def _func(self, conv): response = get_protocol_response(conv, ASConfigurationResponse) if not response: response = get_protocol_response(conv, ServerMetadata) response = response[-1] # Should only be one but ... res = {} try: _jwks_uri = response['jwks_uri'] except KeyError: try: kb = KeyBundle(response['jwks']) except KeyBundle: self._message = "Neither jwks_uri or jwks defined" self._status = ERROR except UnknownKeyType as err: self._message = '{}'.format(err) self._status = ERROR else: kb = KeyBundle(source=_jwks_uri, verify_ssl=False) try: kb.update() except UpdateFailed as err: self._message = '{}'.format(err) self._status = ERROR return res
def __call__(self): kb = KeyBundle(source=self.conv.entity.provider_info["jwks_uri"]) kb.verify_ssl = False kb.update() try: self.conv.keybundle.append(kb) except AttributeError: self.conv.keybundle = [kb]
def __call__(self, conv, **kwargs): pi = conv.client.provider_info kb = KeyBundle(source=pi["jwks_uri"]) kb.verify_ssl = False kb.update() try: conv.keybundle.append(kb) except AttributeError: conv.keybundle = [kb]
def test_chain_1(): kc = KeyBundle([{"kty": "oct", "key": "supersecret", "use": "sig"}]) assert len(kc.get("oct")) == 1 assert len(kc.get("rsa")) == 0 assert kc.remote is False assert kc.source is None kc.update() # Nothing should happen assert len(kc.get("oct")) == 1 assert len(kc.get("rsa")) == 0 assert kc.remote is False assert kc.source is None
def test_update(self): kc = KeyBundle([{"kty": "oct", "key": "supersecret", "use": "sig"}]) assert len(kc.get("oct")) == 1 assert len(kc.get("rsa")) == 0 assert kc.remote is False assert kc.source is None kc.update() # Nothing should happen assert len(kc.get("oct")) == 1 assert len(kc.get("rsa")) == 0 assert kc.remote is False assert kc.source is None
def test_chain_1(): kc = KeyBundle({"hmac": "supersecret"}, usage="sig") assert len(kc.get("hmac")) == 1 assert len(kc.get("rsa")) == 0 assert kc.usage == ["sig"] assert kc.remote == False assert kc.source is None kc.update() # Nothing should happen assert len(kc.get("hmac")) == 1 assert len(kc.get("rsa")) == 0 assert kc.usage == ["sig"] assert kc.remote == False assert kc.source is None
def test_chain_3(): kc = KeyBundle(source="file://../oc3/certs/server.crt", type="rsa", src_type="x509", usage=["sig", "enc"]) assert kc.usage == ["sig", "enc"] assert kc.remote == False assert kc.source == "../oc3/certs/server.crt" assert len(kc.get("hmac")) == 0 assert len(kc.get("rsa")) == 1 key = kc.get("rsa")[0] assert isinstance(key, M2Crypto.RSA.RSA) kc.update() assert kc.usage == ["sig", "enc"] assert kc.remote == False assert kc.source == "../oc3/certs/server.crt" assert len(kc.get("hmac")) == 0 assert len(kc.get("rsa")) == 1 key = kc.get("rsa")[0] assert isinstance(key, M2Crypto.RSA.RSA)
def test_chain_2(): kc = KeyBundle(source="file://../oc3/certs/mycert.key", type="rsa", usage=["ver", "sig"]) assert kc.usage == ["ver", "sig"] assert kc.remote == False assert kc.source == "../oc3/certs/mycert.key" assert len(kc.get("hmac")) == 0 assert len(kc.get("rsa")) == 1 key = kc.get("rsa")[0] assert isinstance(key, M2Crypto.RSA.RSA) kc.update() assert kc.usage == ["ver", "sig"] assert kc.remote == False assert kc.source == "../oc3/certs/mycert.key" assert len(kc.get("hmac")) == 0 assert len(kc.get("rsa")) == 1 key = kc.get("rsa")[0] assert isinstance(key, M2Crypto.RSA.RSA)
from oic.utils.keyio import KeyBundle, key_eq __author__ = 'rolandh' jwk_url = ["https://connect.openid4.us/connect4us.jwk", # edmund "https://connect-op.heroku.com/jwk.json"] # nov x509_url = ["https://connect-op.heroku.com/cert.pem"] kc0 = KeyBundle(source=jwk_url[1], src_type="jwk", type="rsa", usage=["sig", "enc"]) kc1 = KeyBundle(source=x509_url[0], src_type="x509", type="rsa", usage=["sig", "enc"]) kc0.update() print kc0 kc1.update() print kc1 print key_eq(kc0.get("rsa")[0], kc1.get("rsa")[0])