本文整理匯總了Python中oic.utils.jwt.JWT.unpack方法的典型用法代碼示例。如果您正苦於以下問題:Python JWT.unpack方法的具體用法?Python JWT.unpack怎麽用?Python JWT.unpack使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類oic.utils.jwt.JWT的用法示例。
在下文中一共展示了JWT.unpack方法的7個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: test_jwt_pack_and_unpack
# 需要導入模塊: from oic.utils.jwt import JWT [as 別名]
# 或者: from oic.utils.jwt.JWT import unpack [as 別名]
def test_jwt_pack_and_unpack():
srv = JWT(keyjar, iss=issuer)
_jwt = srv.pack(sub='sub')
info = srv.unpack(_jwt)
assert _eq(info.keys(), ['jti', 'iat', 'exp', 'iss', 'sub'])示例2: test_jwt_pack_and_unpack
# 需要導入模塊: from oic.utils.jwt import JWT [as 別名]
# 或者: from oic.utils.jwt.JWT import unpack [as 別名]
def test_jwt_pack_and_unpack():
srv = JWT(keyjar, iss=issuer)
_jwt = srv.pack(sub="sub")
info = srv.unpack(_jwt)
assert _eq(info.keys(), ["jti", "iat", "exp", "iss", "sub", "kid"])示例3: token_introspection
# 需要導入模塊: from oic.utils.jwt import JWT [as 別名]
# 或者: from oic.utils.jwt.JWT import unpack [as 別名]
def token_introspection(self, token):
jwt_constructor = JWT(self.keyjar, iss=self.me)
res = jwt_constructor.unpack(token)
tir = TokenIntrospectionResponse(active=True)
tir['key'] = json.dumps(self.thumbprint2key[res['cnf']['kid']])
return tir示例4: test_unpack_verify_key
# 需要導入模塊: from oic.utils.jwt import JWT [as 別名]
# 或者: from oic.utils.jwt.JWT import unpack [as 別名]
def test_unpack_verify_key(self):
srv = JWT(keyjar, iss=issuer)
_jwt = srv.pack(sub="sub")
# Remove the signing key from keyjar
keyjar.remove_key("", "RSA", "")
# And add it back as verify
kb = keybundle_from_local_file(os.path.join(BASE_PATH, "cert.key"), "RSA", ["ver"])
# keybundle_from_local_file doesn'assign kid, so assign manually
kb._keys[0].kid = kidd["sig"]["RSA"]
keyjar.add_kb("", kb)
info = srv.unpack(_jwt)
assert info["sub"] == "sub"示例5: test_rpt
# 需要導入模塊: from oic.utils.jwt import JWT [as 別名]
# 或者: from oic.utils.jwt.JWT import unpack [as 別名]
def test_rpt():
kb = KeyBundle(JWKS["keys"])
kj = KeyJar()
kj.issuer_keys[''] = [kb]
token_factory = JWT(kj, lifetime=3600, iss=issuer)
client_id = 'https://example.com/client'
ressrv_id = 'https://rs.example.org/'
rpt = token_factory.pack(kid='sign1', aud=[client_id, ressrv_id],
azp=ressrv_id, type='rpt')
_rj = jws.factory(rpt)
jti = json.loads(_rj.jwt.part[1].decode('utf8'))['jti']
info = token_factory.unpack(rpt)
assert set(info.keys()), {'aud', 'azp', 'ext', 'iat', 'iss', 'jti', 'kid',
'type'}示例6: unpack_software_statement
# 需要導入模塊: from oic.utils.jwt import JWT [as 別名]
# 或者: from oic.utils.jwt.JWT import unpack [as 別名]
def unpack_software_statement(software_statement, iss, keyjar):
_jwt = JWT(keyjar, iss=iss, msgtype=SoftwareStatement)
return _jwt.unpack(software_statement)示例7: ADB
# 需要導入模塊: from oic.utils.jwt import JWT [as 別名]
# 或者: from oic.utils.jwt.JWT import unpack [as 別名]
class ADB(object):
""" Expects to be one ADB instance per Resource Server """
def __init__(self, keyjar, rpt_lifetime, iss, ressrv_id, rsr_path,
ticket_lifetime=3600):
# database with all permission requests
self.permission_requests = PermissionRequests()
# database with all authorization decisions
self.authz_db = AuthzDB()
# database with all registered permissions
self.permit = Permission()
# database with all the registered resource sets
self.resource_set = MemResourceSetDB(
rsr_path=rsr_path, delete_rsid=self.permit.delete_rsid)
self.map_rsid_id = {}
self.map_id_rsid = {}
self.map_user_id = {}
self.rpt_factory = JWT(keyjar, lifetime=rpt_lifetime, iss=iss)
self.ticket_factory = JWT(keyjar, lifetime=ticket_lifetime, iss=iss)
self.authzdesc_lifetime = 3600
self.client_id = ressrv_id
self.rsr_path = rsr_path
self.ad2rpt = {}
self.rpt2adid = {}
def pending_permission_requests(self, owner, user):
"""
Return outstanding permission requests that is known to belong to
an owner and bound to a requestor.
:param owner:
:param user:
:return:
"""
res = []
for tick in self.permission_requests.requestor2tickets(user):
rsid = self.permission_requests.ticket2rsid(tick)
if self.resource_set.belongs_to(rsid, owner):
res.append(tick)
return res
def is_expired(self, tinfo):
if utc_time_sans_frac() <= tinfo['exp']:
return False
return True
def permission_request_allowed(self, ticket, identity):
"""
Verify that whatever permission requests the ticket represents
they are now allow.
:param ticket: The ticket
:param identity: Who has the ticket
:return: Dictionary, with permission request as key and
identifiers of authz decisions that permits the requests as values.
"""
_tinfo = self.rpt_factory.unpack(ticket)
if self.is_expired(_tinfo):
raise TicketError('expired',
'{} > {}'.format(utc_time_sans_frac(),
_tinfo['exp']))
try:
prrs = self.permission_requests[ticket]
except KeyError:
logger.warning("Someone is using a ticket that doesn't exist")
raise TicketError('invalid', ticket)
else:
result = {}
for prr in prrs:
owner = self.resource_set.owner(prr['resource_set_id'])
_adids = self.authz_db.match(owner, identity, **prr.to_dict())
if not _adids:
# all or nothing
raise TicketError('not_authorized')
result[prr.to_json()] = _adids
return result
def store_permission(self, permission, owner):
"""
Store a permission
:param permission: The permission to store
:param owner: The user setting the permission
:return: A permission ID
"""
max_scopes = self.resource_set.read(
owner, permission['resource_set_id'])["scopes"]
# if no scopes are defined == all are requested
try:
_scopes = permission['scopes']
except KeyError:
permission['scopes'] = max_scopes
else:
permission['scopes'] = [s for s in _scopes if s in max_scopes]
#.........這裏部分代碼省略.........