blob: 8d75e18b2a751d1a68fa790c596ff206630258d8 [file] [log] [blame]
<?xml version="1.0" encoding="ascii"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>oauth2client.crypt</title>
<link rel="stylesheet" href="epydoc.css" type="text/css" />
<script type="text/javascript" src="epydoc.js"></script>
</head>
<body bgcolor="white" text="black" link="blue" vlink="#204080"
alink="#204080">
<!-- ==================== NAVIGATION BAR ==================== -->
<table class="navbar" border="0" width="100%" cellpadding="0"
bgcolor="#a0c0ff" cellspacing="0">
<tr valign="middle">
<!-- Tree link -->
<th>&nbsp;&nbsp;&nbsp;<a
href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>
<!-- Index link -->
<th>&nbsp;&nbsp;&nbsp;<a
href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>
<!-- Help link -->
<th>&nbsp;&nbsp;&nbsp;<a
href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>
<th class="navbar" width="100%"></th>
</tr>
</table>
<table width="100%" cellpadding="0" cellspacing="0">
<tr valign="top">
<td width="100%">
<span class="breadcrumbs">
<a href="oauth2client-module.html">Package&nbsp;oauth2client</a> ::
Module&nbsp;crypt
</span>
</td>
<td>
<table cellpadding="0" cellspacing="0">
<!-- hide/show private -->
<tr><td align="right"><span class="options">[<a href="javascript:void(0);" class="privatelink"
onclick="toggle_private();">hide&nbsp;private</a>]</span></td></tr>
<tr><td align="right"><span class="options"
>[<a href="frames.html" target="_top">frames</a
>]&nbsp;|&nbsp;<a href="oauth2client.crypt-pysrc.html"
target="_top">no&nbsp;frames</a>]</span></td></tr>
</table>
</td>
</tr>
</table>
<h1 class="epydoc">Source Code for <a href="oauth2client.crypt-module.html">Module oauth2client.crypt</a></h1>
<pre class="py-src">
<a name="L1"></a><tt class="py-lineno"> 1</tt> <tt class="py-line"><tt class="py-comment">#!/usr/bin/python2.4</tt> </tt>
<a name="L2"></a><tt class="py-lineno"> 2</tt> <tt class="py-line"><tt class="py-comment"># -*- coding: utf-8 -*-</tt> </tt>
<a name="L3"></a><tt class="py-lineno"> 3</tt> <tt class="py-line"><tt class="py-comment">#</tt> </tt>
<a name="L4"></a><tt class="py-lineno"> 4</tt> <tt class="py-line"><tt class="py-comment"># Copyright (C) 2011 Google Inc.</tt> </tt>
<a name="L5"></a><tt class="py-lineno"> 5</tt> <tt class="py-line"><tt class="py-comment">#</tt> </tt>
<a name="L6"></a><tt class="py-lineno"> 6</tt> <tt class="py-line"><tt class="py-comment"># Licensed under the Apache License, Version 2.0 (the "License");</tt> </tt>
<a name="L7"></a><tt class="py-lineno"> 7</tt> <tt class="py-line"><tt class="py-comment"># you may not use this file except in compliance with the License.</tt> </tt>
<a name="L8"></a><tt class="py-lineno"> 8</tt> <tt class="py-line"><tt class="py-comment"># You may obtain a copy of the License at</tt> </tt>
<a name="L9"></a><tt class="py-lineno"> 9</tt> <tt class="py-line"><tt class="py-comment">#</tt> </tt>
<a name="L10"></a><tt class="py-lineno"> 10</tt> <tt class="py-line"><tt class="py-comment"># http://www.apache.org/licenses/LICENSE-2.0</tt> </tt>
<a name="L11"></a><tt class="py-lineno"> 11</tt> <tt class="py-line"><tt class="py-comment">#</tt> </tt>
<a name="L12"></a><tt class="py-lineno"> 12</tt> <tt class="py-line"><tt class="py-comment"># Unless required by applicable law or agreed to in writing, software</tt> </tt>
<a name="L13"></a><tt class="py-lineno"> 13</tt> <tt class="py-line"><tt class="py-comment"># distributed under the License is distributed on an "AS IS" BASIS,</tt> </tt>
<a name="L14"></a><tt class="py-lineno"> 14</tt> <tt class="py-line"><tt class="py-comment"># WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</tt> </tt>
<a name="L15"></a><tt class="py-lineno"> 15</tt> <tt class="py-line"><tt class="py-comment"># See the License for the specific language governing permissions and</tt> </tt>
<a name="L16"></a><tt class="py-lineno"> 16</tt> <tt class="py-line"><tt class="py-comment"># limitations under the License.</tt> </tt>
<a name="L17"></a><tt class="py-lineno"> 17</tt> <tt class="py-line"> </tt>
<a name="L18"></a><tt class="py-lineno"> 18</tt> <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">base64</tt> </tt>
<a name="L19"></a><tt class="py-lineno"> 19</tt> <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">hashlib</tt> </tt>
<a name="L20"></a><tt class="py-lineno"> 20</tt> <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">logging</tt> </tt>
