本文整理汇总了Python中jwkest.jwk.RSAKey方法的典型用法代码示例。如果您正苦于以下问题:Python jwk.RSAKey方法的具体用法?Python jwk.RSAKey怎么用?Python jwk.RSAKey使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类jwkest.jwk
的用法示例。
在下文中一共展示了jwk.RSAKey方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: setup
# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import RSAKey [as 别名]
def setup(self):
httpretty.enable()
self.key = RSAKey(kid='testkey').load(os.path.join(FIXTURE_ROOT, 'testkey.pem'))
def jwks(_request, _uri, headers): # noqa: E306
ks = KEYS()
ks.add(self.key.serialize())
return 200, headers, ks.dump_jwks()
httpretty.register_uri(
httpretty.GET, oidc_rp_settings.PROVIDER_JWKS_ENDPOINT, status=200, body=jwks)
httpretty.register_uri(
httpretty.POST, oidc_rp_settings.PROVIDER_TOKEN_ENDPOINT,
body=json.dumps({
'id_token': self.generate_jws(), 'access_token': 'accesstoken',
'refresh_token': 'refreshtoken', }),
content_type='text/json')
httpretty.register_uri(
httpretty.GET, oidc_rp_settings.PROVIDER_USERINFO_ENDPOINT,
body=json.dumps({'sub': '1234', 'email': 'test@example.com', }),
content_type='text/json')
yield
httpretty.disable()
示例2: __init__
# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import RSAKey [as 别名]
def __init__(self, key_pem, kid=None):
"""
Import Key when instancing class if a key is present.
"""
self.key = None
if key_pem:
# Import JWK from RSA key
try:
self.key = RSAKey(
# Using the same key ID as client id
# This way we can easily serve multiple public
# keys on teh same endpoint and keep all
# LTI 1.3 blocks working
kid=kid,
key=RSA.import_key(key_pem)
)
except ValueError:
raise exceptions.InvalidRsaKey()
示例3: setUp
# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import RSAKey [as 别名]
def setUp(self):
super(TestLti1p3AccessTokenEndpoint, self).setUp()
self.rsa_key_id = "1"
# Generate RSA and save exports
rsa_key = RSA.generate(2048)
self.key = RSAKey(
key=rsa_key,
kid=self.rsa_key_id
)
self.public_key = rsa_key.publickey().export_key()
self.xblock_attributes = {
'lti_version': 'lti_1p3',
'lti_1p3_launch_url': 'http://tool.example/launch',
'lti_1p3_oidc_url': 'http://tool.example/oidc',
# We need to set the values below because they are not automatically
# generated until the user selects `lti_version == 'lti_1p3'` on the
# Studio configuration view.
'lti_1p3_client_id': self.rsa_key_id,
'lti_1p3_block_key': rsa_key.export_key('PEM'),
# Use same key for tool key to make testing easier
'lti_1p3_tool_public_key': self.public_key,
}
self.xblock = make_xblock('lti_consumer', LtiConsumerXBlock, self.xblock_attributes)
示例4: _extract_x509_certificates
# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import RSAKey [as 别名]
def _extract_x509_certificates(x509_certificates):
keys = []
for kid, certificate in x509_certificates.iteritems():
try:
if certificate.startswith(jwk.PREFIX):
# The certificate is PEM-encoded
der = ssl.PEM_cert_to_DER_cert(certificate)
key = jwk.der2rsa(der)
else:
key = jwk.import_rsa_key(certificate)
except Exception as exception:
raise UnauthenticatedException(u"Cannot load X.509 certificate",
exception)
rsa_key = jwk.RSAKey().load_key(key)
rsa_key.kid = kid
keys.append(rsa_key)
return keys
示例5: test_authenticate_auth_token_with_bad_signature
# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import RSAKey [as 别名]
