def gen_keys(key_size): try: from jwcrypto.jwk import JWK, JWKSet except ImportError as e: msg = "You have to install jwcrypto to use this function" print(msg) raise ImportError(msg) from e jwk = JWK() jwk.generate_key(generate="RSA", size=key_size) contents = jwk.export_to_pem(private_key=True, password=None) with open("private.pem", "w") as priv_pem_file: priv_pem_file.write(contents.decode("utf8")) contents = jwk.export_to_pem(private_key=False, password=None) with open("public.pem", "w") as priv_pem_file: priv_pem_file.write(contents.decode("utf8")) jwks = JWKSet() jwks.add(jwk) raw = jwks.export(private_keys=True) formatted = json.dumps(json.loads(raw), indent=2) with open("private.json", "w") as priv_jwks_file: priv_jwks_file.write(formatted) raw = jwks.export(private_keys=False) formatted = json.dumps(json.loads(raw), indent=2) with open("public.json", "w") as public_jwks_file: public_jwks_file.write(formatted)
def generate_authorization_request(configuration, registration, redirect_url, key: jwk.JWK): auth_url = configuration["authorization_endpoint"] client_id = registration["client_id"] pubkey = key.export_public(as_dict=True) pubkey.update({"alg": "RS256", "ext": True, "key_ops": ["verify"]}) nonce = secrets.token_urlsafe(24) request = { "redirect_uri": redirect_url, "display": "page", "nonce": nonce, "key": pubkey } print(request) # I can't seem to use jwcrypto to encode a jwt and sign it with the key, so let's just # install pyjwt and use that instead privatekey = key.export_to_pem(private_key=True, password=None) request_jwt = jwt.encode(request, key=None, algorithm=None) state = secrets.token_urlsafe(24) params = { "scope": "openid", "client_id": client_id, # TODO: This should be the values we added when registering "response_type": "id_token token", "request": request_jwt, "state": state, } p = Request('GET', auth_url, params=params).prepare() return p.url
def set_refresh_key(self, key: jwk.JWK): pem = key.export_to_pem(private_key=True, password=None) self.enc_refresh_key = FERNET.encrypt(pem)
import os from jwcrypto.jwk import JWK pub_file = "public_key.pem" priv_file = "private_key.pem" key = JWK(generate="RSA", size=2048) pub_key = key.export_to_pem(private_key=False, password=None) priv_key = key.export_to_pem(private_key=True, password=None) def overwrite_file(file_name, content): if os.path.exists(file_name): os.remove(file_name) file = open(file_name, "wb") file.write(content) file.close() overwrite_file(pub_file, pub_key) overwrite_file(priv_file, priv_key)