<a name="L21"></a><tt class="py-lineno"> 21</tt> <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">time</tt> </tt>
<a name="L22"></a><tt class="py-lineno"> 22</tt> <tt class="py-line"> </tt>
<a name="L23"></a><tt class="py-lineno"> 23</tt> <tt class="py-line"><tt class="py-keyword">from</tt> <tt id="link-0" class="py-name" targets="Module oauth2client.anyjson=oauth2client.anyjson-module.html"><a title="oauth2client.anyjson" class="py-name" href="#" onclick="return doclink('link-0', 'anyjson', 'link-0');">anyjson</a></tt> <tt class="py-keyword">import</tt> <tt class="py-name">simplejson</tt> </tt>
<a name="L24"></a><tt class="py-lineno"> 24</tt> <tt class="py-line"> </tt>
<a name="L25"></a><tt class="py-lineno"> 25</tt> <tt class="py-line"> </tt>
<a name="L26"></a><tt class="py-lineno"> 26</tt> <tt class="py-line"><tt id="link-1" class="py-name" targets="Variable oauth2client.crypt.CLOCK_SKEW_SECS=oauth2client.crypt-module.html#CLOCK_SKEW_SECS"><a title="oauth2client.crypt.CLOCK_SKEW_SECS" class="py-name" href="#" onclick="return doclink('link-1', 'CLOCK_SKEW_SECS', 'link-1');">CLOCK_SKEW_SECS</a></tt> <tt class="py-op">=</tt> <tt class="py-number">300</tt> <tt class="py-comment"># 5 minutes in seconds</tt> </tt>
<a name="L27"></a><tt class="py-lineno"> 27</tt> <tt class="py-line"><tt id="link-2" class="py-name" targets="Variable oauth2client.crypt.AUTH_TOKEN_LIFETIME_SECS=oauth2client.crypt-module.html#AUTH_TOKEN_LIFETIME_SECS"><a title="oauth2client.crypt.AUTH_TOKEN_LIFETIME_SECS" class="py-name" href="#" onclick="return doclink('link-2', 'AUTH_TOKEN_LIFETIME_SECS', 'link-2');">AUTH_TOKEN_LIFETIME_SECS</a></tt> <tt class="py-op">=</tt> <tt class="py-number">300</tt> <tt class="py-comment"># 5 minutes in seconds</tt> </tt>
<a name="L28"></a><tt class="py-lineno"> 28</tt> <tt class="py-line"><tt id="link-3" class="py-name" targets="Variable oauth2client.client.SignedJwtAssertionCredentials.MAX_TOKEN_LIFETIME_SECS=oauth2client.client.SignedJwtAssertionCredentials-class.html#MAX_TOKEN_LIFETIME_SECS,Variable oauth2client.crypt.MAX_TOKEN_LIFETIME_SECS=oauth2client.crypt-module.html#MAX_TOKEN_LIFETIME_SECS"><a title="oauth2client.client.SignedJwtAssertionCredentials.MAX_TOKEN_LIFETIME_SECS
oauth2client.crypt.MAX_TOKEN_LIFETIME_SECS" class="py-name" href="#" onclick="return doclink('link-3', 'MAX_TOKEN_LIFETIME_SECS', 'link-3');">MAX_TOKEN_LIFETIME_SECS</a></tt> <tt class="py-op">=</tt> <tt class="py-number">86400</tt> <tt class="py-comment"># 1 day in seconds</tt> </tt>
<a name="L29"></a><tt class="py-lineno"> 29</tt> <tt class="py-line"> </tt>
<a name="L30"></a><tt class="py-lineno"> 30</tt> <tt class="py-line"> </tt>
<a name="L31"></a><tt class="py-lineno"> 31</tt> <tt class="py-line"><tt id="link-4" class="py-name" targets="Variable apiclient.discovery.logger=apiclient.discovery-module.html#logger,Variable oauth2client.appengine.logger=oauth2client.appengine-module.html#logger,Variable oauth2client.client.logger=oauth2client.client-module.html#logger,Variable oauth2client.crypt.logger=oauth2client.crypt-module.html#logger,Variable oauth2client.gce.logger=oauth2client.gce-module.html#logger,Variable oauth2client.locked_file.logger=oauth2client.locked_file-module.html#logger,Variable oauth2client.multistore_file.logger=oauth2client.multistore_file-module.html#logger,Variable oauth2client.util.logger=oauth2client.util-module.html#logger"><a title="apiclient.discovery.logger
oauth2client.appengine.logger
oauth2client.client.logger
oauth2client.crypt.logger
oauth2client.gce.logger
oauth2client.locked_file.logger
oauth2client.multistore_file.logger
oauth2client.util.logger" class="py-name" href="#" onclick="return doclink('link-4', 'logger', 'link-4');">logger</a></tt> <tt class="py-op">=</tt> <tt class="py-name">logging</tt><tt class="py-op">.</tt><tt class="py-name">getLogger</tt><tt class="py-op">(</tt><tt class="py-name">__name__</tt><tt class="py-op">)</tt> </tt>
<a name="AppIdentityError"></a><div id="AppIdentityError-def"><a name="L32"></a><tt class="py-lineno"> 32</tt> <tt class="py-line"> </tt>
<a name="L33"></a><tt class="py-lineno"> 33</tt> <tt class="py-line"> </tt>
