当前位置: 首页>>代码示例>>Python>>正文


Python jwk.KEYS属性代码示例

本文整理汇总了Python中jwkest.jwk.KEYS属性的典型用法代码示例。如果您正苦于以下问题:Python jwk.KEYS属性的具体用法?Python jwk.KEYS怎么用?Python jwk.KEYS使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在jwkest.jwk的用法示例。


在下文中一共展示了jwk.KEYS属性的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: setup

# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import KEYS [as 别名]
def setup(self):
        httpretty.enable()

        self.key = RSAKey(kid='testkey').load(os.path.join(FIXTURE_ROOT, 'testkey.pem'))
        def jwks(_request, _uri, headers):  # noqa: E306
            ks = KEYS()
            ks.add(self.key.serialize())
            return 200, headers, ks.dump_jwks()
        httpretty.register_uri(
            httpretty.GET, oidc_rp_settings.PROVIDER_JWKS_ENDPOINT, status=200, body=jwks)
        httpretty.register_uri(
            httpretty.POST, oidc_rp_settings.PROVIDER_TOKEN_ENDPOINT,
            body=json.dumps({
                'id_token': self.generate_jws(), 'access_token': 'accesstoken',
                'refresh_token': 'refreshtoken', }),
            content_type='text/json')
        httpretty.register_uri(
            httpretty.GET, oidc_rp_settings.PROVIDER_USERINFO_ENDPOINT,
            body=json.dumps({'sub': '1234', 'email': 'test@example.com', }),
            content_type='text/json')

        yield

        httpretty.disable() 
开发者ID:impak-finance,项目名称:django-oidc-rp,代码行数:26,代码来源:test_backends.py

示例2: test_authenticate_auth_token_with_bad_signature

# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import KEYS [as 别名]
def test_authenticate_auth_token_with_bad_signature(self):
        new_rsa_key = jwk.RSAKey(use=u"sig").load_key(PublicKey.RSA.generate(2048))
        kid = IntegrationTest._rsa_key.kid
        new_rsa_key.kid = kid
        new_jwks = jwk.KEYS()
        new_jwks._keys.append(new_rsa_key)
        auth_token = token_utils.generate_auth_token(IntegrationTest._JWT_CLAIMS,
                                                     new_jwks._keys, alg=u"RS256",
                                                     kid=kid)
        url = get_url(IntegrationTest._JWKS_PATH)
        self._provider_ids[self._ISSUER] = self._PROVIDER_ID
        self._configs[IntegrationTest._ISSUER] = suppliers.IssuerUriConfig(False,
                                                                           url)
        message = u"Signature verification failed"
        with self.assertRaisesRegexp(suppliers.UnauthenticatedException, message):
            self._authenticator.authenticate(auth_token, self._auth_info,
                                             IntegrationTest._SERVICE_NAME) 
开发者ID:cloudendpoints,项目名称:endpoints-management-python,代码行数:19,代码来源:test_auth.py

示例3: test_get_jwt_claims_via_caching

# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import KEYS [as 别名]
def test_get_jwt_claims_via_caching(self):
        AuthenticatorTest._mock_timer.return_value = 10

        auth_token = token_utils.generate_auth_token(self._jwt_claims,
                                                     self._jwks._keys)
        # Populate the decoded result into cache.
        self._authenticator.get_jwt_claims(auth_token)

        # Reset the returned JWKS so the signature verification will fail next
        # time.
        self._jwks_supplier.supply.return_value = jwk.KEYS()

        # Forword time by 10 seconds.
        AuthenticatorTest._mock_timer.return_value += 10
        # This call should succeed since the auth_token is cached.
        self._authenticator.get_jwt_claims(auth_token)

        # Forword time by 5 minutes.
        AuthenticatorTest._mock_timer.return_value += 5 * 60
        # This call should fail since the cache expires and it needs to re-decode
        # the auth token with a different key set.
        with self.assertRaises(suppliers.UnauthenticatedException):
            self._authenticator.get_jwt_claims(auth_token) 
开发者ID:cloudendpoints,项目名称:endpoints-management-python,代码行数:25,代码来源:test_tokens.py

