def run(self, params, **options):
authority = Authority.objects.get(id=params.id[0])
jku = authority.auth_metadata_object.jwks_uri or \
AuthorityKeyResource.url(
authority.identifier,
tenant=authority.tenant, id=params.jkuid)
jwkset = JwkSet(
keys=[Jwk.generate(kty=params.kty[0])])
jwkset.save(authority, jku)
def test_jwkset(self):
'''
nose2 jose.tests.test_jwk.TestJwk.test_jwkset
'''
jwkset = JwkSet()
jwkset.keys.append(Jwk(kid='kidRsa', kty=keys.KeyTypeEnum.RSA))
jwkset.keys.append(Jwk(kid='kidEc', kty=keys.KeyTypeEnum.EC))
jwkset.keys.append(Jwk(kid='kidOct', kty=keys.KeyTypeEnum.OCT))
self.assertEqual(jwkset.get_key(kty=KeyTypeEnum.RSA).kid, 'kidRsa')
self.assertEqual(jwkset.get_key(kty=KeyTypeEnum.EC).kid, 'kidEc')
self.assertEqual(jwkset.get_key(kty=KeyTypeEnum.OCT).kid, 'kidOct')
def update_key(self):
# TODO: SSL ann verify certificate.
jku = self.auth_metadata_object.jwks_uri
if jku:
res = requests.get(jku)
jwkset = JwkSet.from_json(res.content)
self.save_object(jwkset, jku)
def run(self, args):
super(DeleteCommand, self).run(args)
jwkset = JwkSet.load(args.id, args.jku) or JwkSet()
if self.params.get('index', None) is not None:
removed = jwkset.keys.pop(int(self.params['index']))
jwkset.save(args.id, args.jku)
print removed.to_json(indent=2)
return
def __init__(self, identifier, jku):
self.identifier = identifier
self.jku = jku
self.jwkset = JwkSet(
keys=[
Jwk.generate(KeyTypeEnum.RSA),
Jwk.generate(KeyTypeEnum.EC),
Jwk.generate(KeyTypeEnum.OCT),
]
)
def run(self, args):
super(ResetKidCommand, self).run(args)
jwkset = JwkSet.load(args.id, args.jku) or JwkSet()
for key in jwkset.select_key(kid=''):
index = jwkset.index_key(key)
key.set_kid()
assert key.kid
jwkset.keys[index] = key
jwkset.save(args.id, args.jku)
def test_create(self):
from connect.rp.models import RelyingParty
r = RelyingParty.get_selfissued('http://key.com/')
self.assertEqual(r.keys.count(), 0)
self.assertEqual(r.authority.keys.count(), 0)
from jose.jwk import Jwk, JwkSet
from jose.jwa import keys
jwkset = JwkSet()
jwkset.keys.append(Jwk(kid='kidRsa', kty=keys.KeyTypeEnum.RSA))
jwkset.keys.append(Jwk(kid='kidEc', kty=keys.KeyTypeEnum.EC))
jwkset.keys.append(Jwk(kid='kidOct', kty=keys.KeyTypeEnum.OCT))
jwkset.save(r)
self.assertEqual(r.keys.count(), 1)
self.assertEqual(r.authority.keys.count(), 0)
jwkset.save(r.authority)
self.assertEqual(r.keys.count(), 1)
self.assertEqual(r.authority.keys.count(), 1)
class TestEntity(KeyOwner):
def __init__(self, identifier, jku):
self.identifier = identifier
self.jku = jku
self.jwkset = JwkSet(
keys=[
Jwk.generate(KeyTypeEnum.RSA),
Jwk.generate(KeyTypeEnum.EC),
Jwk.generate(KeyTypeEnum.OCT),
]
)
def get_key(self, crypto, *args, **kwargs):
return self.jwkset.get_key(
crypto.key_type, kid=crypto.kid
)
def run(self, args):
super(SelectCommand, self).run(args)
jwkset = JwkSet.load(args.id, args.jku) or JwkSet()
if args.public:
jwkset = jwkset.public_set
keys = []
if self.params.get('index', None) is not None:
keys = [jwkset.keys[int(self.params['index'])]]
elif self.params != {}:
keys = jwkset.select_key(selector=args.all and all or any,
**self.params)
else:
keys = jwkset.keys
for key in keys:
print key.to_json(indent=2)
def call(self, server, **kwargs):
r = requests.get(
RelyingPartyKeyResource.url(server, **kwargs),
headers={"Accept": 'application/json'})
print r.content
return JwkSet.from_json(r.content)
