kumi/django-oidc-provider
1
0
Fork 0
Code Issues 1 Pull requests 3 Projects Releases Packages Wiki Activity

Add HS256 support for JWS.

Browse source
This commit is contained in:
Ignacio Fiorentino 2016-03-22 16:17:56 -03:00
parent af3a0c0581
commit dff76cd1ea
5 changed files with 44 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

22
oidc_provider/lib/utils/token.py
View file

@ -6,6 +6,7 @@ from Crypto.PublicKey.RSA import importKey
from django.utils import timezone
from hashlib import md5
from jwkest.jwk import RSAKey as jwk_RSAKey
from jwkest.jwk import SYMKey
from jwkest.jws import JWS
from oidc_provider.lib.utils.common import get_issuer
@ -55,21 +56,26 @@ def create_id_token(user, aud, nonce):
return dic
def encode_id_token(payload):
def encode_id_token(payload, client):
"""
Represent the ID Token as a JSON Web Token (JWT).
Return a hash.
"""
keys = []
alg = client.jwt_alg
if alg == 'RS256':
keys = []
for rsakey in RSAKey.objects.all():
keys.append(jwk_RSAKey(key=importKey(rsakey.key), kid=rsakey.kid))
for rsakey in RSAKey.objects.all():
keys.append(jwk_RSAKey(key=importKey(rsakey.key), kid=rsakey.kid))
if not keys:
raise Exception('You must add at least one RSA Key.')
if not keys:
raise Exception('You must add at least one RSA Key.')
elif alg == 'HS256':
keys = [SYMKey(key=client.client_secret, alg=alg)]
else:
raise Exception('Unsupported key algorithm.')
_jws = JWS(payload, alg='RS256')
_jws = JWS(payload, alg=alg)
return _jws.sign_compact(keys)