<a name="L34"></a><tt class="py-lineno"> 34</tt> <a class="py-toggle" href="#" id="AppIdentityError-toggle" onclick="return toggle('AppIdentityError');">-</a><tt class="py-line"><tt class="py-keyword">class</tt> <a class="py-def-name" href="oauth2client.crypt.AppIdentityError-class.html">AppIdentityError</a><tt class="py-op">(</tt><tt class="py-base-class">Exception</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="AppIdentityError-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="AppIdentityError-expanded"><a name="L35"></a><tt class="py-lineno"> 35</tt> <tt class="py-line"> <tt class="py-keyword">pass</tt> </tt>
</div><a name="L36"></a><tt class="py-lineno"> 36</tt> <tt class="py-line"> </tt>
<a name="L37"></a><tt class="py-lineno"> 37</tt> <tt class="py-line"> </tt>
<a name="L38"></a><tt class="py-lineno"> 38</tt> <tt class="py-line"><tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L39"></a><tt class="py-lineno"> 39</tt> <tt class="py-line"> <tt class="py-keyword">from</tt> <tt class="py-name">OpenSSL</tt> <tt class="py-keyword">import</tt> <tt class="py-name">crypto</tt> </tt>
<a name="OpenSSLVerifier"></a><div id="OpenSSLVerifier-def"><a name="L40"></a><tt class="py-lineno"> 40</tt> <tt class="py-line"> </tt>
<a name="L41"></a><tt class="py-lineno"> 41</tt> <tt class="py-line"> </tt>
<a name="L42"></a><tt class="py-lineno"> 42</tt> <a class="py-toggle" href="#" id="OpenSSLVerifier-toggle" onclick="return toggle('OpenSSLVerifier');">-</a><tt class="py-line"> <tt class="py-keyword">class</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLVerifier-class.html">OpenSSLVerifier</a><tt class="py-op">(</tt><tt class="py-base-class">object</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLVerifier-collapsed" style="display:none;" pad="+++" indent="++++++"></div><div id="OpenSSLVerifier-expanded"><a name="L43"></a><tt class="py-lineno"> 43</tt> <tt class="py-line"> <tt class="py-docstring">"""Verifies the signature on a message."""</tt> </tt>
<a name="L44"></a><tt class="py-lineno"> 44</tt> <tt class="py-line"> </tt>
<a name="OpenSSLVerifier.__init__"></a><div id="OpenSSLVerifier.__init__-def"><a name="L45"></a><tt class="py-lineno"> 45</tt> <a class="py-toggle" href="#" id="OpenSSLVerifier.__init__-toggle" onclick="return toggle('OpenSSLVerifier.__init__');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLVerifier-class.html#__init__">__init__</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">pubkey</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLVerifier.__init__-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLVerifier.__init__-expanded"><a name="L46"></a><tt class="py-lineno"> 46</tt> <tt class="py-line"> <tt class="py-docstring">"""Constructor.</tt> </tt>
<a name="L47"></a><tt class="py-lineno"> 47</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L48"></a><tt class="py-lineno"> 48</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
<a name="L49"></a><tt class="py-lineno"> 49</tt> <tt class="py-line"><tt class="py-docstring"> pubkey, OpenSSL.crypto.PKey, The public key to verify with.</tt> </tt>
<a name="L50"></a><tt class="py-lineno"> 50</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
<a name="L51"></a><tt class="py-lineno"> 51</tt> <tt class="py-line"> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_pubkey</tt> <tt class="py-op">=</tt> <tt class="py-name">pubkey</tt> </tt>
</div><a name="L52"></a><tt class="py-lineno"> 52</tt> <tt class="py-line"> </tt>
<a name="OpenSSLVerifier.verify"></a><div id="OpenSSLVerifier.verify-def"><a name="L53"></a><tt class="py-lineno"> 53</tt> <a class="py-toggle" href="#" id="OpenSSLVerifier.verify-toggle" onclick="return toggle('OpenSSLVerifier.verify');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLVerifier-class.html#verify">verify</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">message</tt><tt class="py-op">,</tt> <tt class="py-param">signature</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLVerifier.verify-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLVerifier.verify-expanded"><a name="L54"></a><tt class="py-lineno"> 54</tt> <tt class="py-line"> <tt class="py-docstring">"""Verifies a message against a signature.</tt> </tt>
<a name="L55"></a><tt class="py-lineno"> 55</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L56"></a><tt class="py-lineno"> 56</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
<a name="L57"></a><tt class="py-lineno"> 57</tt> <tt class="py-line"><tt class="py-docstring"> message: string, The message to verify.</tt> </tt>
<a name="L58"></a><tt class="py-lineno"> 58</tt> <tt class="py-line"><tt class="py-docstring"> signature: string, The signature on the message.</tt> </tt>
