def authenticateUserPWD(userid, token): ''' Authenticate user with user's userid and password. Not used right now :param userid: :param token: :return: Boolean ''' pub_pem=getUserPubkey(userid) if pub_pem is None: print "Error in get user public_pem" return False pub_key=RSA.importKey(pub_pem) if pub_key is not None: header, claims=jwt.verify_jwt(token,pub_key,['RS256']) if claims['userid'] is not None: password=claims['password'] if password==getUserPasswordByID(userid): return True else: return False else: return False else: print "Error in generate user public key" return False
def m(): if request.method == 'POST': access_token = request.form.get('access_token') key = RSA.generate(2048) pub_pem = key.publickey().exportKey() pub_key = RSA.importKey(pub_pem) header, claims = jwt.verify_jwt(access_token, pub_key, ['RS256'])
def wrapped(self, *args, **kwargs): token = self.get_argument("token") print arguments try: header, claims = jwt.verify_jwt(token, public_key, ['RS256']) self.claims = claims self.messege = None for __arg in arguments: try: claims[__arg] except Exception as e: self.messege = "Missing argument %s"%__arg self.set_status(400) except _JWTError: self.messege = "Token expired" self.set_status(403) except Exception as e: self.messege = "Some error occurred" print e self.set_status(500) if self.messege: self.write({ "error": True, "success": False, "messege": self.messege, }) return func(self, *args, **kwargs)
def topic(self, topic): """ Set clock and verify token with minted key """ clock, sjwt = topic clock_load(clock) pubk = generated_keys[alg] return jwt.verify_jwt(sjwt, pubk, timedelta(seconds=iat_skew))
def topic(self, topic): """ Verify the token without requiring all claims """ adjust = orig_datetime.utcnow() - orig_datetime.utcfromtimestamp(0) clock_tick(-adjust) return jwt.verify_jwt(topic, None, iat_skew=adjust, checks_optional=True)
def topic(self, topic): """ Set clock and verify token """ clock, sjwt = topic clock_load(clock) if callable(pubk): return pubk(sjwt, timedelta(seconds=iat_skew)) else: return jwt.verify_jwt(sjwt, pubk, timedelta(seconds=iat_skew))
def get_access_level(req): auth_header = req.headers.get('Authorization') if auth_header is None: abort(401) _, claims = jwt.verify_jwt(auth_header, JWT_KEY, [JWT_ALGO]) perms = claims["x-perms"] if "admin" in perms: return AdminProfileSearch elif "directory_private" in perms: return MemberProfileSearch elif "directory_ax" in perms: return CommunityProfileSearch else: return PublicProfileSearch
def test_existing_active_account_correct_password(self): # create the account user = User.objects.create_user(self.email, self.email, self.password) user.is_active = True user.save() claim = UserClaim(email=self.email, claim_name='foo', claim_value='bar') claim.save() # authenticate resp = self.client.post('/token/', data={'email': self.email, 'password': self.password}) self.assertEqual(resp.status_code, status.HTTP_201_CREATED) token = json.loads(resp.content)['token'] header, claims = verify_jwt(token, settings.HMAC_SECRET, ['HS512']) self.assertEqual(claims['email'], self.email) self.assertEqual(claims[claim.claim_name], claim.claim_value) self.assertEqual(header['alg'], u'HS512')
def topic(self, topic): """ Verify the token """ return jwt.verify_jwt(topic, None, ['RS256', 'none'])
def topic(self, topic): """ Verify the token """ return jwt.verify_jwt(topic, key, all_algs)
def f(_): """ Verify token """ pubk = pub_keys[alg].get('default', pub_key) jwt.verify_jwt(token, pubk, [alg])
def topic(self, topic): """ Verify token with no public key and allow RS256 """ return jwt.verify_jwt(topic, None, ['RS256'])
def verify_token(token, public_key_pem, alg_list): try: header, claims = jwt.verify_jwt(token, public_key_pem, alg_list) return header, claims except Exception as ex: raise ValidationError(ex)
def topic(self, topic): """ Verify the token with some public key and none alg allowed """ return jwt.verify_jwt(topic, 'anysecrethere', ['none'])
def f(_): """ Verify token """ pubk = pub_keys[alg].get('default', pub_key) jwt.verify_jwt(token, pubk)
def topic(self, topic): """ Verify the token """ return jwt.verify_jwt(topic, None)
def topic(self, topic): """ Verify the token """ return jwt.verify_jwt(topic, key, [a for a in all_algs if a != alg])
def jwt_process_with_verify(token): jwt.process_jwt(token) jwt.verify_jwt(token)
def topic(self, topic): """ Verify the token """ return jwt.verify_jwt(topic, pub_pem, ['RS256'])
def topic(self, topic): """ Verify the token """ return jwt.verify_jwt(topic, pub_key)
def topic(self, topic): """ Verify the token with some public key """ return jwt.verify_jwt(topic, 'anysecrethere')
def topic(self, topic): """ Verify the token with no public key """ return jwt.verify_jwt(topic)