use rs256

fix in claims handling
remove x from private claims
2021-05-06 15:42:46 +02:00 · 2021-05-06 15:22:43 +02:00 · 2021-01-27 13:31:34 +01:00 · 2021-01-27 12:40:27 +01:00
1 changed files with 3 additions and 3 deletions
--- a/auth.py
+++ b/auth.py
@ -57,7 +57,7 @@ def getUserEntryFromDB(application: str, login: str):
        for claimObj in cur:
            print("DEBUG: getUserEntryFromDB: add claim {} -> {}".format(claimObj["key"], claimObj["value"]))
            if claimObj["key"] in claims:
-                if isinstance(claimObj["key"], list):
+                if isinstance(claims[claimObj["key"]], list):
                    claims[claimObj["key"]].append(claimObj["value"])
                else:
                    claims[claimObj["key"]] = [ claims[claimObj["key"]] ]
@ -101,9 +101,9 @@ def generateToken(**args):
        }
        for claim in userEntry.claims.items():
            # print("DEBUG: generateToken: add claim {} -> {}".format(claim[0], claim[1]))
-            payload["x-{}".format(claim[0])] = claim[1]
+            payload[claim[0]] = claim[1]

-        return jwt.encode(payload, JWT_ISSUER)
+        return jwt.encode(payload, JWT_SECRET, algorithm='RS256')
    except NoUserException:
        print("ERROR: generateToken: no user found, login or application wrong")
        raise werkzeug.exceptions.Unauthorized()
Author	SHA1	Message	Date
Wolfgang Hottgenroth	49e8aa43b4	use rs256	2021-05-06 15:42:46 +02:00
Wolfgang Hottgenroth	35a997774f	fix in claims handling	2021-05-06 15:22:43 +02:00
Wolfgang Hottgenroth	08734cb82c	remove x from private claims	2021-01-27 13:31:34 +01:00
Wolfgang Hottgenroth	875301b437	fix	2021-01-27 12:40:27 +01:00