<a name="L59"></a><tt class="py-lineno"> 59</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L60"></a><tt class="py-lineno"> 60</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
<a name="L61"></a><tt class="py-lineno"> 61</tt> <tt class="py-line"><tt class="py-docstring"> True if message was signed by the private key associated with the public</tt> </tt>
<a name="L62"></a><tt class="py-lineno"> 62</tt> <tt class="py-line"><tt class="py-docstring"> key that this object was constructed with.</tt> </tt>
<a name="L63"></a><tt class="py-lineno"> 63</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
<a name="L64"></a><tt class="py-lineno"> 64</tt> <tt class="py-line"> <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L65"></a><tt class="py-lineno"> 65</tt> <tt class="py-line"> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">verify</tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_pubkey</tt><tt class="py-op">,</tt> <tt class="py-name">signature</tt><tt class="py-op">,</tt> <tt class="py-name">message</tt><tt class="py-op">,</tt> <tt class="py-string">'sha256'</tt><tt class="py-op">)</tt> </tt>
<a name="L66"></a><tt class="py-lineno"> 66</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">True</tt> </tt>
<a name="L67"></a><tt class="py-lineno"> 67</tt> <tt class="py-line"> <tt class="py-keyword">except</tt><tt class="py-op">:</tt> </tt>
<a name="L68"></a><tt class="py-lineno"> 68</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">False</tt> </tt>
</div><a name="L69"></a><tt class="py-lineno"> 69</tt> <tt class="py-line"> </tt>
<a name="L70"></a><tt class="py-lineno"> 70</tt> <tt class="py-line"> <tt class="py-decorator">@</tt><tt class="py-decorator">staticmethod</tt> </tt>
<a name="OpenSSLVerifier.from_string"></a><div id="OpenSSLVerifier.from_string-def"><a name="L71"></a><tt class="py-lineno"> 71</tt> <a class="py-toggle" href="#" id="OpenSSLVerifier.from_string-toggle" onclick="return toggle('OpenSSLVerifier.from_string');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLVerifier-class.html#from_string">from_string</a><tt class="py-op">(</tt><tt class="py-param">key_pem</tt><tt class="py-op">,</tt> <tt class="py-param">is_x509_cert</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLVerifier.from_string-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLVerifier.from_string-expanded"><a name="L72"></a><tt class="py-lineno"> 72</tt> <tt class="py-line"> <tt class="py-docstring">"""Construct a Verified instance from a string.</tt> </tt>
<a name="L73"></a><tt class="py-lineno"> 73</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L74"></a><tt class="py-lineno"> 74</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
<a name="L75"></a><tt class="py-lineno"> 75</tt> <tt class="py-line"><tt class="py-docstring"> key_pem: string, public key in PEM format.</tt> </tt>
<a name="L76"></a><tt class="py-lineno"> 76</tt> <tt class="py-line"><tt class="py-docstring"> is_x509_cert: bool, True if key_pem is an X509 cert, otherwise it is</tt> </tt>
<a name="L77"></a><tt class="py-lineno"> 77</tt> <tt class="py-line"><tt class="py-docstring"> expected to be an RSA key in PEM format.</tt> </tt>
<a name="L78"></a><tt class="py-lineno"> 78</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L79"></a><tt class="py-lineno"> 79</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
<a name="L80"></a><tt class="py-lineno"> 80</tt> <tt class="py-line"><tt class="py-docstring"> Verifier instance.</tt> </tt>
<a name="L81"></a><tt class="py-lineno"> 81</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L82"></a><tt class="py-lineno"> 82</tt> <tt class="py-line"><tt class="py-docstring"> Raises:</tt> </tt>
<a name="L83"></a><tt class="py-lineno"> 83</tt> <tt class="py-line"><tt class="py-docstring"> OpenSSL.crypto.Error if the key_pem can't be parsed.</tt> </tt>
<a name="L84"></a><tt class="py-lineno"> 84</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
<a name="L85"></a><tt class="py-lineno"> 85</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">is_x509_cert</tt><tt class="py-op">:</tt> </tt>
<a name="L86"></a><tt class="py-lineno"> 86</tt> <tt class="py-line"> <tt class="py-name">pubkey</tt> <tt class="py-op">=</tt> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">load_certificate</tt><tt class="py-op">(</tt><tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">FILETYPE_PEM</tt><tt class="py-op">,</tt> <tt class="py-name">key_pem</tt><tt class="py-op">)</tt> </tt>
