def unpack_metadata_statement(self,
json_ms=None,
jwt_ms='',
keyjar=None,
cls=ClientMetadataStatement,
liss=None):
"""
Starting with a signed JWT or a JSON document unpack and verify all
the separate metadata statements.
:param json_ms: Metadata statement as a JSON document
:param jwt_ms: Metadata statement as JWT
:param keyjar: Keys that should be used to verify the signature of the
document
:param cls: What type (Class) of metadata statement this is
:param liss: list of FO identifiers that matters. The rest will be
ignored
:return: A ParseInfo instance
"""
if not keyjar:
keyjar = self.jwks_bundle.as_keyjar()
if jwt_ms:
try:
json_ms = unfurl(jwt_ms)
except JWSException:
raise
if json_ms:
return self._unpack(json_ms, keyjar, cls, jwt_ms, liss)
else:
raise AttributeError('Need one of json_ms or jwt_ms')
def unf(jws):
msg = unfurl(jws)
if 'metadata_statements' in msg:
_sm = {}
for iss, sms in msg['metadata_statements'].items():
_sm[iss] = unf(sms)
msg['metadata_statements'] = _sm
return msg
def unpack_using_metadata_store(url, mds):
p = urlparse(url)
_jws0 = mds[p.path.split('/')[-1]]
_md0 = unfurl(_jws0)
_mds = {}
if 'metadata_statement_uris' in _md0:
for _fo, _url in _md0['metadata_statement_uris'].items():
p = urlparse(_url)
_jws = mds[p.path.split('/')[-1]]
_md = unfurl(_jws)
if 'metadata_statement_uris' in _md:
_mdss = {}
for fo, _urlu in _md['metadata_statement_uris'].items():
_mdss[fo] = unpack_using_metadata_store(_urlu, mds)
_md['metadata_statement'] = _mdss
del _md['metadata_statement_uris']
_mds[_fo] = json.dumps(_md)
_md0['metadata_statements'] = _mds
del _md0['metadata_statement_uris']
return _md0
def test_pack_and_unpack_ms_lev0():
cms = ClientMetadataStatement(signing_keys=FOP.keyjar.export_jwks(),
contacts=['*****@*****.**'])
_jwt = FOP.pack_metadata_statement(cms, alg='RS256', scope=['openid'])
assert _jwt
json_ms = unfurl(_jwt)
# print(json_ms.keys())
assert set(json_ms.keys()) == {'signing_keys', 'iss', 'iat', 'exp',
'kid', 'scope', 'contacts', 'jti'}
# Unpack what you have packed
pr = FOP.unpack_metadata_statement(jwt_ms=_jwt)
assert pr.result