Norbert/Solax
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
78a7eabe4c8b8d8ec010278ef2a06ddba1768ce3
Solax/myenv/lib/python3.12/site-packages/authlib/oauth2/rfc7523/assertion.py
Norbert 82af8c809a venv added, updated
2024-09-13 09:46:28 +02:00

67 lines
2.0 KiB
Python
Raw Blame History

import time
from authlib.jose import jwt
from authlib.common.security import generate_token
def sign_jwt_bearer_assertion(
key, issuer, audience, subject=None, issued_at=None,
expires_at=None, claims=None, header=None, **kwargs):
if header is None:
header = {}
alg = kwargs.pop('alg', None)
if alg:
header['alg'] = alg
if 'alg' not in header:
raise ValueError('Missing "alg" in header')
payload = {'iss': issuer, 'aud': audience}
# subject is not required in Google service
if subject:
payload['sub'] = subject
if not issued_at:
issued_at = int(time.time())
expires_in = kwargs.pop('expires_in', 3600)
if not expires_at:
expires_at = issued_at + expires_in
payload['iat'] = issued_at
payload['exp'] = expires_at
if claims:
payload.update(claims)
return jwt.encode(header, payload, key)
def client_secret_jwt_sign(client_secret, client_id, token_endpoint, alg='HS256',
claims=None, **kwargs):
return _sign(client_secret, client_id, token_endpoint, alg, claims, **kwargs)
def private_key_jwt_sign(private_key, client_id, token_endpoint, alg='RS256',
claims=None, **kwargs):
return _sign(private_key, client_id, token_endpoint, alg, claims, **kwargs)
def _sign(key, client_id, token_endpoint, alg, claims=None, **kwargs):
# REQUIRED. Issuer. This MUST contain the client_id of the OAuth Client.
issuer = client_id
# REQUIRED. Subject. This MUST contain the client_id of the OAuth Client.
subject = client_id
# The Audience SHOULD be the URL of the Authorization Server's Token Endpoint.
audience = token_endpoint
# jti is required
if claims is None:
claims = {}
if 'jti' not in claims:
claims['jti'] = generate_token(36)
return sign_jwt_bearer_assertion(
key=key, issuer=issuer, audience=audience, subject=subject,
claims=claims, alg=alg, **kwargs)
Reference in New Issue View Git Blame Copy Permalink