Mercurial > code > home > repos > href

import logging

import bottle
from rdflib import URIRef
import requests
from jwskate import Jwt, JwkSet
log = logging.getLogger(__name__)

jwkset = JwkSet(requests.get('https://authenticate.bigasterisk.com/.well-known/pomerium/jwks.json').json())

def bottleGetAgent() -> URIRef:
    pomAssertion = bottle.request.headers.get('X-Pomerium-Jwt-Assertion', None)
    log.debug('pomAssertion=%r', pomAssertion)
    jwt = Jwt(pomAssertion)
    jwt.validate(jwkset['keys'][0], #??
                 algs=['ES256'],
                 issuer='authenticate.bigasterisk.com',
                 audience='bigasterisk.com')
    log.debug('claims=%r', jwt.claims)
    foaf = {
        'drewpca@gmail.com': 'http://bigasterisk.com/foaf.rdf#drewp',
        'kelsimp@gmail.com': 'http://bigasterisk.com/kelsi/foaf.rdf#kelsi',
    }[jwt.claims['email']]
    return URIRef(foaf)
author	drewp@bigasterisk.com
date	Wed, 14 Dec 2022 22:07:19 -0800
parents	293a694304b8
children