Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
c7dbaeabbb
|
|||
|
0911a73085
|
|||
|
1de73e99e3
|
|||
|
b44af0658a
|
|||
|
309b4c6ba8
|
|||
|
a921fb6a0f
|
|||
|
f56db65012
|
|||
|
ef0793be4e
|
|||
|
3f2442e259
|
23
auth.py
23
auth.py
@ -30,13 +30,20 @@ class PasswordMismatchException(Exception):
|
|||||||
|
|
||||||
UserEntry = namedtuple('UserEntry', ['id', 'login', 'expiry', 'claims'])
|
UserEntry = namedtuple('UserEntry', ['id', 'login', 'expiry', 'claims'])
|
||||||
|
|
||||||
|
|
||||||
JWT_PRIV_KEY = ""
|
JWT_PRIV_KEY = ""
|
||||||
with open('/opt/app/config/authservice.key', 'r') as f:
|
try:
|
||||||
JWT_PRIV_KEY = f.read().replace('\n','')
|
JWT_PRIV_KEY = os.environ["JWT_PRIV_KEY"]
|
||||||
|
except KeyError:
|
||||||
|
with open('/opt/app/config/authservice.key', 'r') as f:
|
||||||
|
JWT_PRIV_KEY = f.read()
|
||||||
|
|
||||||
JWT_PUB_KEY = ""
|
JWT_PUB_KEY = ""
|
||||||
with open('/opt/app/config/authservice.pub', 'r') as f:
|
try:
|
||||||
JWT_PUB_KEY = f.read().replace('\n','')
|
JWT_PUB_KEY = os.environ["JWT_PUB_KEY"]
|
||||||
|
except KeyError:
|
||||||
|
with open('/opt/app/config/authservice.pub', 'r') as f:
|
||||||
|
JWT_PUB_KEY = f.read()
|
||||||
|
|
||||||
|
|
||||||
def getUserEntryFromDB(application: str, login: str):
|
def getUserEntryFromDB(application: str, login: str):
|
||||||
@ -106,7 +113,8 @@ def generateToken(**args):
|
|||||||
"iss": JWT_ISSUER,
|
"iss": JWT_ISSUER,
|
||||||
"iat": int(timestamp),
|
"iat": int(timestamp),
|
||||||
"exp": int(timestamp + userEntry.expiry),
|
"exp": int(timestamp + userEntry.expiry),
|
||||||
"sub": str(userEntry.id)
|
"sub": str(userEntry.id),
|
||||||
|
"aud": application
|
||||||
}
|
}
|
||||||
for claim in userEntry.claims.items():
|
for claim in userEntry.claims.items():
|
||||||
# print("DEBUG: generateToken: add claim {} -> {}".format(claim[0], claim[1]))
|
# print("DEBUG: generateToken: add claim {} -> {}".format(claim[0], claim[1]))
|
||||||
@ -129,5 +137,10 @@ def generateToken(**args):
|
|||||||
print("ERROR: generateToken: unspecific exception: {}".format(str(e)))
|
print("ERROR: generateToken: unspecific exception: {}".format(str(e)))
|
||||||
raise werkzeug.exceptions.Unauthorized()
|
raise werkzeug.exceptions.Unauthorized()
|
||||||
|
|
||||||
|
def generateTokenFromEnc(**args):
|
||||||
|
cryptContent = args["body"]
|
||||||
|
raise werkzeug.exceptions.NotImplemented("Stay tuned, will be added soon")
|
||||||
|
return str(cryptContent)
|
||||||
|
|
||||||
def getPubKey():
|
def getPubKey():
|
||||||
return JWT_PUB_KEY
|
return JWT_PUB_KEY
|
||||||
|
|||||||
19
openapi.yaml
19
openapi.yaml
@ -7,7 +7,7 @@ paths:
|
|||||||
/auth:
|
/auth:
|
||||||
post:
|
post:
|
||||||
tags: [ "JWT" ]
|
tags: [ "JWT" ]
|
||||||
summary: Return JWT token
|
summary: Accept login and password, return JWT token
|
||||||
operationId: auth.generateToken
|
operationId: auth.generateToken
|
||||||
requestBody:
|
requestBody:
|
||||||
content:
|
content:
|
||||||
@ -21,6 +21,23 @@ paths:
|
|||||||
'text/plain':
|
'text/plain':
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
|
/authe:
|
||||||
|
post:
|
||||||
|
tags: [ "JWT" ]
|
||||||
|
summary: Accept encrypted set of credentials, return JWT token
|
||||||
|
operationId: auth.generateTokenFromEnc
|
||||||
|
requestBody:
|
||||||
|
content:
|
||||||
|
'text/plain':
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
responses:
|
||||||
|
'200':
|
||||||
|
description: JWT token
|
||||||
|
content:
|
||||||
|
'text/plain':
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
/secret:
|
/secret:
|
||||||
get:
|
get:
|
||||||
tags: [ "JWT" ]
|
tags: [ "JWT" ]
|
||||||
|
|||||||
9
testjwe.py
Normal file
9
testjwe.py
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
from jose import jwe
|
||||||
|
|
||||||
|
|
||||||
|
JWT_PUB_KEY = os.environ["JWT_PUB_KEY"]
|
||||||
|
|
||||||
|
plainText = "BlaBlaBla123"
|
||||||
|
cryptText = jwe.encrypt(plainText, JWT_PUB_KEY, "A256GCM", "RSA-OAEP")
|
||||||
|
|
||||||
|
print(cryptText)
|
||||||
Reference in New Issue
Block a user