def get(self): self.send_response({ 'app_id': app_identity.get_application_id(), 'app_runtime': 'python27', 'app_version': utils.get_app_version(), 'service_account_name': utils.get_service_account_name(), })
def sign_jwt(aud): """Produces a JWT signed with app's service account key.""" now = int(utils.time_time()) issuer = utils.get_service_account_name() claims = { 'email': issuer, 'exp': now + 3600, 'iat': now, 'iss': issuer, 'sub': issuer, } if aud: claims['aud'] = aud claims_b64 = b64.encode(utils.encode_to_json(claims)) payload = '.'.join((_jwt_header_b64, claims_b64)) # TODO(vadimsh): Use sign_jwt RPC to get JWT header with 'kid' populated. _, sig = app_identity.sign_blob(payload) return '.'.join((payload, b64.encode(sig)))
def get_own_public_certificates(): """Returns CertificateBundle with certificates of the current service.""" attempt = 0 while True: attempt += 1 try: certs = app_identity.get_public_certificates(deadline=1.5) break except apiproxy_errors.DeadlineExceededError as e: logging.warning('%s', e) if attempt == 3: raise return CertificateBundle({ 'app_id': app_identity.get_application_id(), 'service_account_name': utils.get_service_account_name(), 'certificates': [{ 'key_name': cert.key_name, 'x509_certificate_pem': cert.x509_certificate_pem, } for cert in certs], 'timestamp': utils.datetime_to_timestamp(utils.utcnow()), })