def _sign(self, pdata, sks, dump_json_data): if not isinstance(sks, list): sks = [sks] jheader = '{"alg": "ES256"}' jheader_b64 = base64url_encode(jheader) jpayload = json.dumps(pdata) if dump_json_data else pdata jpayload_b64 = base64url_encode(jpayload) pdata_sig = {'payload': jpayload_b64, 'signatures': []} for sk in sks: sig_string_b64 = jws.sign(jheader, jpayload, sk, is_json=True) order = sk.curve.order sig_string = base64url_decode(sig_string_b64) r, s = sigdecode_string(sig_string, order) sig_der = sigencode_der(r, s, order) sig_der_b64 = base64url_encode(sig_der) pdata_sig['signatures'].append({'protected': jheader_b64, 'signature': sig_der_b64}) return pdata_sig
def b64url_dec(b64url, e=None): try: # Adding `str` wrapper here avoids a TypeError return base64url_decode(str(b64url)) except TypeError, msg: if e is None: raise TypeError(msg) else: raise e
def _create_auth_token(self, sk, profile): jheader = '{"alg": "ES256"}' jheader_b64 = base64url_encode(jheader) body = {'id': profile.profile_id, 'timestamp': int(time.time())} jbody = json.dumps(body) jbody_b64 = base64url_encode(jbody) sig_string_b64 = jws.sign(jheader, jbody, sk, is_json=True) order = sk.curve.order sig_string = base64url_decode(sig_string_b64) r, s = sigdecode_string(sig_string, order) sig_der = sigencode_der(r, s, order) sig_der_b64 = base64url_encode(sig_der) return '{0}.{1}.{2}'.format(jheader_b64, jbody_b64, sig_der_b64)