def __init__( self, secret_key, auth, algorithm='HS256', verify_expiration=True, leeway=30, expiration=60 * 5, allow_refresh=True, refresh_expiration_delta=60 * 60, header_prefix='Bearer', jwt_add_header=None, user_param='username', pass_param='password', realm='Login required', salt=None, additional_payload=None, before_authorization=None, max_header_length=4 * 1024, ): self.secret_key = secret_key self.auth = auth self.algorithm = algorithm if self.algorithm not in ('HS256', 'HS384', 'HS512'): raise NotImplementedError('Algoritm %s not allowed' % algorithm) self.verify_expiration = verify_expiration self.leeway = leeway self.expiration = expiration self.allow_refresh = allow_refresh self.refresh_expiration_delta = refresh_expiration_delta self.header_prefix = header_prefix self.jwt_add_header = jwt_add_header or {} base_header = {'alg': self.algorithm, 'typ': 'JWT'} for k, v in self.jwt_add_header.iteritems(): base_header[k] = v self.cached_b64h = self.jwt_b64e(json_parser.dumps(base_header)) digestmod_mapping = { 'HS256': hashlib.sha256, 'HS384': hashlib.sha384, 'HS512': hashlib.sha512 } self.digestmod = digestmod_mapping[algorithm] self.user_param = user_param self.pass_param = pass_param self.realm = realm self.salt = salt self.additional_payload = additional_payload self.before_authorization = before_authorization self.max_header_length = max_header_length print 'initialized'
def generate_token(self, payload): secret = self.secret_key if self.salt: if callable(self.salt): secret = "%s$%s" % (secret, self.salt(payload)) else: secret = "%s$%s" % (secret, self.salt) if isinstance(secret, unicode): secret = secret.encode('ascii', 'ignore') b64h = self.cached_b64h b64p = self.jwt_b64e(json_parser.dumps(payload)) jbody = b64h + '.' + b64p mauth = hmac.new(key=secret, msg=jbody, digestmod=self.digestmod) jsign = self.jwt_b64e(mauth.digest()) return jbody + '.' + jsign
def __init__(self, secret_key, auth, algorithm='HS256', verify_expiration=True, leeway=30, expiration=60 * 5, allow_refresh=True, refresh_expiration_delta=60 * 60, header_prefix='Bearer', jwt_add_header=None, user_param='username', pass_param='password', realm='Login required', salt=None, additional_payload=None, before_authorization=None, max_header_length=4*1024, ): self.secret_key = secret_key self.auth = auth self.algorithm = algorithm if self.algorithm not in ('HS256', 'HS384', 'HS512'): raise NotImplementedError('Algoritm %s not allowed' % algorithm) self.verify_expiration = verify_expiration self.leeway = leeway self.expiration = expiration self.allow_refresh = allow_refresh self.refresh_expiration_delta = refresh_expiration_delta self.header_prefix = header_prefix self.jwt_add_header = jwt_add_header or {} base_header = {'alg': self.algorithm, 'typ': 'JWT'} for k, v in self.jwt_add_header.iteritems(): base_header[k] = v self.cached_b64h = self.jwt_b64e(json_parser.dumps(base_header)) digestmod_mapping = { 'HS256': hashlib.sha256, 'HS384': hashlib.sha384, 'HS512': hashlib.sha512 } self.digestmod = digestmod_mapping[algorithm] self.user_param = user_param self.pass_param = pass_param self.realm = realm self.salt = salt self.additional_payload = additional_payload self.before_authorization = before_authorization self.max_header_length = max_header_length print 'initialized'