pubkey stuff
This commit is contained in:
16
auth.py
16
auth.py
@ -13,7 +13,9 @@ DB_HOST = os.environ["DB_HOST"]
|
|||||||
DB_NAME = os.environ["DB_NAME"]
|
DB_NAME = os.environ["DB_NAME"]
|
||||||
|
|
||||||
JWT_ISSUER = os.environ["JWT_ISSUER"]
|
JWT_ISSUER = os.environ["JWT_ISSUER"]
|
||||||
JWT_SECRET = os.environ["JWT_SECRET"]
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
class NoUserException(Exception):
|
class NoUserException(Exception):
|
||||||
@ -28,6 +30,13 @@ class PasswordMismatchException(Exception):
|
|||||||
|
|
||||||
UserEntry = namedtuple('UserEntry', ['id', 'login', 'expiry', 'claims'])
|
UserEntry = namedtuple('UserEntry', ['id', 'login', 'expiry', 'claims'])
|
||||||
|
|
||||||
|
JWT_PRIV_KEY = ""
|
||||||
|
with open('/opt/app/config/authservice.key', 'r') as f:
|
||||||
|
JWT_PRIV_KEY = f.readlines()
|
||||||
|
|
||||||
|
JWT_PUB_KEY = ""
|
||||||
|
with open('/opt/app/config/authservice.pub', 'r') as f:
|
||||||
|
JWT_PUB_KEY = f.readlines()
|
||||||
|
|
||||||
|
|
||||||
def getUserEntryFromDB(application: str, login: str):
|
def getUserEntryFromDB(application: str, login: str):
|
||||||
@ -103,7 +112,7 @@ def generateToken(**args):
|
|||||||
# print("DEBUG: generateToken: add claim {} -> {}".format(claim[0], claim[1]))
|
# print("DEBUG: generateToken: add claim {} -> {}".format(claim[0], claim[1]))
|
||||||
payload[claim[0]] = claim[1]
|
payload[claim[0]] = claim[1]
|
||||||
|
|
||||||
return jwt.encode(payload, JWT_SECRET, algorithm='RS256')
|
return jwt.encode(payload, JWT_PRIV_KEY, algorithm='RS256')
|
||||||
except NoUserException:
|
except NoUserException:
|
||||||
print("ERROR: generateToken: no user found, login or application wrong")
|
print("ERROR: generateToken: no user found, login or application wrong")
|
||||||
raise werkzeug.exceptions.Unauthorized()
|
raise werkzeug.exceptions.Unauthorized()
|
||||||
@ -119,3 +128,6 @@ def generateToken(**args):
|
|||||||
except Exception as e:
|
except Exception as e:
|
||||||
print("ERROR: generateToken: unspecific exception: {}".format(str(e)))
|
print("ERROR: generateToken: unspecific exception: {}".format(str(e)))
|
||||||
raise werkzeug.exceptions.Unauthorized()
|
raise werkzeug.exceptions.Unauthorized()
|
||||||
|
|
||||||
|
def getPubKey():
|
||||||
|
return JWT_PUB_KEY
|
||||||
|
13
openapi.yaml
13
openapi.yaml
@ -35,6 +35,19 @@ paths:
|
|||||||
type: string
|
type: string
|
||||||
security:
|
security:
|
||||||
- jwt: ['secret']
|
- jwt: ['secret']
|
||||||
|
/pubkey:
|
||||||
|
get:
|
||||||
|
tags: [ "JWT" ]
|
||||||
|
summary: Get the public key of this issuer
|
||||||
|
operationId: auth.getPubKey
|
||||||
|
responses:
|
||||||
|
'200':
|
||||||
|
description: public key
|
||||||
|
content:
|
||||||
|
'text/plain':
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
|
||||||
|
|
||||||
components:
|
components:
|
||||||
securitySchemes:
|
securitySchemes:
|
||||||
|
Reference in New Issue
Block a user