def main(): """ The main loop. """ options = parse_arguments() if options['clipboard']: try: import pyperclip except ImportError: print_error('The pyperclip module is needed to use the clipboard.') options['clipboard'] = False if options['adfs_login']: options['cookie'] = adfs_login(options) if options['adfs_code']: options['code'] = get_code(options) if options['adfs_token']: options['token'] = get_token(options) if options['token']: if options['clipboard']: pyperclip.copy('Authorization: Bearer ' + options['token']) print_status('Token and header copied to clipboard') proxy_token, access_token = extract_tokens(options['token']) print_status('proxy token: {0}\nclaims: {1}'. format(jwt.process_jwt(proxy_token)[0], jwt.process_jwt(proxy_token)[1]), options) print_status('access token: {0}\nclaims: {1}'. format(jwt.process_jwt(access_token)[0], jwt.process_jwt(access_token)[1]), options) if options['inputfile']: endpoints = read_endpoints(options['inputfile']) for endpoint in endpoints: # expecting URI[{value}] line = re.split('[{}]', endpoint) call_api(line[0], options['token'], len(line) > 1, options)
def verify_token(request): """Verify a token set in the headers Expects to find a header 'Authorization' in the form: Bearer (JSON Web Token) If header not found or doesn't verify raises HTTPUnauthorized. If JWT verifies auth token is checked against the server side session. If no session, raises HTTPUnauthorised. If all is well, returns the token claims. """ # get the token or raise Unauthorized if none try: token = request.headers['Authorization'] token = token.split()[1] except: log.info("%s: Couldn't get token from headers" % request.client_addr) raise HTTPUnauthorized # load the pub and private keys path = os.path.dirname(request.registry.settings.get('app.config')) config = request.registry.app_config['general'] f = open(os.path.join(path, config['jwt.pub']), 'r') public_key = f.read() f.close() public_key = RSA.importKey(public_key) #print dir(public_key) # verify the jwt try: headers, claims = jwt.process_jwt(json.dumps(token)) log.info("%s: JWT verified." % request.client_addr) except: log.error("%s: Couldn't verify JWT. Raising HTTPUnauthorized." % request.client_addr) raise HTTPUnauthorized # grab a handle to the database db = mdb(request) log.info("%s: Checking auth token for '%s (%s)' still valid." % (request.client_addr, claims['user']['name'], claims['user']['email'])) token = claims['user']['token'] doc = db.session.find_one({ 'token': token }) if doc is None: log.error("%s: No session found for '%s (%s)'. Raising HTTPUnauthorized." % (request.client_addr, claims['user']['name'], claims['user']['email'])) raise HTTPUnauthorized return claims
def main(): """ The main loop. """ options = parse_arguments() if options['clipboard']: try: import pyperclip except ImportError: print_error('The pyperclip module is needed to use the clipboard.') options['clipboard'] = False if options['adfs_login']: options['cookie'] = adfs_login(options) if options['adfs_code']: options['code'] = get_code(options) if options['adfs_token']: options['token'] = get_token(options) if options['token']: if options['clipboard']: pyperclip.copy('Authorization: Bearer ' + options['token']) print_status('Token and header copied to clipboard') proxy_token, access_token = extract_tokens(options['token']) print_status( 'proxy token: {0}\nclaims: {1}'.format( jwt.process_jwt(proxy_token)[0], jwt.process_jwt(proxy_token)[1]), options) print_status( 'access token: {0}\nclaims: {1}'.format( jwt.process_jwt(access_token)[0], jwt.process_jwt(access_token)[1]), options) if options['inputfile']: endpoints = read_endpoints(options['inputfile']) for endpoint in endpoints: # expecting URI[{value}] line = re.split('[{}]', endpoint) call_api(line[0], options['token'], len(line) > 1, options)
def topic(self, topic): """ Get just the token, don't need clock """ _, sjwt = topic return jwt.process_jwt(sjwt)
def jwt_process_with_verify(token): jwt.process_jwt(token) jwt.verify_jwt(token)
def jwt_process_without_verify(token): jwt.process_jwt(token) # Noncompliant print(token)