How to use the josepy.jwk.JWK.load function in josepy

To help you get started, we’ve selected a few josepy examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github mozilla-iam / sso-dashboard / dashboard / auth.py View on Github external
def _verified(self):
        try:
            jwk = JWK.load(self.public_key)
            self.jws_obj = JWS.from_compact(self.jws)
            if self._signed(jwk) is False:
                logger.warning(
                    "The public key signature was not valid for jws {jws}".format(
                        jws=self.jws
                    )
                )
                self.jws_data = json.loads(self.jws.payload)
                self.jws_data["code"] = "invalid"
                return False
            else:
                self.jws_data = json.loads(self.jws_obj.payload.decode())
                logger.info("Loaded JWS data.")
                self.jws_data["connection_name"] = self._get_connection_name(
                    self.jws_data["connection"]
                )
github mozilla / mozillians / mozillians / phonebook / views.py View on Github external
'code': request.GET['code'],
            'redirect_uri': absolutify(
                self.request,
                nonprefixed_url('phonebook:verify_identity_callback')
            ),
        }
        response = requests.post(self.OIDC_OP_TOKEN_ENDPOINT,
                                 data=token_payload,
                                 verify=import_from_settings('OIDC_VERIFY_SSL', True))
        response.raise_for_status()
        token_response = response.json()
        id_token = token_response.get('id_token')

        # Verify JWT
        jws = JWS.from_compact(force_bytes(id_token))
        jwk = JWK.load(smart_bytes(self.OIDC_RP_VERIFICATION_CLIENT_SECRET))
        verified_token = None
        if jws.verify(jwk):
            verified_token = jws.payload

        # Create the new Identity Profile.
        if verified_token:
            user_info = json.loads(verified_token)
            email = user_info['email']
            verification_user_id = user_info.get(ORIGINAL_CONNECTION_USER_ID)
            msg = ''

            if not user_info.get('email_verified'):
                msg = 'Account verification failed: Email is not verified.'

            if not verification_user_id:
                msg = 'Account verification failed: Could not get original user id'