示例4: test_supply_jwks

# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import KEYS [as 别名]
def test_supply_jwks(self):
        rsa_key = PublicKey.RSA.generate(2048)
        jwks = jwk.KEYS()
        jwks.wrap_add(rsa_key)

        scheme = u"https"
        issuer = u"issuer.com"
        self._key_uri_supplier.supply.return_value = scheme + u"://" + issuer

        @httmock.urlmatch(scheme=scheme, netloc=issuer)
        def _mock_response_with_jwks(url, response):  # pylint: disable=unused-argument
            return jwks.dump_jwks()

        with httmock.HTTMock(_mock_response_with_jwks):
            actual_jwks = self._jwks_uri_supplier.supply(issuer)
            self.assertEquals(1, len(actual_jwks))
            actual_key = actual_jwks[0].key
            self.assertEquals(rsa_key.n, actual_key.n)
            self.assertEquals(rsa_key.e, actual_key.e) 
开发者ID:cloudendpoints,项目名称:endpoints-management-python,代码行数:21,代码来源:test_suppliers.py

示例5: get_jwk_key_pair

# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import KEYS [as 别名]
def get_jwk_key_pair(self):
        """
        Returns the asymmetric JWT signing keys required
        """
        rsa_jwk = jwk.RSAKey(kid="opencraft", key=self.rsa_key)

        # Serialize public JWT signing keys
        public_keys = jwk.KEYS()
        public_keys.append(rsa_jwk)
        serialized_public_keys_json = public_keys.dump_jwks()

        # Serialize private JWT signing keys
        serialized_keypair = rsa_jwk.serialize(private=True)
        serialized_keypair_json = json.dumps(serialized_keypair)

        # Named tuple for storing public and private JWT key pair
        jwk_key_pair = namedtuple('JWK_KEY_PAIR', ['public', 'private'])
        jwk_key_pair.public = serialized_public_keys_json
        jwk_key_pair.private = serialized_keypair_json

        return jwk_key_pair 
开发者ID:open-craft,项目名称:opencraft,代码行数:23,代码来源:secret_keys.py

示例6: setUp

# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import KEYS [as 别名]
def setUp(self):
        super(OpenIdConnectTestMixin, self).setUp()
        test_root = os.path.dirname(os.path.dirname(__file__))
        self.key = RSAKey(kid='testkey').load(os.path.join(test_root, 'testkey.pem'))
        HTTPretty.register_uri(HTTPretty.GET,
                               self.backend.OIDC_ENDPOINT + '/.well-known/openid-configuration',
                               status=200,
                               body=self.openid_config_body
                               )
        oidc_config = json.loads(self.openid_config_body)

        def jwks(_request, _uri, headers):
            ks = KEYS()
            ks.add(self.key.serialize())
            return 200, headers, ks.dump_jwks()

        HTTPretty.register_uri(HTTPretty.GET,
                               oidc_config.get('jwks_uri'),
                               status=200,
                               body=jwks) 
开发者ID:BeanWei,项目名称:Dailyfresh-B2C,代码行数:22,代码来源:open_id_connect.py

示例7: setup

# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import KEYS [as 别名]
def setup(self):
        httpretty.enable()

        self.key = RSAKey(kid='testkey').load(os.path.join(FIXTURE_ROOT, 'testkey.pem'))
        def jwks(_request, _uri, headers):  # noqa: E306
            ks = KEYS()
            ks.add(self.key.serialize())
            return 200, headers, ks.dump_jwks()
        httpretty.register_uri(
            httpretty.GET, oidc_rp_settings.PROVIDER_JWKS_ENDPOINT, status=200, body=jwks)

        yield

        httpretty.disable() 
开发者ID:impak-finance,项目名称:django-oidc-rp,代码行数:16,代码来源:test_utils.py

