def index(self, op, **kwargs):
if cherrypy.request.method == "OPTIONS":
cherrypy_cors.preflight(allowed_methods=["GET"],
origins='*',
allowed_headers='Authorization')
else:
try:
authz = cherrypy.request.headers['Authorization']
except KeyError:
authz = None
try:
assert authz.startswith("Bearer")
except AssertionError:
op.events.store(EV_FAULT, "Bad authorization token")
cherrypy.HTTPError(400, "Bad authorization token")
tok = authz[7:]
try:
_claims = op.claim_access_token[tok]
except KeyError:
op.events.store(EV_FAULT, "Bad authorization token")
cherrypy.HTTPError(400, "Bad authorization token")
else:
# one time token
del op.claim_access_token[tok]
_info = Message(**_claims)
jwt_key = op.keyjar.get_signing_key()
op.events.store(EV_RESPONSE, _info.to_dict())
cherrypy.response.headers["content-type"] = 'application/jwt'
return as_bytes(_info.to_jwt(key=jwt_key, algorithm="RS256"))
def index(self, op, **kwargs):
if cherrypy.request.method == "OPTIONS":
cherrypy_cors.preflight(
allowed_methods=["GET"], origins='*',
allowed_headers='Authorization')
else:
try:
authz = cherrypy.request.headers['Authorization']
except KeyError:
authz = None
try:
assert authz.startswith("Bearer")
except AssertionError:
op.events.store(EV_FAULT, "Bad authorization token")
cherrypy.HTTPError(400, "Bad authorization token")
tok = authz[7:]
try:
_claims = op.claim_access_token[tok]
except KeyError:
op.events.store(EV_FAULT, "Bad authorization token")
cherrypy.HTTPError(400, "Bad authorization token")
else:
# one time token
del op.claim_access_token[tok]
_info = Message(**_claims)
jwt_key = op.keyjar.get_signing_key()
op.events.store(EV_RESPONSE, _info.to_dict())
cherrypy.response.headers["content-type"] = 'application/jwt'
return as_bytes(_info.to_jwt(key=jwt_key, algorithm="RS256"))
**rreq.to_dict())
# ----------------------------------------------------------------------------
# The RP publishes Registration Request
# ----------------------------------------------------------------------------
rere = Message(
software_statement_uris={
swamid_issuer: "https://dev.example.com/rp1/idfed/swamid.jws",
incommon_issuer: "https://dev.example.com/rp1/idfed/incommon.jws"
}
)
print('Registration Request published by RP')
print(70 * "-")
print_lines(json.dumps(rere.to_dict(), sort_keys=True, indent=2,
separators=(',', ': ')))
# ### ======================================================================
# # On the OP
# ### ======================================================================
print('The OP chooses which federation it will work under - SWAMID of course')
op_keyjar = KeyJar()
op_keyjar.add_kb(swamid_issuer, KeyBundle(swamid_jwks['keys']))
# -----------------------------------------------------------------------------
# Unpacking the russian doll (= the software_statement)
# -----------------------------------------------------------------------------
**rreq.to_dict())
# ----------------------------------------------------------------------------
# The RP publishes Registration Request
# ----------------------------------------------------------------------------
rere = Message(
software_statement_uris={
swamid_issuer: "https://dev.example.com/rp1/idfed/swamid.jws",
incommon_issuer: "https://dev.example.com/rp1/idfed/incommon.jws"
})
print('Registration Request published by RP')
print(70 * "-")
print_lines(
json.dumps(rere.to_dict(),
sort_keys=True,
indent=2,
separators=(',', ': ')))
# ### ======================================================================
# # On the OP
# ### ======================================================================
print('The OP chooses which federation it will work under - SWAMID of course')
op_keyjar = KeyJar()
op_keyjar.add_kb(swamid_issuer, KeyBundle(swamid_jwks['keys']))
# -----------------------------------------------------------------------------
# Unpacking the russian doll (= the software_statement)