<a name="L87"></a><tt class="py-lineno"> 87</tt> <tt class="py-line"> <tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
<a name="L88"></a><tt class="py-lineno"> 88</tt> <tt class="py-line"> <tt class="py-name">pubkey</tt> <tt class="py-op">=</tt> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">load_privatekey</tt><tt class="py-op">(</tt><tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">FILETYPE_PEM</tt><tt class="py-op">,</tt> <tt class="py-name">key_pem</tt><tt class="py-op">)</tt> </tt>
<a name="L89"></a><tt class="py-lineno"> 89</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt id="link-5" class="py-name" targets="Variable oauth2client.crypt.OpenSSLVerifier=oauth2client.crypt-module.html#OpenSSLVerifier"><a title="oauth2client.crypt.OpenSSLVerifier" class="py-name" href="#" onclick="return doclink('link-5', 'OpenSSLVerifier', 'link-5');">OpenSSLVerifier</a></tt><tt class="py-op">(</tt><tt class="py-name">pubkey</tt><tt class="py-op">)</tt> </tt>
</div></div><a name="L90"></a><tt class="py-lineno"> 90</tt> <tt class="py-line"> </tt>
<a name="OpenSSLSigner"></a><div id="OpenSSLSigner-def"><a name="L91"></a><tt class="py-lineno"> 91</tt> <tt class="py-line"> </tt>
<a name="L92"></a><tt class="py-lineno"> 92</tt> <a class="py-toggle" href="#" id="OpenSSLSigner-toggle" onclick="return toggle('OpenSSLSigner');">-</a><tt class="py-line"> <tt class="py-keyword">class</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLSigner-class.html">OpenSSLSigner</a><tt class="py-op">(</tt><tt class="py-base-class">object</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLSigner-collapsed" style="display:none;" pad="+++" indent="++++++"></div><div id="OpenSSLSigner-expanded"><a name="L93"></a><tt class="py-lineno"> 93</tt> <tt class="py-line"> <tt class="py-docstring">"""Signs messages with a private key."""</tt> </tt>
<a name="L94"></a><tt class="py-lineno"> 94</tt> <tt class="py-line"> </tt>
<a name="OpenSSLSigner.__init__"></a><div id="OpenSSLSigner.__init__-def"><a name="L95"></a><tt class="py-lineno"> 95</tt> <a class="py-toggle" href="#" id="OpenSSLSigner.__init__-toggle" onclick="return toggle('OpenSSLSigner.__init__');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLSigner-class.html#__init__">__init__</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">pkey</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLSigner.__init__-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLSigner.__init__-expanded"><a name="L96"></a><tt class="py-lineno"> 96</tt> <tt class="py-line"> <tt class="py-docstring">"""Constructor.</tt> </tt>
<a name="L97"></a><tt class="py-lineno"> 97</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L98"></a><tt class="py-lineno"> 98</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
<a name="L99"></a><tt class="py-lineno"> 99</tt> <tt class="py-line"><tt class="py-docstring"> pkey, OpenSSL.crypto.PKey (or equiv), The private key to sign with.</tt> </tt>
<a name="L100"></a><tt class="py-lineno">100</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
<a name="L101"></a><tt class="py-lineno">101</tt> <tt class="py-line"> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_key</tt> <tt class="py-op">=</tt> <tt class="py-name">pkey</tt> </tt>
</div><a name="L102"></a><tt class="py-lineno">102</tt> <tt class="py-line"> </tt>
<a name="OpenSSLSigner.sign"></a><div id="OpenSSLSigner.sign-def"><a name="L103"></a><tt class="py-lineno">103</tt> <a class="py-toggle" href="#" id="OpenSSLSigner.sign-toggle" onclick="return toggle('OpenSSLSigner.sign');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLSigner-class.html#sign">sign</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">message</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLSigner.sign-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLSigner.sign-expanded"><a name="L104"></a><tt class="py-lineno">104</tt> <tt class="py-line"> <tt class="py-docstring">"""Signs a message.</tt> </tt>
<a name="L105"></a><tt class="py-lineno">105</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L106"></a><tt class="py-lineno">106</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
<a name="L107"></a><tt class="py-lineno">107</tt> <tt class="py-line"><tt class="py-docstring"> message: string, Message to be signed.</tt> </tt>
