예제 #1
0
def base64url_decode(string):
    # type: (str) -> str
    """Decodes a Base64 URL-encoded string per RFC 7515.

    RFC 7515 (used for Encrypted Content-Encoding and JWT) requires unpadded
    encoded strings, but Python's ``urlsafe_b64decode`` only accepts padded
    strings.
    """
    return base64.urlsafe_b64decode(repad(string))
예제 #2
0
def extract_jwt(token, crypto_key, is_trusted=False, use_crypto=False):
    # type: (str, str, bool, bool) -> Dict[str, str]
    """Extract the claims from the validated JWT. """
    # first split and convert the jwt.
    if not token or not crypto_key:
        return {}
    if is_trusted:
        return VerifyJWT.extract_assertion(token)
    if use_crypto:
        return VerifyJWT.validate_and_extract_assertion(
            token, decipher_public_key(crypto_key.encode('utf8')))
    else:
        key = ecdsa.VerifyingKey.from_string(base64.urlsafe_b64decode(
            repad(crypto_key.encode('utf8')))[-64:],
                                             curve=ecdsa.NIST256p)
        return jwt.decode(token,
                          dict(keys=[key]),
                          options=dict(
                              verify_aud=False,
                              verify_sub=False,
                              verify_exp=False,
                          ))