def encode(signer, payload, header=None, key_id=None):
"""Make a signed JWT.
Args:
signer (google.auth.crypt.Signer): The signer used to sign the JWT.
payload (Mapping[str, str]): The JWT payload.
header (Mapping[str, str]): Additional JWT header payload.
key_id (str): The key id to add to the JWT header. If the signer has a
key id it will be used as the default. If this is specified it will
override the signer's key id.
Returns:
bytes: The encoded JWT.
"""
if header is None:
header = {}
if key_id is None:
key_id = signer.key_id
header.update({'typ': 'JWT', 'alg': 'RS256'})
if key_id is not None:
header['kid'] = key_id
segments = [
_helpers.unpadded_urlsafe_b64encode(json.dumps(header).encode('utf-8')),
_helpers.unpadded_urlsafe_b64encode(json.dumps(payload).encode('utf-8')),
]
signing_input = b'.'.join(segments)
signature = signer.sign(signing_input)
segments.append(_helpers.unpadded_urlsafe_b64encode(signature))
return b'.'.join(segments)
def encode(signer, payload, header=None, key_id=None):
"""Make a signed JWT.
Args:
signer (google.auth.crypt.Signer): The signer used to sign the JWT.
payload (Mapping[str, str]): The JWT payload.
header (Mapping[str, str]): Additional JWT header payload.
key_id (str): The key id to add to the JWT header. If the
signer has a key id it will be used as the default. If this is
specified it will override the signer's key id.
Returns:
bytes: The encoded JWT.
"""
if header is None:
header = {}
if key_id is None:
key_id = signer.key_id
header.update({"typ": "JWT"})
if "alg" not in header:
if es256 is not None and isinstance(signer, es256.ES256Signer):
header.update({"alg": "ES256"})
else:
header.update({"alg": "RS256"})
if key_id is not None:
header["kid"] = key_id
segments = [
_helpers.unpadded_urlsafe_b64encode(
json.dumps(header).encode("utf-8")),
_helpers.unpadded_urlsafe_b64encode(
json.dumps(payload).encode("utf-8")),
]
signing_input = b".".join(segments)
signature = signer.sign(signing_input)
segments.append(_helpers.unpadded_urlsafe_b64encode(signature))
return b".".join(segments)
def encode(signer, payload, header=None, key_id=None):
"""Make a signed JWT.
Args:
signer (google.auth.crypt.Signer): The signer used to sign the JWT.
payload (Mapping[str, str]): The JWT payload.
header (Mapping[str, str]): Additional JWT header payload.
key_id (str): The key id to add to the JWT header. If the
signer has a key id it will be used as the default. If this is
specified it will override the signer's key id.
Returns:
bytes: The encoded JWT.
"""
if header is None:
header = {}
if key_id is None:
key_id = signer.key_id
header.update({'typ': 'JWT', 'alg': 'RS256'})
if key_id is not None:
header['kid'] = key_id
segments = [
_helpers.unpadded_urlsafe_b64encode(
json.dumps(header).encode('utf-8')
),
_helpers.unpadded_urlsafe_b64encode(
json.dumps(payload).encode('utf-8')
),
]
signing_input = b'.'.join(segments)
signature = signer.sign(signing_input)
segments.append(
_helpers.unpadded_urlsafe_b64encode(signature)
)
return b'.'.join(segments)
