コード例 #1
0
 def setUp(self):
     key = RSA.generate(2048)
     key_2 = RSA.generate(2048)
     self.private_key = key.exportKey().decode("utf-8")
     self.private_key_2 = key_2.exportKey().decode("utf-8")
     self.exponent = force_unicode(to_base64url_uint(key.e))
     self.modulus = force_unicode(to_base64url_uint(key.n))
     self.sub = str(uuid.uuid1())
     os.environ["USER_POOL_ID"] = "eu-west-1_abcde1234"
     os.environ["CLIENT_IDS"] = "qwertuiop123654789"
     os.environ["REGION"] = "eu-west-1"
コード例 #2
0
    def load_key(self, jwks_endpoint):
        """
        A custom method to load a Synapse "RS256" key.

        Synapse is not providing standard JWK keys:
        * kty is RS256 not RSA
        * e and n are not base64-encoded

        Synapse is updating their JWKS document to align it with conventions,
        so above logic could be abandoned in the future.
        """
        for key in self.get_jwt_keys(jwks_endpoint):
            # For new Synapse JWKS doc, which is modified with conventions
            if key["kty"] == "RSA":
                return "RS256", RSAAlgorithm.from_jwk(json.dumps(key))
            # For old Synapse JWKS odc, kept for backward compability
            # TODO: remove after tested with new Synapse JWKS doc
            # and Synapse has deployed their changes
            elif key["kty"] == "RS256":
                key["kty"] = "RSA"
                for field in ["e", "n"]:
                    if key[field].isdigit():
                        key[field] = to_base64url_uint(int(key[field])).decode()
                return "RS256", RSAAlgorithm.from_jwk(json.dumps(key))

        return None, None
コード例 #3
0
ファイル: api.py プロジェクト: guyzyl/jwthenticator 
    async def get_jwks(self) -> schemas.JWKSResponse:
        """
        Get the JWKS requried for authentication.
        See here for more details: https://auth0.com/docs/tokens/references/jwks-properties
        """
        rsa_obj = RSA.import_key(self.public_key)
        rsa_der = rsa_obj.export_key("DER")

        jwk_payload = schemas.JWKPayload(
            alg=self.jwt_algorithm,
            kty=self.jwt_algorithm_family,
            use="sig",
            x5c=[b64encode(rsa_der).decode("utf8")],
            n=to_base64url_uint(rsa_obj.n),
            e=to_base64url_uint(rsa_obj.e),
            kid=self.key_signature,
            x5t=self.key_signature)

        jwks_obj = schemas.JWKSResponse([jwk_payload])
        return jwks_obj
コード例 #4
0
ファイル: synapse_oauth2.py プロジェクト: qingyashu/fence 
    def load_key(self, jwks_endpoint):
        """A custom method to load a Synapse "RS256" key.

        Synapse is not providing standard JWK keys:
        * kty is RS256 not RSA
        * e and n are not base64-encoded
        """
        for key in self.get_jwt_keys(jwks_endpoint):
            if key["kty"] == "RS256":
                key["kty"] = "RSA"
                for field in ["e", "n"]:
                    if key[field].isdigit():
                        key[field] = to_base64url_uint(int(key[field])).decode()
                return "RS256", RSAAlgorithm.from_jwk(json.dumps(key))

        return None, None
コード例 #5
0
def test_to_base64url_uint(inputval, expected):
    actual = to_base64url_uint(inputval)
    assert actual == expected
コード例 #6
0
def test_to_base64url_uint(inputval, expected):
    actual = to_base64url_uint(inputval)
    assert actual == expected