本文整理汇总了Python中oauth2client.crypt.AppIdentityError方法的典型用法代码示例。如果您正苦于以下问题:Python crypt.AppIdentityError方法的具体用法?Python crypt.AppIdentityError怎么用?Python crypt.AppIdentityError使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类oauth2client.crypt的用法示例。
在下文中一共展示了crypt.AppIdentityError方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: VerifyGitkitToken
# 需要导入模块: from oauth2client import crypt [as 别名]
# 或者: from oauth2client.crypt import AppIdentityError [as 别名]
def VerifyGitkitToken(self, jwt):
"""Verifies a Gitkit token string.
Args:
jwt: string, the token to be checked
Returns:
GitkitUser, if the token is valid. None otherwise.
"""
certs = self.rpc_helper.GetPublicCert()
crypt.MAX_TOKEN_LIFETIME_SECS = 30 * 86400 # 30 days
parsed = None
for aud in filter(lambda x: x is not None, [self.project_id, self.client_id]):
try:
parsed = crypt.verify_signed_jwt_with_certs(jwt, certs, aud)
except crypt.AppIdentityError as e:
if "Wrong recipient" not in e.message:
return None
if parsed:
return GitkitUser.FromToken(parsed)
return None # Gitkit token audience doesn't match projectId or clientId in server configuration 示例2: test_failure
# 需要导入模块: from oauth2client import crypt [as 别名]
# 或者: from oauth2client.crypt import AppIdentityError [as 别名]
def test_failure(self):
cert_value = 'cert-value'
certs = [cert_value]
message = object()
signature = object()
verifier = mock.Mock()
verifier.verify = mock.Mock(name='verify', return_value=False)
with mock.patch('oauth2client.crypt.Verifier') as Verifier:
Verifier.from_string = mock.Mock(name='from_string',
return_value=verifier)
with self.assertRaises(crypt.AppIdentityError):
crypt._verify_signature(message, signature, certs)
# Make sure our mocks were called as expected.
Verifier.from_string.assert_called_once_with(cert_value,
is_x509_cert=True)
verifier.verify.assert_called_once_with(message, signature) 示例3: verify_id_token
# 需要导入模块: from oauth2client import crypt [as 别名]
# 或者: from oauth2client.crypt import AppIdentityError [as 别名]
def verify_id_token(id_token, audience, http=None,
cert_uri=client.ID_TOKEN_VERIFICATON_CERTS):
"""Verifies a signed JWT id_token.
This function requires PyOpenSSL and because of that it does not work on
App Engine.
Args:
id_token: string, A Signed JWT.
audience: string, The audience 'aud' that the token should be for.
http: httplib2.Http, instance to use to make the HTTP request. Callers
should supply an instance that has caching enabled.
cert_uri: string, URI of the certificates in JSON format to
verify the JWT against.
Returns:
The deserialized JSON in the JWT.
Raises:
oauth2client.crypt.AppIdentityError if the JWT fails to verify.
"""
if http is None:
http = _cached_http
resp, content = http.request(cert_uri)
if resp.status == 200:
certs = json.loads(content)
return crypt.verify_signed_jwt_with_certs(id_token, certs, audience)
else:
raise client.VerifyJwtTokenError('Status code: %d' % resp.status) 示例4: _user_from_token
# 需要导入模块: from oauth2client import crypt [as 别名]
# 或者: from oauth2client.crypt import AppIdentityError [as 别名]
def _user_from_token(token, audience):
""" Returns User object or None if token is not valid or None. """
if token is None:
return None
try:
verified_token = verify_id_token(token, audience)
return User(email=verified_token['email'],
_user_id=verified_token['sub'])
except (crypt.AppIdentityError, KeyError):
return None 示例5: _check_token
# 需要导入模块: from oauth2client import crypt [as 别名]
# 或者: from oauth2client.crypt import AppIdentityError [as 别名]
def _check_token(self, bot_token: Text) -> None:
# see https://developers.google.com/hangouts/chat/how-tos/bots-develop#verifying_bot_authenticity
try:
token = client.verify_id_token(
bot_token, self.project_id, cert_uri=CERT_URI,
)
if token["iss"] != "chat@system.gserviceaccount.com":
abort(401)
except AppIdentityError:
abort(401) 示例6: login
# 需要导入模块: from oauth2client import crypt [as 别名]
# 或者: from oauth2client.crypt import AppIdentityError [as 别名]
def login():
if request.method == 'GET':
if 'user' in session:
if 'uid' not in session:
session['uid'] = User.query_one(User.u_email == session['user']).u_id
return redirect('/')
return render_template('auth/login.html')
if request.method == 'POST':
data = request.form
if 'idtoken' in data:
try:
token = data['idtoken']
idinfo = client.verify_id_token(token, basic.G_CLIENT_ID)
if idinfo['iss'] not in ['accounts.google.com', 'https://accounts.google.com']:
raise crypt.AppIdentityError("Wrong issuer")
msg = 'accepted'
except Exception as e:
basic.log('User[%s] login with google+ failed <error %s>' % (data['idtoken'], e.args))
msg = ''
finally:
if msg:
user = User.query_one(User.u_gmail == idinfo['email'])
if user:
session['user'] = user.u_email
session['uid'] = user.u_id
return jsonify({'msg': msg})
else:
user = User.query_one(User.u_email == data['email'])
if user and user.check_hash_password(data['password']):
session['user'] = user.u_email
session['uid'] = user.u_id
return redirect('/')
flash('Incorrect email or password.', category='error')
return redirect(url_for('auth.login')) 示例7: verify_google_plus
# 需要导入模块: from oauth2client import crypt [as 别名]
# 或者: from oauth2client.crypt import AppIdentityError [as 别名]
def verify_google_plus(token):
try:
token = token
idinfo = client.verify_id_token(token, G_CLIENT_ID)
if idinfo['iss'] not in ['accounts.google.com', 'https://accounts.google.com']:
raise crypt.AppIdentityError("Wrong issuer")
return idinfo
except Exception as e:
log('User[%s] login with google+ failed <error: %s>' % (token, e.args))
return None
# Tencent COS Server 示例8: _check_jwt_failure
# 需要导入模块: from oauth2client import crypt [as 别名]
# 或者: from oauth2client.crypt import AppIdentityError [as 别名]
def _check_jwt_failure(self, jwt, expected_error):
public_key = datafile('public_cert.pem')
certs = {'foo': public_key}
audience = ('https://www.googleapis.com/auth/id?client_id='
'external_public_key@testing.gserviceaccount.com')
with self.assertRaises(crypt.AppIdentityError) as exc_manager:
crypt.verify_signed_jwt_with_certs(jwt, certs, audience)
self.assertTrue(expected_error in str(exc_manager.exception)) 示例9: test_missing_aud
# 需要导入模块: from oauth2client import crypt [as 别名]
# 或者: from oauth2client.crypt import AppIdentityError [as 别名]
def test_missing_aud(self):
audience = 'audience'
payload_dict = {}
with self.assertRaises(crypt.AppIdentityError):
crypt._check_audience(payload_dict, audience) 示例10: test_wrong_aud
# 需要导入模块: from oauth2client import crypt [as 别名]
# 或者: from oauth2client.crypt import AppIdentityError [as 别名]
def test_wrong_aud(self):
audience1 = 'audience1'
audience2 = 'audience2'
self.assertNotEqual(audience1, audience2)
payload_dict = {'aud': audience1}
with self.assertRaises(crypt.AppIdentityError):
crypt._check_audience(payload_dict, audience2) 示例11: _exception_helper
# 需要导入模块: from oauth2client import crypt [as 别名]
# 或者: from oauth2client.crypt import AppIdentityError [as 别名]
def _exception_helper(self, payload_dict):
exception_caught = None
try:
crypt._verify_time_range(payload_dict)
except crypt.AppIdentityError as exc:
exception_caught = exc
return exception_caught 示例12: test_jwt_payload_bad_json
# 需要导入模块: from oauth2client import crypt [as 别名]
# 或者: from oauth2client.crypt import AppIdentityError [as 别名]
def test_jwt_payload_bad_json(self):
header = signature = b''
payload = base64.b64encode(b'{BADJSON')
jwt = b'.'.join([header, payload, signature])
exception_caught = None
try:
crypt.verify_signed_jwt_with_certs(jwt, None)
except crypt.AppIdentityError as exc:
exception_caught = exc
self.assertNotEqual(exception_caught, None)
self.assertTrue(str(exception_caught).startswith(
'Can\'t parse token'))