def test_sign_verify():
bundle = JWKSBundle(ISS, SIGN_KEYS)
bundle['https://www.swamid.se'] = KEYJAR['https://www.swamid.se']
bundle['https://www.sunet.se'] = KEYJAR['https://www.sunet.se']
bundle['https://www.feide.no'] = KEYJAR['https://www.feide.no']
_jws = bundle.create_signed_bundle()
bundle2 = JWKSBundle(ISS2)
verify_keys = SIGN_KEYS.copy()
verify_keys.issuer_keys[ISS] = verify_keys.issuer_keys['']
bundle2.upload_signed_bundle(_jws, verify_keys)
assert set(bundle.keys()) == set(bundle2.keys())
for iss, kj in bundle.items():
assert bundle2[iss] == kj
# Get the necessary information about the JWKS bundle
info = {}
for path in ['bundle', 'bundle/signer', 'bundle/sigkey']:
_url = "{}/{}".format(tool_url, path)
resp = requests.request('GET', _url, verify=False)
info[path] = resp.text
# Create a KeyJar instance that contains the key that the bundle was signed with
kj = KeyJar()
kj.import_jwks(json.loads(info['bundle/sigkey']), info['bundle/signer'])
# Create a JWKSBundle instance and load it with the keys in the bundle
# I got from the tool
jb = JWKSBundle('')
jb.upload_signed_bundle(info['bundle'], kj)
# This is for the federation entity to use when signing something
# like the keys at jwks_uri.
_kj = build_keyjar(KEY_DEFS)[1]
SIGNERS = [
'https://swamid.sunet.se', 'https://edugain.com', 'https://www.feide.no'
]
# A dictionary of web based signers
sig = {}
for iss in SIGNERS:
qp = urlencode({'signer': iss, 'context': 'registration'})
url = '{}/sign?{}'.format(tool_url, qp)
sig[iss] = WebSigningService(iss, url, jb.bundle[iss])