没有项目描述
byu-jwt的Python项目详细描述
BYU JWTPython
一个python jwt验证器,它执行所有特定于byu的操作,并处理众所周知的缓存和证书获取
安装
pip install byu_jwt
API
注意:在全局级别声明处理程序非常重要。这允许缓存已知数据以及在证书上使用缓存控件头,但仅当缓存控件超时时才重新获取这些数据。重新初始化类对象将抵消缓存的任何好处
实例化类并重用对象以利用缓存: byu的api管理器创建一个http头,其中包含一个签名的JWT。这里可以引用设计的byu签名头的名称,以便于查找。 包含http头的名称的属性,该头包含直接从byu的api管理器发送的byu签名的jwt。 值是x-jwt-assertion。 示例 包含http头的名称的属性,该头包含从接收直接从byu的api管理器发送的byu签名jwt的服务转发的byu签名jwt。 值是x-jwt-assertion-original。 示例importbyu_jwtbyujwt=byu_jwt.JWT_Handler()
仅当JWT有效
assertbyujwt.is_valid(jwt_to_validate)
解码jwt并检查有效性
try:jwt=byujwt.decode(jwt_to_validate)returnf"Hello, {jwt['preferredFirstName']}"exceptbyu_jwt.exceptions.JWTVerifyErrorasex_info:return"Invalid JWT"exceptbyu_jwt.exceptions.JWTHandlerErrorasex_info:return"Error attempting to verify the jwt"
jwt头名称
BYU-JWT-U标题电流
current_jwt_header=byu_jwt.JWT_HEADER
BYU JWT U HEADER U ORIGINAL
original_jwt_header=byu_jwt.JWT_HEADER_ORIGINAL
使用缓存
的python lambda函数示例
importbyu_jwtbyujwt=byu_jwt.JWT_Handler()defhandler(event,context):jwt_to_decode=event['headers'][byu_jwt.JWT_HEADER]try:jwt=byujwt.decode(jwt_to_validate)return{'statusCode':200,'body':f'Hello, {jwt["preferredFirstName"]}'}exceptbyu_jwt.exceptions.JWTVerifyErrorasex_info:return{'statusCode':403,'body':"Invalid JWT"}exceptbyu_jwt.exceptions.JWTHandlerErrorasex_info:return{'statusCode':500,'body':"Error attempting to verify the jwt"}
示例解码jwt结构
{"iss":"https://api.byu.edu","exp":1545425710,"byu":{"client":{"byuId":"","claimSource":"","netId":"","personId":"","preferredFirstName":"","prefix":"","restOfName":"","sortName":"","subscriberNetId":"","suffix":"","surname":"","surnamePosition":""},"resourceOwner":{"byuId":"","netId":"","personId":"","preferredFirstName":"","prefix":"","restOfName":"","sortName":"","suffix":"","surname":"","surnamePosition":""}},"wso2":{"apiContext":"","application":{"id":"","name":"","tier":""},"clientId":"","endUser":"","endUserTenantId":"","keyType":"","subscriber":"","tier":"","userType":"","version":""}}
推荐PyPI第三方库