<a name="L108"></a><tt class="py-lineno">108</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L109"></a><tt class="py-lineno">109</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
<a name="L110"></a><tt class="py-lineno">110</tt> <tt class="py-line"><tt class="py-docstring"> string, The signature of the message for the given key.</tt> </tt>
<a name="L111"></a><tt class="py-lineno">111</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
<a name="L112"></a><tt class="py-lineno">112</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">sign</tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_key</tt><tt class="py-op">,</tt> <tt class="py-name">message</tt><tt class="py-op">,</tt> <tt class="py-string">'sha256'</tt><tt class="py-op">)</tt> </tt>
</div><a name="L113"></a><tt class="py-lineno">113</tt> <tt class="py-line"> </tt>
<a name="L114"></a><tt class="py-lineno">114</tt> <tt class="py-line"> <tt class="py-decorator">@</tt><tt class="py-decorator">staticmethod</tt> </tt>
<a name="OpenSSLSigner.from_string"></a><div id="OpenSSLSigner.from_string-def"><a name="L115"></a><tt class="py-lineno">115</tt> <a class="py-toggle" href="#" id="OpenSSLSigner.from_string-toggle" onclick="return toggle('OpenSSLSigner.from_string');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLSigner-class.html#from_string">from_string</a><tt class="py-op">(</tt><tt class="py-param">key</tt><tt class="py-op">,</tt> <tt class="py-param">password</tt><tt class="py-op">=</tt><tt class="py-string">'notasecret'</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="OpenSSLSigner.from_string-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLSigner.from_string-expanded"><a name="L116"></a><tt class="py-lineno">116</tt> <tt class="py-line"> <tt class="py-docstring">"""Construct a Signer instance from a string.</tt> </tt>
<a name="L117"></a><tt class="py-lineno">117</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L118"></a><tt class="py-lineno">118</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
<a name="L119"></a><tt class="py-lineno">119</tt> <tt class="py-line"><tt class="py-docstring"> key: string, private key in PKCS12 or PEM format.</tt> </tt>
<a name="L120"></a><tt class="py-lineno">120</tt> <tt class="py-line"><tt class="py-docstring"> password: string, password for the private key file.</tt> </tt>
<a name="L121"></a><tt class="py-lineno">121</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L122"></a><tt class="py-lineno">122</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
<a name="L123"></a><tt class="py-lineno">123</tt> <tt class="py-line"><tt class="py-docstring"> Signer instance.</tt> </tt>
<a name="L124"></a><tt class="py-lineno">124</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L125"></a><tt class="py-lineno">125</tt> <tt class="py-line"><tt class="py-docstring"> Raises:</tt> </tt>
<a name="L126"></a><tt class="py-lineno">126</tt> <tt class="py-line"><tt class="py-docstring"> OpenSSL.crypto.Error if the key can't be parsed.</tt> </tt>
<a name="L127"></a><tt class="py-lineno">127</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
<a name="L128"></a><tt class="py-lineno">128</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">key</tt><tt class="py-op">.</tt><tt class="py-name">startswith</tt><tt class="py-op">(</tt><tt class="py-string">'-----BEGIN '</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L129"></a><tt class="py-lineno">129</tt> <tt class="py-line"> <tt class="py-name">pkey</tt> <tt class="py-op">=</tt> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">load_privatekey</tt><tt class="py-op">(</tt><tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">FILETYPE_PEM</tt><tt class="py-op">,</tt> <tt class="py-name">key</tt><tt class="py-op">)</tt> </tt>
<a name="L130"></a><tt class="py-lineno">130</tt> <tt class="py-line"> <tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
<a name="L131"></a><tt class="py-lineno">131</tt> <tt class="py-line"> <tt class="py-name">pkey</tt> <tt class="py-op">=</tt> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">load_pkcs12</tt><tt class="py-op">(</tt><tt class="py-name">key</tt><tt class="py-op">,</tt> <tt class="py-name">password</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt class="py-name">get_privatekey</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L132"></a><tt class="py-lineno">132</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt id="link-6" class="py-name" targets="Variable oauth2client.crypt.OpenSSLSigner=oauth2client.crypt-module.html#OpenSSLSigner"><a title="oauth2client.crypt.OpenSSLSigner" class="py-name" href="#" onclick="return doclink('link-6', 'OpenSSLSigner', 'link-6');">OpenSSLSigner</a></tt><tt class="py-op">(</tt><tt class="py-name">pkey</tt><tt class="py-op">)</tt> </tt>
