href: get_agent.py annotate

annotate get_agent.py @ 42:530650b3bc40 default tip

something changed in pom to break pyjwt. switched to jwskate

author	drewp@bigasterisk.com
date	Wed, 14 Dec 2022 22:07:19 -0800
parents	293a694304b8
children

rev	line source
39 c538dc39b851 user login fixes drewp@bigasterisk.com parents: diff changeset	1 import logging
c538dc39b851 user login fixes drewp@bigasterisk.com parents: diff changeset	2
c538dc39b851 user login fixes drewp@bigasterisk.com parents: diff changeset	3 import bottle
c538dc39b851 user login fixes drewp@bigasterisk.com parents: diff changeset	4 from rdflib import URIRef
42 530650b3bc40 something changed in pom to break pyjwt. switched to jwskate drewp@bigasterisk.com parents: 41 diff changeset	5 import requests
530650b3bc40 something changed in pom to break pyjwt. switched to jwskate drewp@bigasterisk.com parents: 41 diff changeset	6 from jwskate import Jwt, JwkSet
39 c538dc39b851 user login fixes drewp@bigasterisk.com parents: diff changeset	7 log = logging.getLogger(__name__)
c538dc39b851 user login fixes drewp@bigasterisk.com parents: diff changeset	8
42 530650b3bc40 something changed in pom to break pyjwt. switched to jwskate drewp@bigasterisk.com parents: 41 diff changeset	9 jwkset = JwkSet(requests.get('https://authenticate.bigasterisk.com/.well-known/pomerium/jwks.json').json())
39 c538dc39b851 user login fixes drewp@bigasterisk.com parents: diff changeset	10
c538dc39b851 user login fixes drewp@bigasterisk.com parents: diff changeset	11 def bottleGetAgent() -> URIRef:
c538dc39b851 user login fixes drewp@bigasterisk.com parents: diff changeset	12 pomAssertion = bottle.request.headers.get('X-Pomerium-Jwt-Assertion', None)
42 530650b3bc40 something changed in pom to break pyjwt. switched to jwskate drewp@bigasterisk.com parents: 41 diff changeset	13 log.debug('pomAssertion=%r', pomAssertion)
530650b3bc40 something changed in pom to break pyjwt. switched to jwskate drewp@bigasterisk.com parents: 41 diff changeset	14 jwt = Jwt(pomAssertion)
530650b3bc40 something changed in pom to break pyjwt. switched to jwskate drewp@bigasterisk.com parents: 41 diff changeset	15 jwt.validate(jwkset['keys'][0], #??
530650b3bc40 something changed in pom to break pyjwt. switched to jwskate drewp@bigasterisk.com parents: 41 diff changeset	16 algs=['ES256'],
530650b3bc40 something changed in pom to break pyjwt. switched to jwskate drewp@bigasterisk.com parents: 41 diff changeset	17 issuer='authenticate.bigasterisk.com',
530650b3bc40 something changed in pom to break pyjwt. switched to jwskate drewp@bigasterisk.com parents: 41 diff changeset	18 audience='bigasterisk.com')
530650b3bc40 something changed in pom to break pyjwt. switched to jwskate drewp@bigasterisk.com parents: 41 diff changeset	19 log.debug('claims=%r', jwt.claims)
39 c538dc39b851 user login fixes drewp@bigasterisk.com parents: diff changeset	20 foaf = {
c538dc39b851 user login fixes drewp@bigasterisk.com parents: diff changeset	21 'drewpca@gmail.com': 'http://bigasterisk.com/foaf.rdf#drewp',
c538dc39b851 user login fixes drewp@bigasterisk.com parents: diff changeset	22 'kelsimp@gmail.com': 'http://bigasterisk.com/kelsi/foaf.rdf#kelsi',
42 530650b3bc40 something changed in pom to break pyjwt. switched to jwskate drewp@bigasterisk.com parents: 41 diff changeset	23 }[jwt.claims['email']]
39 c538dc39b851 user login fixes drewp@bigasterisk.com parents: diff changeset	24 return URIRef(foaf)

Mercurial > code > home > repos > href

annotate get_agent.py @ 42:530650b3bc40 default tip