pubkey stuff
This commit is contained in:
parent
49e8aa43b4
commit
0377278ea0
16
auth.py
16
auth.py
@ -13,7 +13,9 @@ DB_HOST = os.environ["DB_HOST"]
|
||||
DB_NAME = os.environ["DB_NAME"]
|
||||
|
||||
JWT_ISSUER = os.environ["JWT_ISSUER"]
|
||||
JWT_SECRET = os.environ["JWT_SECRET"]
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
class NoUserException(Exception):
|
||||
@ -28,6 +30,13 @@ class PasswordMismatchException(Exception):
|
||||
|
||||
UserEntry = namedtuple('UserEntry', ['id', 'login', 'expiry', 'claims'])
|
||||
|
||||
JWT_PRIV_KEY = ""
|
||||
with open('/opt/app/config/authservice.key', 'r') as f:
|
||||
JWT_PRIV_KEY = f.readlines()
|
||||
|
||||
JWT_PUB_KEY = ""
|
||||
with open('/opt/app/config/authservice.pub', 'r') as f:
|
||||
JWT_PUB_KEY = f.readlines()
|
||||
|
||||
|
||||
def getUserEntryFromDB(application: str, login: str):
|
||||
@ -103,7 +112,7 @@ def generateToken(**args):
|
||||
# print("DEBUG: generateToken: add claim {} -> {}".format(claim[0], claim[1]))
|
||||
payload[claim[0]] = claim[1]
|
||||
|
||||
return jwt.encode(payload, JWT_SECRET, algorithm='RS256')
|
||||
return jwt.encode(payload, JWT_PRIV_KEY, algorithm='RS256')
|
||||
except NoUserException:
|
||||
print("ERROR: generateToken: no user found, login or application wrong")
|
||||
raise werkzeug.exceptions.Unauthorized()
|
||||
@ -119,3 +128,6 @@ def generateToken(**args):
|
||||
except Exception as e:
|
||||
print("ERROR: generateToken: unspecific exception: {}".format(str(e)))
|
||||
raise werkzeug.exceptions.Unauthorized()
|
||||
|
||||
def getPubKey():
|
||||
return JWT_PUB_KEY
|
||||
|
13
openapi.yaml
13
openapi.yaml
@ -35,6 +35,19 @@ paths:
|
||||
type: string
|
||||
security:
|
||||
- jwt: ['secret']
|
||||
/pubkey:
|
||||
get:
|
||||
tags: [ "JWT" ]
|
||||
summary: Get the public key of this issuer
|
||||
operationId: auth.getPubKey
|
||||
responses:
|
||||
'200':
|
||||
description: public key
|
||||
content:
|
||||
'text/plain':
|
||||
schema:
|
||||
type: string
|
||||
|
||||
|
||||
components:
|
||||
securitySchemes:
|
||||
|
Loading…
x
Reference in New Issue
Block a user