def test_authenticate_auth_token_with_bad_signature(self):
new_rsa_key = jwk.RSAKey(use=u"sig").load_key(PublicKey.RSA.generate(2048))
kid = IntegrationTest._rsa_key.kid
new_rsa_key.kid = kid
new_jwks = jwk.KEYS()
new_jwks._keys.append(new_rsa_key)
auth_token = token_utils.generate_auth_token(IntegrationTest._JWT_CLAIMS,
new_jwks._keys, alg=u"RS256",
kid=kid)
url = get_url(IntegrationTest._JWKS_PATH)
self._provider_ids[self._ISSUER] = self._PROVIDER_ID
self._configs[IntegrationTest._ISSUER] = suppliers.IssuerUriConfig(False,
url)
message = u"Signature verification failed"
with self.assertRaisesRegexp(suppliers.UnauthenticatedException, message):
self._authenticator.authenticate(auth_token, self._auth_info,
IntegrationTest._SERVICE_NAME)
示例6: get_jwk_key_pair
# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import RSAKey [as 别名]
def get_jwk_key_pair(self):
"""
Returns the asymmetric JWT signing keys required
"""
rsa_jwk = jwk.RSAKey(kid="opencraft", key=self.rsa_key)
# Serialize public JWT signing keys
public_keys = jwk.KEYS()
public_keys.append(rsa_jwk)
serialized_public_keys_json = public_keys.dump_jwks()
# Serialize private JWT signing keys
serialized_keypair = rsa_jwk.serialize(private=True)
serialized_keypair_json = json.dumps(serialized_keypair)
# Named tuple for storing public and private JWT key pair
jwk_key_pair = namedtuple('JWK_KEY_PAIR', ['public', 'private'])
jwk_key_pair.public = serialized_public_keys_json
jwk_key_pair.private = serialized_keypair_json
return jwk_key_pair
示例7: test_existing_account_linking_with_known_known_uuid
# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import RSAKey [as 别名]
def test_existing_account_linking_with_known_known_uuid(self, account_linking_config, internal_response, context):
uuid = "uuid"
data = {
"idp": internal_response.auth_info.issuer,
"id": internal_response.subject_id,
"redirect_endpoint": self.account_linking.base_url + "/account_linking/handle_account_linking"
}
key = RSAKey(key=rsa_load(account_linking_config["sign_key"]), use="sig", alg="RS256")
jws = JWS(json.dumps(data), alg=key.alg).sign_compact([key])
responses.add(
responses.GET,
"%s/get_id?jwt=%s" % (account_linking_config["api_url"], jws),
status=200,
body=uuid,
content_type="text/html",
match_querystring=True
)
self.account_linking.process(context, internal_response)
assert internal_response.subject_id == uuid
示例8: assert_registration_req
# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import RSAKey [as 别名]
def assert_registration_req(self, request, internal_response, sign_key_path, base_url, requester_name):
split_path = request.path_url.lstrip("/").split("/")
assert len(split_path) == 2
jwks = split_path[1]
# Verify signature
sign_key = RSAKey(key=rsa_load(sign_key_path), use="sig")
jws = JWS()
jws.verify_compact(jwks, [sign_key])
consent_args = jws.msg
assert consent_args["attr"] == internal_response.attributes
assert consent_args["redirect_endpoint"] == base_url + "/consent/handle_consent"
assert consent_args["requester_name"] == requester_name
assert consent_args["locked_attrs"] == [USER_ID_ATTR]
assert "id" in consent_args
示例9: get_client_alg_keys
# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import RSAKey [as 别名]
def get_client_alg_keys(client):
"""
Takes a client and returns the set of keys associated with it.
Returns a list of keys.