</div></div><a name="L133"></a><tt class="py-lineno">133</tt> <tt class="py-line"> </tt>
<a name="L134"></a><tt class="py-lineno">134</tt> <tt class="py-line"><tt class="py-keyword">except</tt> <tt class="py-name">ImportError</tt><tt class="py-op">:</tt> </tt>
<a name="L135"></a><tt class="py-lineno">135</tt> <tt class="py-line"> <tt id="link-7" class="py-name"><a title="oauth2client.crypt.OpenSSLVerifier" class="py-name" href="#" onclick="return doclink('link-7', 'OpenSSLVerifier', 'link-5');">OpenSSLVerifier</a></tt> <tt class="py-op">=</tt> <tt class="py-name">None</tt> </tt>
<a name="L136"></a><tt class="py-lineno">136</tt> <tt class="py-line"> <tt id="link-8" class="py-name"><a title="oauth2client.crypt.OpenSSLSigner" class="py-name" href="#" onclick="return doclink('link-8', 'OpenSSLSigner', 'link-6');">OpenSSLSigner</a></tt> <tt class="py-op">=</tt> <tt class="py-name">None</tt> </tt>
<a name="L137"></a><tt class="py-lineno">137</tt> <tt class="py-line"> </tt>
<a name="L138"></a><tt class="py-lineno">138</tt> <tt class="py-line"> </tt>
<a name="L139"></a><tt class="py-lineno">139</tt> <tt class="py-line"><tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L140"></a><tt class="py-lineno">140</tt> <tt class="py-line"> <tt class="py-keyword">from</tt> <tt class="py-name">Crypto</tt><tt class="py-op">.</tt><tt class="py-name">PublicKey</tt> <tt class="py-keyword">import</tt> <tt class="py-name">RSA</tt> </tt>
<a name="L141"></a><tt class="py-lineno">141</tt> <tt class="py-line"> <tt class="py-keyword">from</tt> <tt class="py-name">Crypto</tt><tt class="py-op">.</tt><tt class="py-name">Hash</tt> <tt class="py-keyword">import</tt> <tt class="py-name">SHA256</tt> </tt>
<a name="L142"></a><tt class="py-lineno">142</tt> <tt class="py-line"> <tt class="py-keyword">from</tt> <tt class="py-name">Crypto</tt><tt class="py-op">.</tt><tt class="py-name">Signature</tt> <tt class="py-keyword">import</tt> <tt class="py-name">PKCS1_v1_5</tt> </tt>
<a name="PyCryptoVerifier"></a><div id="PyCryptoVerifier-def"><a name="L143"></a><tt class="py-lineno">143</tt> <tt class="py-line"> </tt>
<a name="L144"></a><tt class="py-lineno">144</tt> <tt class="py-line"> </tt>
<a name="L145"></a><tt class="py-lineno">145</tt> <a class="py-toggle" href="#" id="PyCryptoVerifier-toggle" onclick="return toggle('PyCryptoVerifier');">-</a><tt class="py-line"> <tt class="py-keyword">class</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoVerifier-class.html">PyCryptoVerifier</a><tt class="py-op">(</tt><tt class="py-base-class">object</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoVerifier-collapsed" style="display:none;" pad="+++" indent="++++++"></div><div id="PyCryptoVerifier-expanded"><a name="L146"></a><tt class="py-lineno">146</tt> <tt class="py-line"> <tt class="py-docstring">"""Verifies the signature on a message."""</tt> </tt>
<a name="L147"></a><tt class="py-lineno">147</tt> <tt class="py-line"> </tt>
<a name="PyCryptoVerifier.__init__"></a><div id="PyCryptoVerifier.__init__-def"><a name="L148"></a><tt class="py-lineno">148</tt> <a class="py-toggle" href="#" id="PyCryptoVerifier.__init__-toggle" onclick="return toggle('PyCryptoVerifier.__init__');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoVerifier-class.html#__init__">__init__</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">pubkey</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoVerifier.__init__-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoVerifier.__init__-expanded"><a name="L149"></a><tt class="py-lineno">149</tt> <tt class="py-line"> <tt class="py-docstring">"""Constructor.</tt> </tt>
<a name="L150"></a><tt class="py-lineno">150</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L151"></a><tt class="py-lineno">151</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
<a name="L152"></a><tt class="py-lineno">152</tt> <tt class="py-line"><tt class="py-docstring"> pubkey, OpenSSL.crypto.PKey (or equiv), The public key to verify with.</tt> </tt>
<a name="L153"></a><tt class="py-lineno">153</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
