def handle_response(self, status_code, payload, headers):
if isinstance(payload, dict):
payload = json_dumps(payload)
resp = HttpResponse(payload, status=status_code)
for k, v in headers:
resp[k] = v
return resp
def encode(self, header, payload, key, check=True):
"""Encode a JWT with the given header, payload and key.
:param header: A dict of JWS header
:param payload: A dict to be encoded
:param key: key used to sign the signature
:param check: check if sensitive data in payload
:return: bytes
"""
header['typ'] = 'JWT'
for k in ['exp', 'iat', 'nbf']:
# convert datetime into timestamp
claim = payload.get(k)
if isinstance(claim, datetime.datetime):
payload[k] = calendar.timegm(claim.utctimetuple())
if check:
self.check_sensitive_data(payload)
key = prepare_raw_key(key, header)
text = to_bytes(json_dumps(payload))
if 'enc' in header:
return self._jwe.serialize_compact(header, text, key)
else:
return self._jws.serialize_compact(header, text, key)
def callback(csp, scope):
db_csp = CloudServiceProvider.query.filter_by(name=csp).first()
db_client = OAuth2Client.query.filter_by(csp_id=db_csp.id,
scope=scope).first()
client = db_client.get_client()
token = client.authorize_access_token()
db.session.add(
Oauth2Token(token=json_dumps(token),
user_id=current_user().id,
client_id=db_client.id))
db.session.commit()
session[csp] = scope
return redirect(f"/csp/{csp}")
def thumbprint(self):
"""Implementation of RFC7638 JSON Web Key (JWK) Thumbprint."""
fields = list(self.REQUIRED_JSON_FIELDS)
fields.append('kty')
fields.sort()
data = OrderedDict()
for k in fields:
data[k] = self.tokens[k]
json_data = json_dumps(data)
digest_data = hashlib.sha256(to_bytes(json_data)).digest()
return to_unicode(urlsafe_b64encode(digest_data))
def test_import_key_set(self):
jwks_public = read_file_path('jwks_public.json')
key_set1 = JsonWebKey.import_key_set(jwks_public)
key1 = key_set1.find_by_kid('abc')
self.assertEqual(key1['e'], 'AQAB')
key_set2 = JsonWebKey.import_key_set(jwks_public['keys'])
key2 = key_set2.find_by_kid('abc')
self.assertEqual(key2['e'], 'AQAB')
key_set3 = JsonWebKey.import_key_set(json_dumps(jwks_public))
key3 = key_set3.find_by_kid('abc')
self.assertEqual(key3['e'], 'AQAB')
self.assertRaises(ValueError, JsonWebKey.import_key_set, 'invalid')
def set_client_metadata(self, value):
self._client_metadata = json_dumps(value)
def as_json(self):
"""Represent this key as a JSON string."""
obj = self.as_dict()
return json_dumps(obj)
def jwt_encode(d: dict) -> str:
from authlib.common.encoding import json_dumps, urlsafe_b64encode
return urlsafe_b64encode(json_dumps(d).encode('ascii')).decode('ascii')
def add_scope(self, csp, scope): scopes = json_loads(self.oauth2_scopes) scopes[csp] = scope self.oauth2_scopes = json_dumps(scopes)
def as_json(self):
obj = self.as_dict()
return json_dumps(obj)
def as_json(self, is_private=False, **params):
"""Represent this key as a JSON string."""
obj = self.as_dict(is_private, **params)
return json_dumps(obj)