示例8: _get_jwks_keys

# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import KEYS [as 别名]
def _get_jwks_keys(shared_key):
    """ Returns JWKS keys used to decrypt id_token values. """
    # The OpenID Connect Provider (OP) uses RSA keys to sign/enrypt ID tokens and generate public
    # keys allowing to decrypt them. These public keys are exposed through the 'jwks_uri' and should
    # be used to decrypt the JWS - JSON Web Signature.
    jwks_keys = KEYS()
    jwks_keys.load_from_url(oidc_rp_settings.PROVIDER_JWKS_ENDPOINT)
    # Adds the shared key (which can correspond to the client_secret) as an oct key so it can be
    # used for HMAC signatures.
    jwks_keys.add({'key': smart_bytes(shared_key), 'kty': 'oct'})
    return jwks_keys 
开发者ID:impak-finance,项目名称:django-oidc-rp,代码行数:13,代码来源:utils.py

示例9: get_public_jwk

# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import KEYS [as 别名]
def get_public_jwk(self):
        """
        Export Public JWK
        """
        public_keys = jwk.KEYS()

        # Only append to keyset if a key exists
        if self.key:
            public_keys.append(self.key)

        return json.loads(public_keys.dump_jwks()) 
开发者ID:edx,项目名称:xblock-lti-consumer,代码行数:13,代码来源:key_handlers.py

示例10: setUp

# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import KEYS [as 别名]
def setUp(self):
        ec_jwk = jwk.ECKey(use=u"sig").load_key(ecc.P256)
        ec_jwk.kid = self._ec_kid

        rsa_key = jwk.RSAKey(use=u"sig").load_key(PublicKey.RSA.generate(1024))
        rsa_key.kid = self._rsa_kid

        jwks = jwk.KEYS()
        jwks._keys.append(ec_jwk)
        jwks._keys.append(rsa_key)

        self._issuers_to_provider_ids = {}
        self._jwks_supplier = mock.MagicMock()
        self._authenticator = tokens.Authenticator(self._issuers_to_provider_ids,
                                                   self._jwks_supplier)
        self._jwks = jwks
        self._jwks_supplier.supply.return_value = self._jwks

        self._method_info = mock.MagicMock()
        self._service_name = u"service.name.com"

        self._jwt_claims = {
            u"aud": [u"first.com", u"second.com"],
            u"email": u"someone@email.com",
            u"exp": int(time.time()) + 10,
            u"iss": u"https://issuer.com",
            u"sub": u"subject-id"} 
开发者ID:cloudendpoints,项目名称:endpoints-management-python,代码行数:29,代码来源:test_tokens.py

示例11: test_auth_token_cache_capacity

# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import KEYS [as 别名]
def test_auth_token_cache_capacity(self):
        authenticator = tokens.Authenticator({}, self._jwks_supplier, cache_capacity=2)

        self._jwt_claims[u"email"] = u"1@email.com"
        auth_token1 = token_utils.generate_auth_token(self._jwt_claims,
                                                      self._jwks._keys)
        self._jwt_claims[u"email"] = u"2@email.com"
        auth_token2 = token_utils.generate_auth_token(self._jwt_claims,
                                                      self._jwks._keys)

        # Populate the decoded result into cache.
        authenticator.get_jwt_claims(auth_token1)
        authenticator.get_jwt_claims(auth_token2)

        # Reset the returned JWKS so the signature verification will fail next
        # time.
        new_ec_jwk = jwk.ECKey(use=u"sig").load_key(ecc.P256)
        new_ec_jwk.kid = self._ec_kid
        new_jwks = jwk.KEYS()
        new_jwks._keys.append(new_ec_jwk)
        self._jwks_supplier.supply.return_value = new_jwks

        # Verify the following calls still succeed since the auth tokens are
        # cached.
        authenticator.get_jwt_claims(auth_token1)
        authenticator.get_jwt_claims(auth_token2)

        # Populate a third auth token into the cache.
        self._jwt_claims[u"email"] = u"3@email.com"
        auth_token3 = token_utils.generate_auth_token(self._jwt_claims,
                                                      new_jwks._keys)
        authenticator.get_jwt_claims(auth_token3)