"""
if client.jwt_alg == 'RS256':
keys = []
for rsakey in RSAKey.objects.all():
keys.append(jwk_RSAKey(key=importKey(rsakey.key), kid=rsakey.kid))
if not keys:
raise Exception('You must add at least one RSA Key.')
elif client.jwt_alg == 'HS256':
keys = [SYMKey(key=client.client_secret, alg=client.jwt_alg)]
else:
raise Exception('Unsupported key algorithm.')
return keys
示例10: generate_service_key
# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import RSAKey [as 别名]
def generate_service_key(
service, expiration_date, kid=None, name="", metadata=None, rotation_duration=None
):
private_key = RSA.generate(2048)
jwk = RSAKey(key=private_key.publickey()).serialize()
if kid is None:
kid = canonical_kid(jwk)
key = create_service_key(
name,
kid,
service,
jwk,
metadata or {},
expiration_date,
rotation_duration=rotation_duration,
)
return (private_key, key)
示例11: generate_key_pair
# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import RSAKey [as 别名]
def generate_key_pair(filename, kid=None):
private_key = RSA.generate(2048)
jwk = RSAKey(key=private_key.publickey()).serialize()
if kid is None:
kid = canonical_kid(jwk)
print(("Writing public key to %s.jwk" % filename))
with open("%s.jwk" % filename, mode="w") as f:
f.truncate(0)
f.write(json.dumps(jwk))
print(("Writing key ID to %s.kid" % filename))
with open("%s.kid" % filename, mode="w") as f:
f.truncate(0)
f.write(kid)
print(("Writing private key to %s.pem" % filename))
with open("%s.pem" % filename, mode="w") as f:
f.truncate(0)
f.write(private_key.exportKey())
示例12: test_jwk_dict_to_public_key
# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import RSAKey [as 别名]
def test_jwk_dict_to_public_key(private_key, private_key_pem):
public_key = private_key.publickey()
jwk = RSAKey(key=private_key.publickey()).serialize()
converted = jwk_dict_to_public_key(jwk)
# Encode with the test private key.
token = jwt.encode(_token_data("aud", "subject", "someissuer"), private_key_pem, "RS256")
# Decode with the converted key.
max_exp = exp_max_s_option(3600)
decode(
token,
converted,
algorithms=["RS256"],
audience="aud",
issuer="someissuer",
options=max_exp,
leeway=60,
)
示例13: setUp
# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import RSAKey [as 别名]
def setUp(self):
super(OpenIdConnectTestMixin, self).setUp()
test_root = os.path.dirname(os.path.dirname(__file__))
self.key = RSAKey(kid='testkey').load(os.path.join(test_root, 'testkey.pem'))
HTTPretty.register_uri(HTTPretty.GET,
self.backend.OIDC_ENDPOINT + '/.well-known/openid-configuration',
status=200,
body=self.openid_config_body
)
oidc_config = json.loads(self.openid_config_body)
def jwks(_request, _uri, headers):
ks = KEYS()
ks.add(self.key.serialize())
return 200, headers, ks.dump_jwks()
HTTPretty.register_uri(HTTPretty.GET,
oidc_config.get('jwks_uri'),
status=200,
body=jwks)
示例14: setup
# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import RSAKey [as 别名]
def setup(self):
httpretty.enable()
self.key = RSAKey(kid='testkey').load(os.path.join(FIXTURE_ROOT, 'testkey.pem'))
def jwks(_request, _uri, headers): # noqa: E306
ks = KEYS()
ks.add(self.key.serialize())
return 200, headers, ks.dump_jwks()
httpretty.register_uri(
httpretty.GET, oidc_rp_settings.PROVIDER_JWKS_ENDPOINT, status=200, body=jwks)
yield
httpretty.disable()
示例15: setUp
# 需要导入模块: from jwkest import jwk [as 别名]
# 或者: from jwkest.jwk import RSAKey [as 别名]
def setUp(self):
super(TestToolKeyHandler, self).setUp()
self.rsa_key_id = "1"
# Generate RSA and save exports
rsa_key = RSA.generate(2048)
self.key = RSAKey(
key=rsa_key,
kid=self.rsa_key_id
)
self.public_key = rsa_key.publickey().export_key()
# Key handler
self.key_handler = None