Esempi in Python per PyJWKClient

Linguaggio di programmazione: Python

Spazio dei nomi/nome del pacchetto: jwt

Metodo/funzione: PyJWKClient

Esempi su hotexamples.com: 7

PyJWKClient in Python: 7 esempi trovati. Questi sono i migliori esempi reali in Python per jwt.PyJWKClient, estratti da progetti open source. Li puoi valutare, per aiutarci a migliorare la qualità dei nostri esempi.

Esempio n. 1

Mostra file

File: keycloak_middleware.py Progetto: bcgov/RSBC-DataHub-API

def get_keycloak_certificates(**kwargs) -> tuple:
    try:
        jwks_client = jwt.PyJWKClient(Config.KEYCLOAK_CERTS_URL)
        kwargs['signing_key'] = jwks_client.get_signing_key_from_jwt(
            kwargs.get('access_token')).key
    except Exception as e:
        kwargs['error'] = str(e)
        return False, kwargs
    return True, kwargs

Esempio n. 2

Mostra file

File: __init__.py Progetto: nextstrain/cli

    def __init__(self, user_pool_id, client_id):
        self.user_pool_id = user_pool_id
        self.user_pool_region = self.user_pool_id.split("_")[0]
        self.client_id = client_id

        self.cognito = boto3.client("cognito-idp",
                                    region_name=self.user_pool_region)
        self.jwks = jwt.PyJWKClient(self.jwks_url)

        self._tokens = {}
        self._claims = {}

Esempio n. 3

Mostra file

# Usage: provide access token as first command line argument, e.g.
# $ python sandbox.py <token>

from pprint import pprint
import sys
import jwt
import cryptography.hazmat.primitives.serialization


JWKS_URI = 'http://localhost:8081/auth/realms/mo/protocol' \
           '/openid-connect/certs'

access_token = sys.argv[1]
client = jwt.PyJWKClient(JWKS_URI)

signing = client.get_signing_key_from_jwt(access_token)

data = jwt.decode(
    access_token,
    signing.key,
    algorithms=['RS256']
)
pprint(data)

# Encoding with own key

# Create key pair with
# ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key
# openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pub
# (see https://gist.github.com/ygotthilf/baa58da5c3dd1f69fae9)

Esempio n. 4

Mostra file

import flask, os, requests, jwt
from flask import json

from covid_form import app
from .config import conf_json

oauth_conf = conf_json['oauth']

org_guid = oauth_conf['org_guid']
client_id = oauth_conf['client_id']
redirect_uri = oauth_conf['redirect_uri']
oauth_domain = oauth_conf['oauth_domain']

cached_config = requests.get(f"https://login.microsoftonline.com/{org_guid}/v2.0/.well-known/openid-configuration").json()
jwk_client = jwt.PyJWKClient(cached_config['jwks_uri'])

def get_name_from_jwt(tk):
    return decode_jwt(tk)['name']

def get_oauth_uri():
    nonce = get_nonce()

    flask.session['nonce'] = nonce

    return f'https://login.microsoftonline.com/{org_guid}/oauth2/v2.0/authorize?' + urlencode(dict(
        client_id = client_id,
        response_type = "id_token",
        redirect_uri = redirect_uri,
        scope = "openid profile",
        nonce = nonce,

Esempio n. 5

Mostra file

File: jku-pem.py Progetto: hobietje/oswe

payload_str = '{"user":"******"}'
payload_data = json.loads(payload_str)
print(payload_data)
payload_b = payload_str.encode()
payload_b64 = base64.urlsafe_b64encode(payload_b).rstrip(b"=")

# JWS Signing Input == ASCII(BASE64URL(UTF8(JWS Protected Header)) || '.' || BASE64URL(JWS Payload))
sig_b = private_key.sign(
    header_b64 + b'.' + payload_b64,
    padding.PKCS1v15(
    ),  # PKCS1v15 aka PKCS1 is equivalent to RS256 (RSA_PKCS1_PADDING)
    hashes.SHA256())
sig = base64.urlsafe_b64encode(sig_b).rstrip(b"=")

# print the json token
encoded = '{}.{}.{}'.format(header_b64.decode(), payload_b64.decode(),
                            sig.decode())
print(encoded)

print("----- VERIFY -----")
header = jwt.get_unverified_header(encoded)
print(header)

payload = jwt.decode(encoded, options={"verify_signature": False})
print(payload)

jwks_client = jwt.PyJWKClient(jku_url)
signing_key = jwks_client.get_signing_key_from_jwt(encoded)
payload = jwt.decode(encoded, signing_key.key, algorithms=["RS256"])
print(payload)

Esempio n. 6

Mostra file

File: __init__.py Progetto: pointw-dev/eve-utils

    os.environ.get('AUTH0_API_AUDIENCE',
                   'https://{$project_name}.us.auth0.com/api/v2/'),
    'AUTH0_API_BASE_URL':
    os.environ.get('AUTH0_API_BASE_URL',
                   'https://{$project_name}.us.auth0.com/api/v2'),
    'AUTH0_CLAIMS_NAMESPACE':
    os.environ.get('AUTH0_CLAIMS_NAMESPACE',
                   'https://cri.com/{$project_name}'),
    'AUTH0_TOKEN_ENDPOINT':
    os.environ.get('AUTH0_TOKEN_ENDPOINT',
                   'https://{$project_name}.us.auth0.com/oauth/token'),
    'AUTH0_CLIENT_ID':
    os.environ.get('AUTH0_CLIENT_ID', '--your-client-id--'),
    'AUTH0_CLIENT_SECRET':
    os.environ.get('AUTH0_CLIENT_SECRET', '--your-client-secret--')
}

JWK_CLIENT = jwt.PyJWKClient(
    f'https://{SETTINGS["ES_AUTH_JWT_DOMAIN"]}/.well-known/jwks.json')
_jwks = JWK_CLIENT.get_signing_keys()
SIGNING_KEYS = {jwk.key_id: jwk.key for jwk in _jwks}

# cancellable
if SETTINGS['ES_AUTH_JWT_AUDIENCE'] == '':
    del SETTINGS['ES_AUTH_JWT_AUDIENCE']

for setting in SETTINGS:
    key = setting.upper()
    if ('PASSWORD' not in key) and ('SECRET' not in key):
        LOG.info('%s: %s', setting, SETTINGS[setting])

Esempio n. 7

Mostra file

File: jwt.py Progetto: MichaelRabideau/slack-bot

import logging
import functools
import flask
import jwt

from bot import config

logger = logging.getLogger(__name__)

jwks_client = jwt.PyJWKClient(config.JWKS_URL)


def verify(token):
    signing_key = jwks_client.get_signing_key_from_jwt(token)
    data = jwt.decode(
        token,
        signing_key.key,
        algorithms=["RS256"],
        audience=config.JWT_AUDIENCE
    )
    return data


def check_team(data):
    sub = data['sub']
    uid_tid = sub.split('|')[-1]
    tid = uid_tid.split('-')[0]
    return tid == config.ALLOWED_TEAM


def authorize(f):