aggregated_claims(self, userinfo):
        if userinfo._claim_sources:
            for csrc, spec in userinfo._claim_sources.items():
                if "JWT" in spec:
                    if not csrc in self.keystore:
                        self.provider_config(csrc, endpoints=False)

                    keycol = self.keystore.pairkeys(csrc)["ver"]
                    info = json.loads(jwt.verify(str(spec["JWT"]), keycol))
                    attr = [n for n, s in userinfo._claim_names.items() if s ==
                                                                           csrc]
                    assert attr == info.keys()

                    for key, vals in info.items():
                        userinfo[key] = vals

        return userinfo