예제 #1
def request_certificate(token, 
    """Requests a certificate using an OAuth authorized resource request.
    @param token: access token to use in request
    @type token: basestring
    @param resource_server_url: URL of resource server to which the request
    should be made
    @type resource_server_url: basestring
    @param ssl_config: SSL configuration including the OAuth client certificate
    and private key
    @type ssl_config: ndg.httpsclient.ssl_context_util:SSlContextConfig
    @param certificate_request_parameter: name of parameter for the certificate
    request in the resource server request
    @type certificate_request_parameter: basestring
    oauth_client = Oauth2Client(access_token=token)
    parameters = {}
    key_pair = openssl_cert.create_keypair()
    cert_req = openssl_cert.create_certreq('ignored-username', key_pair)
                      if certificate_request_parameter is None
                      else certificate_request_parameter)
    parameters[cert_req_param] = base64.b64encode(cert_req)

    # Make POST request to obtain an access token.
    log.debug("Resource request - parameters: %s", parameters)
    data = urllib.urlencode(parameters)
    response = oauth_client.request_resource(resource_server_url, 

    # TODO: Refactor so that does or doesn't support JSON response - currently
    # works so that it will accept either
    if 'application/json' in response.headers.get('Content-type', ''):
        response_json = json.load(response)
        certificate = response_json.get('certificate', None)
        certificate = response.read() 

    # Get the private key.
    private_key = openssl_cert.getKeyPairPrivateKey(key_pair)
    return private_key, certificate
예제 #2
def request_certificate(token,
    """Requests a certificate using an OAuth authorized resource request.
    @param token: access token to use in request
    @type token: basestring
    @param resource_server_url: URL of resource server to which the request
    should be made
    @type resource_server_url: basestring
    @param ssl_config: SSL configuration including the OAuth client certificate
    and private key
    @type ssl_config: ndg.httpsclient.ssl_context_util:SSlContextConfig
    @param certificate_request_parameter: name of parameter for the certificate
    request in the resource server request
    @type certificate_request_parameter: basestring
    oauth_client = Oauth2Client(access_token=token)

    parameters = {}
    key_pair = openssl_cert.create_keypair()
    cert_req = openssl_cert.create_certreq('ignored-username', key_pair)

                      if certificate_request_parameter is None else

    parameters[cert_req_param] = base64.b64encode(cert_req)

    # Make POST request to obtain an access token.
    log.debug("Resource request - parameters: %s", parameters)
    data = urllib.urlencode(parameters)

    response = oauth_client.request_resource(resource_server_url,

    # TODO: Refactor so that does or doesn't support JSON response - currently
    # works so that it will accept either
    if 'application/json' in response.headers.get('Content-type', ''):
        response_json = json.load(response)
        certificate = response_json.get('certificate', None)
        certificate = response.read()

    # Get the private key.
    private_key = openssl_cert.getKeyPairPrivateKey(key_pair)
    return private_key, certificate
    def additional_access_token_request_parameters(self, parameters, request):
        Creates a certificate request and sets it as an additional parameter.
        Also, saves the private key in environ.

        @type parameters: dict of str
        @param parameters: parameters sent in access token request

        @type request: webob.Request
        @param request: request object
        key_pair = openssl_cert.create_keypair()
        cert_req = openssl_cert.create_certreq('ignored-username', key_pair)
        parameters[self.certificate_request_parameter] = base64.b64encode(cert_req)

        # Store the private key.
        private_key = openssl_cert.getKeyPairPrivateKey(key_pair)
        self.private_key = private_key
예제 #4
    def additional_access_token_request_parameters(self, parameters, request):
        Creates a certificate request and sets it as an additional parameter.
        Also, saves the private key in environ.

        @type parameters: dict of str
        @param parameters: parameters sent in access token request

        @type request: webob.Request
        @param request: request object
        key_pair = openssl_cert.create_keypair()
        cert_req = openssl_cert.create_certreq('ignored-username', key_pair)
        parameters[self.certificate_request_parameter] = base64.b64encode(

        # Store the private key.
        private_key = openssl_cert.getKeyPairPrivateKey(key_pair)
        self.private_key = private_key