        # Make sure the first auth token is evicted from the cache since the cache
        # is full.
        with self.assertRaises(suppliers.UnauthenticatedException):
            authenticator.get_jwt_claims(auth_token1) 
开发者ID:cloudendpoints,项目名称:endpoints-management-python,代码行数:39,代码来源:test_tokens.py

示例12: test_supply_cached_jwks

# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import KEYS [as 别名]
def test_supply_cached_jwks(self):
        JwksSupplierTest._mock_timer.return_value = 10
        rsa_key = PublicKey.RSA.generate(2048)
        jwks = jwk.KEYS()
        jwks.wrap_add(rsa_key)

        scheme = u"https"
        issuer = u"issuer.com"
        self._key_uri_supplier.supply.return_value = scheme + u"://" + issuer

        @httmock.urlmatch(scheme=scheme, netloc=issuer)
        def _mock_response_with_jwks(url, response):  # pylint: disable=unused-argument
            return jwks.dump_jwks()

        with httmock.HTTMock(_mock_response_with_jwks):
            self.assertEqual(1, len(self._jwks_uri_supplier.supply(issuer)))

            # Add an additional key to the JWKS to be returned by the HTTP request.
            jwks.wrap_add(PublicKey.RSA.generate(2048))

            # Forward the clock by 1 second. The JWKS should remain cached.
            JwksSupplierTest._mock_timer.return_value += 1
            self._jwks_uri_supplier.supply(issuer)
            self.assertEqual(1, len(self._jwks_uri_supplier.supply(issuer)))

            # Forward the clock by 5 minutes. The cache entry should have expired so
            # the returned JWKS should be the updated one with two keys.
            JwksSupplierTest._mock_timer.return_value += 5 * 60
            self._jwks_uri_supplier.supply(issuer)
            self.assertEqual(2, len(self._jwks_uri_supplier.supply(issuer))) 
开发者ID:cloudendpoints,项目名称:endpoints-management-python,代码行数:32,代码来源:test_suppliers.py

示例13: _get_keys

# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import KEYS [as 别名]
def _get_keys(self):
        """
        Get public key from discovery.
        """
        request = self.factory.get(reverse('oidc_provider:jwks'))
        response = JwksView.as_view()(request)
        jwks_dic = json.loads(response.content.decode('utf-8'))
        SIGKEYS = KEYS()
        SIGKEYS.load_dict(jwks_dic)
        return SIGKEYS 
开发者ID:juanifioren,项目名称:django-oidc-provider,代码行数:12,代码来源:test_token_endpoint.py

示例14: __missing__

# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import KEYS [as 别名]
def __missing__(self, kid):
        """
        Loads the public key for this handler from the OIDC service.

        Raises PublicKeyLoadException on failure.
        """
        keys_url = self._login_service._oidc_config()["jwks_uri"]

        # Load the keys.
        try:
            keys = KEYS()
            keys.load_from_url(
                keys_url, verify=not self._login_service.config.get("DEBUGGING", False)
            )
        except Exception as ex:
            logger.exception("Exception loading public key")
            raise PublicKeyLoadException(str(ex))

        # Find the matching key.
        keys_found = keys.by_kid(kid)
        if len(keys_found) == 0:
            raise PublicKeyLoadException("Public key %s not found" % kid)

        rsa_keys = [key for key in keys_found if key.kty == "RSA"]
        if len(rsa_keys) == 0:
            raise PublicKeyLoadException("No RSA form of public key %s not found" % kid)

        matching_key = rsa_keys[0]
        matching_key.deserialize()

        # Reload the key so that we can give a key *instance* to PyJWT to work around its weird parsing
        # issues.
        final_key = load_der_public_key(
            matching_key.key.exportKey("DER"), backend=default_backend()
        )
        self[kid] = final_key
        return final_key 
开发者ID:quay,项目名称:quay,代码行数:39,代码来源:oidc.py

示例15: jwks

# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import KEYS [as 别名]
def jwks(self):
        keys = KEYS()
        keys.load_jwks(self.jwks_data())
        return keys 
开发者ID:ByteInternet,项目名称:drf-oidc-auth,代码行数:6,代码来源:authentication.py


注:本文中的jwkest.jwk.KEYS属性示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。