def get(self):
self.send_response({
'app_id': app_identity.get_application_id(),
'app_runtime': 'python27',
'app_version': utils.get_app_version(),
'service_account_name': utils.get_service_account_name(),
})
def sign_jwt(aud):
"""Produces a JWT signed with app's service account key."""
now = int(utils.time_time())
issuer = utils.get_service_account_name()
claims = {
'email': issuer,
'exp': now + 3600,
'iat': now,
'iss': issuer,
'sub': issuer,
}
if aud:
claims['aud'] = aud
claims_b64 = b64.encode(utils.encode_to_json(claims))
payload = '.'.join((_jwt_header_b64, claims_b64))
# TODO(vadimsh): Use sign_jwt RPC to get JWT header with 'kid' populated.
_, sig = app_identity.sign_blob(payload)
return '.'.join((payload, b64.encode(sig)))
def get_own_public_certificates():
"""Returns CertificateBundle with certificates of the current service."""
attempt = 0
while True:
attempt += 1
try:
certs = app_identity.get_public_certificates(deadline=1.5)
break
except apiproxy_errors.DeadlineExceededError as e:
logging.warning('%s', e)
if attempt == 3:
raise
return CertificateBundle({
'app_id':
app_identity.get_application_id(),
'service_account_name':
utils.get_service_account_name(),
'certificates': [{
'key_name': cert.key_name,
'x509_certificate_pem': cert.x509_certificate_pem,
} for cert in certs],
'timestamp':
utils.datetime_to_timestamp(utils.utcnow()),
})