def encode(signer, payload, header=None, key_id=None): """Make a signed JWT. Args: signer (google.auth.crypt.Signer): The signer used to sign the JWT. payload (Mapping[str, str]): The JWT payload. header (Mapping[str, str]): Additional JWT header payload. key_id (str): The key id to add to the JWT header. If the signer has a key id it will be used as the default. If this is specified it will override the signer's key id. Returns: bytes: The encoded JWT. """ if header is None: header = {} if key_id is None: key_id = signer.key_id header.update({'typ': 'JWT', 'alg': 'RS256'}) if key_id is not None: header['kid'] = key_id segments = [ _helpers.unpadded_urlsafe_b64encode(json.dumps(header).encode('utf-8')), _helpers.unpadded_urlsafe_b64encode(json.dumps(payload).encode('utf-8')), ] signing_input = b'.'.join(segments) signature = signer.sign(signing_input) segments.append(_helpers.unpadded_urlsafe_b64encode(signature)) return b'.'.join(segments)
def encode(signer, payload, header=None, key_id=None): """Make a signed JWT. Args: signer (google.auth.crypt.Signer): The signer used to sign the JWT. payload (Mapping[str, str]): The JWT payload. header (Mapping[str, str]): Additional JWT header payload. key_id (str): The key id to add to the JWT header. If the signer has a key id it will be used as the default. If this is specified it will override the signer's key id. Returns: bytes: The encoded JWT. """ if header is None: header = {} if key_id is None: key_id = signer.key_id header.update({"typ": "JWT"}) if "alg" not in header: if es256 is not None and isinstance(signer, es256.ES256Signer): header.update({"alg": "ES256"}) else: header.update({"alg": "RS256"}) if key_id is not None: header["kid"] = key_id segments = [ _helpers.unpadded_urlsafe_b64encode( json.dumps(header).encode("utf-8")), _helpers.unpadded_urlsafe_b64encode( json.dumps(payload).encode("utf-8")), ] signing_input = b".".join(segments) signature = signer.sign(signing_input) segments.append(_helpers.unpadded_urlsafe_b64encode(signature)) return b".".join(segments)
def encode(signer, payload, header=None, key_id=None): """Make a signed JWT. Args: signer (google.auth.crypt.Signer): The signer used to sign the JWT. payload (Mapping[str, str]): The JWT payload. header (Mapping[str, str]): Additional JWT header payload. key_id (str): The key id to add to the JWT header. If the signer has a key id it will be used as the default. If this is specified it will override the signer's key id. Returns: bytes: The encoded JWT. """ if header is None: header = {} if key_id is None: key_id = signer.key_id header.update({'typ': 'JWT', 'alg': 'RS256'}) if key_id is not None: header['kid'] = key_id segments = [ _helpers.unpadded_urlsafe_b64encode( json.dumps(header).encode('utf-8') ), _helpers.unpadded_urlsafe_b64encode( json.dumps(payload).encode('utf-8') ), ] signing_input = b'.'.join(segments) signature = signer.sign(signing_input) segments.append( _helpers.unpadded_urlsafe_b64encode(signature) ) return b'.'.join(segments)