def _func(self, conv):
response = get_protocol_response(conv, ASConfigurationResponse)
if not response:
response = get_protocol_response(conv, ServerMetadata)
response = response[-1] # Should only be one but ...
res = {}
try:
_jwks_uri = response['jwks_uri']
except KeyError:
try:
kb = KeyBundle(response['jwks'])
except KeyBundle:
self._message = "Neither jwks_uri or jwks defined"
self._status = ERROR
except UnknownKeyType as err:
self._message = '{}'.format(err)
self._status = ERROR
else:
kb = KeyBundle(source=_jwks_uri, verify_ssl=False)
try:
kb.update()
except UpdateFailed as err:
self._message = '{}'.format(err)
self._status = ERROR
return res
def __call__(self):
kb = KeyBundle(source=self.conv.entity.provider_info["jwks_uri"])
kb.verify_ssl = False
kb.update()
try:
self.conv.keybundle.append(kb)
except AttributeError:
self.conv.keybundle = [kb]
def __call__(self):
kb = KeyBundle(source=self.conv.entity.provider_info["jwks_uri"])
kb.verify_ssl = False
kb.update()
try:
self.conv.keybundle.append(kb)
except AttributeError:
self.conv.keybundle = [kb]
def __call__(self, conv, **kwargs):
pi = conv.client.provider_info
kb = KeyBundle(source=pi["jwks_uri"])
kb.verify_ssl = False
kb.update()
try:
conv.keybundle.append(kb)
except AttributeError:
conv.keybundle = [kb]
def __call__(self, conv, **kwargs):
pi = conv.client.provider_info
kb = KeyBundle(source=pi["jwks_uri"])
kb.verify_ssl = False
kb.update()
try:
conv.keybundle.append(kb)
except AttributeError:
conv.keybundle = [kb]
def test_chain_1():
kc = KeyBundle([{"kty": "oct", "key": "supersecret", "use": "sig"}])
assert len(kc.get("oct")) == 1
assert len(kc.get("rsa")) == 0
assert kc.remote is False
assert kc.source is None
kc.update() # Nothing should happen
assert len(kc.get("oct")) == 1
assert len(kc.get("rsa")) == 0
assert kc.remote is False
assert kc.source is None
def test_update(self):
kc = KeyBundle([{"kty": "oct", "key": "supersecret", "use": "sig"}])
assert len(kc.get("oct")) == 1
assert len(kc.get("rsa")) == 0
assert kc.remote is False
assert kc.source is None
kc.update() # Nothing should happen
assert len(kc.get("oct")) == 1
assert len(kc.get("rsa")) == 0
assert kc.remote is False
assert kc.source is None
def test_chain_1():
kc = KeyBundle({"hmac": "supersecret"}, usage="sig")
assert len(kc.get("hmac")) == 1
assert len(kc.get("rsa")) == 0
assert kc.usage == ["sig"]
assert kc.remote == False
assert kc.source is None
kc.update() # Nothing should happen
assert len(kc.get("hmac")) == 1
assert len(kc.get("rsa")) == 0
assert kc.usage == ["sig"]
assert kc.remote == False
assert kc.source is None
def test_chain_3():
kc = KeyBundle(source="file://../oc3/certs/server.crt", type="rsa",
src_type="x509", usage=["sig", "enc"])
assert kc.usage == ["sig", "enc"]
assert kc.remote == False
assert kc.source == "../oc3/certs/server.crt"
assert len(kc.get("hmac")) == 0
assert len(kc.get("rsa")) == 1
key = kc.get("rsa")[0]
assert isinstance(key, M2Crypto.RSA.RSA)
kc.update()
assert kc.usage == ["sig", "enc"]
assert kc.remote == False
assert kc.source == "../oc3/certs/server.crt"
assert len(kc.get("hmac")) == 0
assert len(kc.get("rsa")) == 1
key = kc.get("rsa")[0]
assert isinstance(key, M2Crypto.RSA.RSA)
def test_chain_2():
kc = KeyBundle(source="file://../oc3/certs/mycert.key", type="rsa",
usage=["ver", "sig"])
assert kc.usage == ["ver", "sig"]
assert kc.remote == False
assert kc.source == "../oc3/certs/mycert.key"
assert len(kc.get("hmac")) == 0
assert len(kc.get("rsa")) == 1
key = kc.get("rsa")[0]
assert isinstance(key, M2Crypto.RSA.RSA)
kc.update()
assert kc.usage == ["ver", "sig"]
assert kc.remote == False
assert kc.source == "../oc3/certs/mycert.key"
assert len(kc.get("hmac")) == 0
assert len(kc.get("rsa")) == 1
key = kc.get("rsa")[0]
assert isinstance(key, M2Crypto.RSA.RSA)
from oic.utils.keyio import KeyBundle, key_eq
__author__ = 'rolandh'
jwk_url = ["https://connect.openid4.us/connect4us.jwk", # edmund
"https://connect-op.heroku.com/jwk.json"] # nov
x509_url = ["https://connect-op.heroku.com/cert.pem"]
kc0 = KeyBundle(source=jwk_url[1], src_type="jwk", type="rsa", usage=["sig", "enc"])
kc1 = KeyBundle(source=x509_url[0], src_type="x509", type="rsa", usage=["sig", "enc"])
kc0.update()
print kc0
kc1.update()
print kc1
print key_eq(kc0.get("rsa")[0], kc1.get("rsa")[0])
