def add_third_party_caveat(self,
macaroon,
location,
key,
key_id,
**kwargs):
derived_key = truncate_or_pad(
generate_derived_key(convert_to_bytes(key))
)
old_key = truncate_or_pad(binascii.unhexlify(macaroon.signature_bytes))
box = SecretBox(key=old_key)
verification_key_id = box.encrypt(
derived_key, nonce=kwargs.get('nonce')
)
caveat = Caveat(
caveat_id=key_id,
location=location,
verification_key_id=verification_key_id
)
macaroon.caveats.append(caveat)
encode_key = binascii.unhexlify(macaroon.signature_bytes)
macaroon.signature = sign_third_party_caveat(
encode_key,
caveat._verification_key_id,
caveat._caveat_id
)
return macaroon
def update_signature(self, signature, caveat):
return binascii.unhexlify(
sign_third_party_caveat(
signature,
caveat._verification_key_id,
caveat._caveat_id
)
)
def add_third_party_caveat(self, macaroon, location, key, key_id,
**kwargs):
derived_key = truncate_or_pad(
generate_derived_key(convert_to_bytes(key)))
old_key = truncate_or_pad(binascii.unhexlify(macaroon.signature_bytes))
box = SecretBox(key=old_key)
verification_key_id = box.encrypt(derived_key,
nonce=kwargs.get('nonce'))
caveat = Caveat(caveat_id=key_id,
location=location,
verification_key_id=verification_key_id)
macaroon.caveats.append(caveat)
encode_key = binascii.unhexlify(macaroon.signature_bytes)
macaroon.signature = sign_third_party_caveat(
encode_key, caveat._verification_key_id, caveat._caveat_id)
return macaroon
def update_signature(self, signature, caveat):
return binascii.unhexlify(
sign_third_party_caveat(signature, caveat._verification_key_id,
caveat._caveat_id))
