Пример #1
0
    def index(self, **kwargs):
        if cherrypy.request.process_request_body is True:
            _json_doc = cherrypy.request.body.read()
        else:
            raise cherrypy.HTTPError(400, 'Missing Client registration body')

        if _json_doc == b'':
            raise cherrypy.HTTPError(400, 'Missing Client registration body')

        _args = json.loads(as_unicode(_json_doc))
        _mds = MetadataStatement(**_args)

        try:
            _mds.verify()
        except (MessageException, VerificationError) as err:
            raise cherrypy.CherryPyException(str(err))
        else:
            _jwt = self.signer.create_signed_metadata_statement(_mds,
                                                                single=True)
            cherrypy.response.headers['Content-Type'] = 'application/jwt'
            return as_bytes(_jwt)
Пример #2
0
    def register(self, url):
        if cherrypy.request.process_request_body is True:
            _json_doc = cherrypy.request.body.read()
        else:
            raise cherrypy.HTTPError(400, 'Missing Client registration body')

        if _json_doc == b'':
            raise cherrypy.HTTPError(400, 'Missing Client registration body')

        _args = json.loads(as_unicode(_json_doc))
        _mds = MetadataStatement(**_args)

        try:
            _mds.verify()
        except (MessageException, VerificationError) as err:
            raise cherrypy.CherryPyException(str(err))
        else:
            res = requests.post(url, json=_mds.to_json())
            if 200 <= res.status_code < 300:
                self.signer.metadata_statements[url] = res.text
                cherrypy.response.headers['Content-Type'] = 'application/jwt'
                return as_bytes(res.text)
            else:
                raise cherrypy.HTTPError(message=res.text)
Пример #3
0
    def index(self, signer='', context='discovery', **kwargs):
        if not signer:
            raise cherrypy.HTTPError(400, 'Missing signer')
        if signer not in self.signer:
            raise cherrypy.HTTPError(400, 'unknown signer')

        if cherrypy.request.process_request_body is True:
            _json_doc = cherrypy.request.body.read()
        else:
            raise cherrypy.HTTPError(400, 'Missing Client registration body')

        if _json_doc == b'':
            raise cherrypy.HTTPError(400, 'Missing Client registration body')

        try:
            _args = json.loads(as_unicode(_json_doc))
        except json.JSONDecodeError as err:
            raise cherrypy.HTTPError(
                message="JSON decode error: {}".format(str(err)))
        _mds = MetadataStatement(**_args)

        try:
            _mds.verify()
        except (MessageException, VerificationError) as err:
            raise cherrypy.HTTPError(
                message="Message verification error: {}".format(str(err)))
        else:
            _sign = self.signer[signer]
            try:
                _resp = _sign.create_signed_metadata_statement(_mds, context)
            except (KeyError, SigningServiceError) as err:
                raise cherrypy.HTTPError(message=str(err))
            else:
                _jwt = list(_resp.values())[0]
            cherrypy.response.headers['Content-Type'] = 'application/jwt'
            return as_bytes(_jwt)
Пример #4
0
from fedoidc import MetadataStatement
from fedoidc.signing_service import InternalSigningService
from fedoidc.signing_service import Signer

from oic.utils.keyio import build_keyjar

KEYDEFS= [{"type": "RSA", "key": "keys/{}.key", "use": ["sig"]}]

parser = argparse.ArgumentParser()
parser.add_argument('-i', dest='iss')
parser.add_argument('-m', dest='ms_dir', default='ms_dir')
parser.add_argument(dest="statement")
args = parser.parse_args()

_keydefs = []
for spec in KEYDEFS:
    spec['key'] = spec['key'].format(quote_plus(args.iss))
    _keydefs.append(spec)

sig_keys = build_keyjar(KEYDEFS)[1]
signing_service = InternalSigningService(iss=args.iss, signing_keys=sig_keys)
signer = Signer(signing_service, args.ms_dir)

_args = json.loads(open(args.statement,'r').read())
_mds = MetadataStatement(**_args)

_mds.verify()

print(signer.create_signed_metadata_statement(_mds, single=True))