def get(self): certs = [] for cert in app_identity.get_public_certificates(): certs.append({'key_name': cert.key_name, 'pem': cert.x509_certificate_pem}) json.dump(certs, self.response)
def verify_signed_by_app(data, signature): """Checks the signature and data against all currently valid certificates for the application.""" public_certificates = app_identity.get_public_certificates() for cert in public_certificates: if verify_signature(data, signature, cert.x509_certificate_pem): return True return False
def get_own_public_certificates(): """Returns jsonish object with public certificates of current service.""" certs = app_identity.get_public_certificates(deadline=0.5) return { 'certificates': [{ 'key_name': cert.key_name, 'x509_certificate_pem': cert.x509_certificate_pem, } for cert in certs], 'timestamp': utils.datetime_to_timestamp(utils.utcnow()), }
def get_own_public_certificates(): """Returns jsonish object with public certificates of current service.""" certs = app_identity.get_public_certificates() return { 'certificates': [ { 'key_name': cert.key_name, 'x509_certificate_pem': cert.x509_certificate_pem, } for cert in certs ], 'timestamp': utils.datetime_to_timestamp(utils.utcnow()), }
def auth_check(): credentials, project = google.auth.default() key_name, signature = app_identity.sign_blob(b'abc') scope = 'https://www.googleapis.com/auth/userinfo.email' token, expiry = app_identity.get_access_token(scope) return code_block( '>>> import google.auth', '>>> credentials, project = google.auth.default()', '>>> credentials', repr(credentials), '>>> project', repr(project), '>>> credentials.__dict__', repr(credentials.__dict__), '>>> from google.appengine.api import app_identity', '>>> app_identity', repr(app_identity), # ALSO: get_access_token_uncached # (scopes, service_account_id=None) '>>> scope = \'https://www.googleapis.com/auth/userinfo.email\'', '>>> token, expiry = app_identity.get_access_token(scope)', '>>> token', repr(token[:6] + b'...'), '>>> expiry', repr(expiry), '>>> app_identity.get_application_id()', repr(app_identity.get_application_id()), '>>> app_identity.get_default_gcs_bucket_name()', repr(app_identity.get_default_gcs_bucket_name()), '>>> app_identity.get_default_version_hostname()', repr(app_identity.get_default_version_hostname()), '>>> app_identity.get_public_certificates()', repr(app_identity.get_public_certificates()), '>>> app_identity.get_service_account_name()', repr(app_identity.get_service_account_name()), '>>> key_name, signature = app_identity.sign_blob(b\'abc\')', '>>> key_name', repr(key_name), '>>> signature', repr(signature[:16] + b'...'), )
def get_own_public_certificates(): """Returns jsonish object with public certificates of current service.""" attempt = 0 while True: attempt += 1 try: certs = app_identity.get_public_certificates(deadline=1.5) break except apiproxy_errors.DeadlineExceededError as e: logging.warning('%s', e) if attempt == 3: raise return { 'certificates': [ { 'key_name': cert.key_name, 'x509_certificate_pem': cert.x509_certificate_pem, } for cert in certs ], 'timestamp': utils.datetime_to_timestamp(utils.utcnow()), }
def get_own_public_certificates(): """Returns CertificateBundle with certificates of the current service.""" attempt = 0 while True: attempt += 1 try: certs = app_identity.get_public_certificates(deadline=1.5) break except apiproxy_errors.DeadlineExceededError as e: logging.warning('%s', e) if attempt == 3: raise return CertificateBundle({ 'app_id': app_identity.get_application_id(), 'service_account_name': utils.get_service_account_name(), 'certificates': [{ 'key_name': cert.key_name, 'x509_certificate_pem': cert.x509_certificate_pem, } for cert in certs], 'timestamp': utils.datetime_to_timestamp(utils.utcnow()), })