From bedd11492944541bbf39fd3cc3dfdd21c6a854cf Mon Sep 17 00:00:00 2001 From: Ignacio Date: Mon, 27 Jul 2015 11:33:28 -0300 Subject: [PATCH] Use pyjwkest in encode_id_token function. --- oidc_provider/lib/utils/token.py | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/oidc_provider/lib/utils/token.py b/oidc_provider/lib/utils/token.py index 1e7320b..293b583 100644 --- a/oidc_provider/lib/utils/token.py +++ b/oidc_provider/lib/utils/token.py @@ -2,8 +2,10 @@ from datetime import timedelta import time import uuid +from Crypto.PublicKey.RSA import importKey from django.utils import timezone -import jwt +from jwkest.jwk import RSAKey +from jwkest.jws import JWS from oidc_provider.lib.utils.common import get_issuer, get_rsa_key from oidc_provider.models import * @@ -44,13 +46,17 @@ def create_id_token(user, aud, nonce): return dic -def encode_id_token(dic): +def encode_id_token(payload): """ Represent the ID Token as a JSON Web Token (JWT). Return a hash. """ - return jwt.encode(dic, get_rsa_key(), algorithm='RS256').decode('utf-8') + keys = [ RSAKey(key=importKey(get_rsa_key())) ] + _jws = JWS(payload, alg='RS256') + _jwt = _jws.sign_compact(keys) + + return _jwt def create_token(user, client, id_token_dic, scope):