def test_dump_issuer_keys(self):
kb = keybundle_from_local_file("file://%s/jwk.json" % BASE_PATH,
"jwks", ["sig"])
assert len(kb) == 1
kj = KeyJar()
kj.issuer_keys[""] = [kb]
_jwks_dict = kj.export_jwks()
_info = _jwks_dict['keys'][0]
assert _info == {
'use':
'sig',
'e':
'AQAB',
'kty':
'RSA',
'alg':
'RS256',
'n':
'pKybs0WaHU_y4cHxWbm8Wzj66HtcyFn7Fh3n'
'-99qTXu5yNa30MRYIYfSDwe9JVc1JUoGw41yq2StdGBJ40HxichjE'
'-Yopfu3B58Q'
'lgJvToUbWD4gmTDGgMGxQxtv1En2yedaynQ73sDpIK-12JJDY55pvf'
'-PCiSQ9OjxZLiVGKlClDus44_uv2370b9IN2JiEOF-a7JB'
'qaTEYLPpXaoKWDSnJNonr79tL0T7iuJmO1l705oO3Y0TQ'
'-INLY6jnKG_RpsvyvGNnwP9pMvcP1phKsWZ10ofuuhJGRp8IxQL9Rfz'
'T87OvF0RBSO1U73h09YP-corWDsnKIi6TbzRpN5YDw',
'kid':
'abc'
}
def test_dump_issuer_keys(self):
kb = keybundle_from_local_file("file://%s/jwk.json" % BASE_PATH,
"jwks", ["sig"])
assert len(kb) == 1
kj = KeyJar()
kj.add_kb("", kb)
_jwks_dict = kj.export_jwks()
_info = _jwks_dict["keys"][0]
assert _info == {
"use":
"sig",
"e":
"AQAB",
"kty":
"RSA",
"alg":
"RS256",
"n":
"pKybs0WaHU_y4cHxWbm8Wzj66HtcyFn7Fh3n"
"-99qTXu5yNa30MRYIYfSDwe9JVc1JUoGw41yq2StdGBJ40HxichjE"
"-Yopfu3B58Q"
"lgJvToUbWD4gmTDGgMGxQxtv1En2yedaynQ73sDpIK-12JJDY55pvf"
"-PCiSQ9OjxZLiVGKlClDus44_uv2370b9IN2JiEOF-a7JB"
"qaTEYLPpXaoKWDSnJNonr79tL0T7iuJmO1l705oO3Y0TQ"
"-INLY6jnKG_RpsvyvGNnwP9pMvcP1phKsWZ10ofuuhJGRp8IxQL9Rfz"
"T87OvF0RBSO1U73h09YP-corWDsnKIi6TbzRpN5YDw",
"kid":
"abc",
}
def get_jwks(private_path, keydefs, public_path):
if os.path.isfile(private_path):
_jwks = open(private_path, 'r').read()
_kj = KeyJar()
_kj.import_jwks(json.loads(_jwks), '')
else:
_kj = build_keyjar(keydefs)[1]
jwks = _kj.export_jwks(private=True)
head, tail = os.path.split(private_path)
if not os.path.isdir(head):
os.makedirs(head)
fp = open(private_path, 'w')
fp.write(json.dumps(jwks))
fp.close()
jwks = _kj.export_jwks() # public part
fp = open(public_path, 'w')
fp.write(json.dumps(jwks))
fp.close()
return _kj
def get_signing_keys(eid, keydef, key_file):
"""
If the *key_file* file exists then read the keys from there, otherwise
create the keys and store them a file with the name *key_file*.
:param eid: The ID of the entity that the keys belongs to
:param keydef: What keys to create
:param key_file: A file name
:return: A :py:class:`oidcmsg.key_jar.KeyJar` instance
"""
if os.path.isfile(key_file):
kj = KeyJar()
kj.import_jwks(json.loads(open(key_file, 'r').read()), eid)
else:
kj = build_keyjar(keydef)[1]
# make it know under both names
fp = open(key_file, 'w')
fp.write(json.dumps(kj.export_jwks()))
fp.close()
kj.issuer_keys[eid] = kj.issuer_keys['']
return kj
'6LOHuM7H_0kDrMTwUEX7Aubzr792GoJ6EgTKIQY25SAFTZpYwuC3NnqlAdy8foIa3d7eGU2yICRbBG0S_ITcooDFrOa7nZ6enMUclMTxW8FwwvBXeIHo9cIsrKYtOThGplz43Cvl73MK5M58ZRmuhaNYa6Mk4PL4UokARfEiDus',
'use': 'sig'
}, {
'crv': 'P-256',
'd': 'N2dg0-DAROBF8owQA4-uY5s0Ab-Fep_42kEFQG4BNVQ',
'kid': 'UnpYbi0tWC1HaEtyRFMtSmkyZDVHUHZVNDF0d21KTVk1dzEwYmhpNlVtQQ',
'kty': 'EC',
'use': 'sig',
'x': 'Ls8SqX8Ti5QAKtw3rdGr5K537-tqQCIbhyebeE_2C38',
'y': 'S-BrbPQkh8HVFLWg5Wid_5OAk4ewn5skHlHtG08ShaA'
}]
}
OP_KEYJAR = KeyJar()
OP_KEYJAR.import_jwks(JWKS_OP, '')
OP_PUBLIC_JWKS = OP_KEYJAR.export_jwks()
OP_BASEURL = "https://example.org/op"
RP_JWKS = {
"keys": [{
"kty":
"RSA",
"use":
"sig",
"kid":
"Mk0yN2w0N3BZLWtyOEpQWGFmNDZvQi1hbDl2azR3ai1WNElGdGZQSFd6MA",
"e":
"AQAB",
"n":
"yPrOADZtGoa9jxFCmDsJ1nAYmzgznUxCtUlb_ty33"
"-AFNEqzW_pSLr5g6RQAPGsvVQqbsb9AB18QNgz"
