示例#1
0
    def _func(self, conv):

        response = get_protocol_response(conv, ASConfigurationResponse)
        if not response:
            response = get_protocol_response(conv, ServerMetadata)

        response = response[-1]  # Should only be one but ...
        res = {}

        try:
            _jwks_uri = response['jwks_uri']
        except KeyError:
            try:
                kb = KeyBundle(response['jwks'])
            except KeyBundle:
                self._message = "Neither jwks_uri or jwks defined"
                self._status = ERROR
            except UnknownKeyType as err:
                self._message = '{}'.format(err)
                self._status = ERROR
        else:
            kb = KeyBundle(source=_jwks_uri, verify_ssl=False)
            try:
                kb.update()
            except UpdateFailed as err:
                self._message = '{}'.format(err)
                self._status = ERROR

        return res
示例#2
0
    def __call__(self):
        kb = KeyBundle(source=self.conv.entity.provider_info["jwks_uri"])
        kb.verify_ssl = False
        kb.update()

        try:
            self.conv.keybundle.append(kb)
        except AttributeError:
            self.conv.keybundle = [kb]
示例#3
0
文件: operation.py 项目: rohe/otest
    def __call__(self):
        kb = KeyBundle(source=self.conv.entity.provider_info["jwks_uri"])
        kb.verify_ssl = False
        kb.update()

        try:
            self.conv.keybundle.append(kb)
        except AttributeError:
            self.conv.keybundle = [kb]
示例#4
0
    def __call__(self, conv, **kwargs):
        pi = conv.client.provider_info
        kb = KeyBundle(source=pi["jwks_uri"])
        kb.verify_ssl = False
        kb.update()

        try:
            conv.keybundle.append(kb)
        except AttributeError:
            conv.keybundle = [kb]
示例#5
0
文件: testclass.py 项目: rohe/oictest
    def __call__(self, conv, **kwargs):
        pi = conv.client.provider_info
        kb = KeyBundle(source=pi["jwks_uri"])
        kb.verify_ssl = False
        kb.update()

        try:
            conv.keybundle.append(kb)
        except AttributeError:
            conv.keybundle = [kb]
示例#6
0
def test_chain_1():
    kc = KeyBundle([{"kty": "oct", "key": "supersecret", "use": "sig"}])
    assert len(kc.get("oct")) == 1
    assert len(kc.get("rsa")) == 0
    assert kc.remote is False
    assert kc.source is None

    kc.update()  # Nothing should happen
    assert len(kc.get("oct")) == 1
    assert len(kc.get("rsa")) == 0
    assert kc.remote is False
    assert kc.source is None
示例#7
0
    def test_update(self):
        kc = KeyBundle([{"kty": "oct", "key": "supersecret", "use": "sig"}])
        assert len(kc.get("oct")) == 1
        assert len(kc.get("rsa")) == 0
        assert kc.remote is False
        assert kc.source is None

        kc.update()  # Nothing should happen
        assert len(kc.get("oct")) == 1
        assert len(kc.get("rsa")) == 0
        assert kc.remote is False
        assert kc.source is None
示例#8
0
def test_chain_1():
    kc = KeyBundle({"hmac": "supersecret"}, usage="sig")
    assert len(kc.get("hmac")) == 1
    assert len(kc.get("rsa")) == 0
    assert kc.usage == ["sig"]
    assert kc.remote == False
    assert kc.source is None

    kc.update() # Nothing should happen
    assert len(kc.get("hmac")) == 1
    assert len(kc.get("rsa")) == 0
    assert kc.usage == ["sig"]
    assert kc.remote == False
    assert kc.source is None
示例#9
0
def test_chain_3():
    kc = KeyBundle(source="file://../oc3/certs/server.crt", type="rsa",
                  src_type="x509", usage=["sig", "enc"])
    assert kc.usage == ["sig", "enc"]
    assert kc.remote == False
    assert kc.source == "../oc3/certs/server.crt"
    assert len(kc.get("hmac")) == 0
    assert len(kc.get("rsa")) == 1

    key = kc.get("rsa")[0]
    assert isinstance(key, M2Crypto.RSA.RSA)

    kc.update()
    assert kc.usage == ["sig", "enc"]
    assert kc.remote == False
    assert kc.source == "../oc3/certs/server.crt"
    assert len(kc.get("hmac")) == 0
    assert len(kc.get("rsa")) == 1

    key = kc.get("rsa")[0]
    assert isinstance(key, M2Crypto.RSA.RSA)
示例#10
0
def test_chain_2():
    kc = KeyBundle(source="file://../oc3/certs/mycert.key", type="rsa",
                  usage=["ver", "sig"])
    assert kc.usage == ["ver", "sig"]
    assert kc.remote == False
    assert kc.source == "../oc3/certs/mycert.key"
    assert len(kc.get("hmac")) == 0
    assert len(kc.get("rsa")) == 1

    key = kc.get("rsa")[0]
    assert isinstance(key, M2Crypto.RSA.RSA)

    kc.update()
    assert kc.usage == ["ver", "sig"]
    assert kc.remote == False
    assert kc.source == "../oc3/certs/mycert.key"
    assert len(kc.get("hmac")) == 0
    assert len(kc.get("rsa")) == 1

    key = kc.get("rsa")[0]
    assert isinstance(key, M2Crypto.RSA.RSA)
示例#11
0
from oic.utils.keyio import KeyBundle, key_eq

__author__ = 'rolandh'

jwk_url = ["https://connect.openid4.us/connect4us.jwk", # edmund
       "https://connect-op.heroku.com/jwk.json"]    # nov

x509_url = ["https://connect-op.heroku.com/cert.pem"]

kc0 = KeyBundle(source=jwk_url[1], src_type="jwk", type="rsa", usage=["sig", "enc"])

kc1 = KeyBundle(source=x509_url[0], src_type="x509", type="rsa", usage=["sig", "enc"])

kc0.update()

print kc0

kc1.update()

print kc1

print key_eq(kc0.get("rsa")[0], kc1.get("rsa")[0])