當前位置: 首頁>>代碼示例>>Python>>正文


Python jwt.JWTClaimsError方法代碼示例

本文整理匯總了Python中jose.jwt.JWTClaimsError方法的典型用法代碼示例。如果您正苦於以下問題:Python jwt.JWTClaimsError方法的具體用法?Python jwt.JWTClaimsError怎麽用?Python jwt.JWTClaimsError使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在jose.jwt的用法示例。


在下文中一共展示了jwt.JWTClaimsError方法的3個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。

示例1: validate_and_return_id_token

# 需要導入模塊: from jose import jwt [as 別名]
# 或者: from jose.jwt import JWTClaimsError [as 別名]
def validate_and_return_id_token(self, id_token, access_token):
        """
        Validates the id_token according to the steps at
        http://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation.
        """
        key = self.find_valid_key(id_token)

        if not key:
            raise AuthTokenError(self, "Signature verification failed")

        alg = key["alg"]
        rsa_key = jwk.construct(key)

        k = {
            "alg": rsa_key._algorithm,  # pylint: disable=protected-access
            "kty": "oct",
            "k": base64.urlsafe_b64encode(rsa_key.prepared_key)
            .rstrip(b"=")
            .decode("utf-8"),
        }

        try:
            claims = jwt.decode(
                id_token,
                k,
                algorithms=[alg],
                audience=self.setting("KEY"),
                issuer=self.id_token_issuer(),
                options=self.JWT_DECODE_OPTIONS,
            )
        except ExpiredSignatureError:
            raise AuthTokenError(self, "Signature has expired")
        except JWTClaimsError as error:
            raise AuthTokenError(self, str(error))
        except JWTError:
            raise AuthTokenError(self, "Invalid signature")

        self.validate_claims(claims) 
開發者ID:openfun,項目名稱:richie,代碼行數:40,代碼來源:backends.py

示例2: requires_auth

# 需要導入模塊: from jose import jwt [as 別名]
# 或者: from jose.jwt import JWTClaimsError [as 別名]
def requires_auth(f):
    """Determines if the Access Token is valid
    """

    @wraps(f)
    def decorated(*args, **kwargs):
        token = get_token_auth_header()
        jsonurl = urlopen("https://" + AUTH0_DOMAIN + "/.well-known/jwks.json")
        jwks = json.loads(jsonurl.read())
        unverified_header = jwt.get_unverified_header(token)
        rsa_key = {}
        for key in jwks["keys"]:
            if key["kid"] == unverified_header["kid"]:
                rsa_key = {
                    "kty": key["kty"],
                    "kid": key["kid"],
                    "use": key["use"],
                    "n": key["n"],
                    "e": key["e"],
                }
        if rsa_key:
            try:
                payload = jwt.decode(
                    token,
                    rsa_key,
                    algorithms=ALGORITHMS,
                    audience=API_AUDIENCE,
                    issuer="https://" + AUTH0_DOMAIN + "/",
                )
            except jwt.ExpiredSignatureError:
                abort(401, "Authorization token is expired")
            except jwt.JWTClaimsError:
                abort(
                    401,
                    "Authorization claim is incorrect, please check audience and issuer",
                )
            except Exception:
                abort(401, "Authorization header cannot be parsed")
            _request_ctx_stack.top.current_user = payload
            return f(*args, **kwargs)
        else:
            abort(401, "Authorization error, unable to find appropriate key")

    return decorated 
開發者ID:mozilla,項目名稱:service-map,代碼行數:46,代碼來源:auth.py

示例3: requires_auth

# 需要導入模塊: from jose import jwt [as 別名]
# 或者: from jose.jwt import JWTClaimsError [as 別名]
def requires_auth(f):
    """Determines if the access token is valid
    """
    @wraps(f)
    def decorated(*args, **kwargs):
        token = get_token_auth_header()
        jsonurl = urlopen("https://"+AUTH0_DOMAIN+"/.well-known/jwks.json")
        jwks = json.loads(jsonurl.read())
        try:
            unverified_header = jwt.get_unverified_header(token)
        except jwt.JWTError:
            raise AuthError({"code": "invalid_header",
                            "description":
                                "Invalid header. "
                                "Use an RS256 signed JWT Access Token"}, 401)
        if unverified_header["alg"] == "HS256":
            raise AuthError({"code": "invalid_header",
                            "description":
                                "Invalid header. "
                                "Use an RS256 signed JWT Access Token"}, 401)
        rsa_key = {}
        for key in jwks["keys"]:
            if key["kid"] == unverified_header["kid"]:
                rsa_key = {
                    "kty": key["kty"],
                    "kid": key["kid"],
                    "use": key["use"],
                    "n": key["n"],
                    "e": key["e"]
                }
        if rsa_key:
            try:
                payload = jwt.decode(
                    token,
                    rsa_key,
                    algorithms=ALGORITHMS,
                    audience=API_IDENTIFIER,
                    issuer="https://"+AUTH0_DOMAIN+"/"
                )
            except jwt.ExpiredSignatureError:
                raise AuthError({"code": "token_expired",
                                "description": "token is expired"}, 401)
            except jwt.JWTClaimsError:
                raise AuthError({"code": "invalid_claims",
                                "description":
                                    "incorrect claims,"
                                    " please check the audience and issuer"}, 401)
            except Exception:
                raise AuthError({"code": "invalid_header",
                                "description":
                                    "Unable to parse authentication"
                                    " token."}, 401)

            _request_ctx_stack.top.current_user = payload
            return f(*args, **kwargs)
        raise AuthError({"code": "invalid_header",
                        "description": "Unable to find appropriate key"}, 401)
    return decorated


# Controllers API 
開發者ID:auth0-samples,項目名稱:auth0-python-api-samples,代碼行數:63,代碼來源:server.py


注:本文中的jose.jwt.JWTClaimsError方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。