<a name="L154"></a><tt class="py-lineno">154</tt> <tt class="py-line"> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_pubkey</tt> <tt class="py-op">=</tt> <tt class="py-name">pubkey</tt> </tt>
</div><a name="L155"></a><tt class="py-lineno">155</tt> <tt class="py-line"> </tt>
<a name="PyCryptoVerifier.verify"></a><div id="PyCryptoVerifier.verify-def"><a name="L156"></a><tt class="py-lineno">156</tt> <a class="py-toggle" href="#" id="PyCryptoVerifier.verify-toggle" onclick="return toggle('PyCryptoVerifier.verify');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoVerifier-class.html#verify">verify</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">message</tt><tt class="py-op">,</tt> <tt class="py-param">signature</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoVerifier.verify-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoVerifier.verify-expanded"><a name="L157"></a><tt class="py-lineno">157</tt> <tt class="py-line"> <tt class="py-docstring">"""Verifies a message against a signature.</tt> </tt>
<a name="L158"></a><tt class="py-lineno">158</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L159"></a><tt class="py-lineno">159</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
<a name="L160"></a><tt class="py-lineno">160</tt> <tt class="py-line"><tt class="py-docstring"> message: string, The message to verify.</tt> </tt>
<a name="L161"></a><tt class="py-lineno">161</tt> <tt class="py-line"><tt class="py-docstring"> signature: string, The signature on the message.</tt> </tt>
<a name="L162"></a><tt class="py-lineno">162</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L163"></a><tt class="py-lineno">163</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
<a name="L164"></a><tt class="py-lineno">164</tt> <tt class="py-line"><tt class="py-docstring"> True if message was signed by the private key associated with the public</tt> </tt>
<a name="L165"></a><tt class="py-lineno">165</tt> <tt class="py-line"><tt class="py-docstring"> key that this object was constructed with.</tt> </tt>
<a name="L166"></a><tt class="py-lineno">166</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
<a name="L167"></a><tt class="py-lineno">167</tt> <tt class="py-line"> <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L168"></a><tt class="py-lineno">168</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">PKCS1_v1_5</tt><tt class="py-op">.</tt><tt class="py-name">new</tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_pubkey</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt class="py-name">verify</tt><tt class="py-op">(</tt> </tt>
<a name="L169"></a><tt class="py-lineno">169</tt> <tt class="py-line"> <tt class="py-name">SHA256</tt><tt class="py-op">.</tt><tt class="py-name">new</tt><tt class="py-op">(</tt><tt class="py-name">message</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> <tt class="py-name">signature</tt><tt class="py-op">)</tt> </tt>
<a name="L170"></a><tt class="py-lineno">170</tt> <tt class="py-line"> <tt class="py-keyword">except</tt><tt class="py-op">:</tt> </tt>
<a name="L171"></a><tt class="py-lineno">171</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">False</tt> </tt>
</div><a name="L172"></a><tt class="py-lineno">172</tt> <tt class="py-line"> </tt>
<a name="L173"></a><tt class="py-lineno">173</tt> <tt class="py-line"> <tt class="py-decorator">@</tt><tt class="py-decorator">staticmethod</tt> </tt>
<a name="PyCryptoVerifier.from_string"></a><div id="PyCryptoVerifier.from_string-def"><a name="L174"></a><tt class="py-lineno">174</tt> <a class="py-toggle" href="#" id="PyCryptoVerifier.from_string-toggle" onclick="return toggle('PyCryptoVerifier.from_string');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoVerifier-class.html#from_string">from_string</a><tt class="py-op">(</tt><tt class="py-param">key_pem</tt><tt class="py-op">,</tt> <tt class="py-param">is_x509_cert</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoVerifier.from_string-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoVerifier.from_string-expanded"><a name="L175"></a><tt class="py-lineno">175</tt> <tt class="py-line"> <tt class="py-docstring">"""Construct a Verified instance from a string.</tt> </tt>
<a name="L176"></a><tt class="py-lineno">176</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L177"></a><tt class="py-lineno">177</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
<a name="L178"></a><tt class="py-lineno">178</tt> <tt class="py-line"><tt class="py-docstring"> key_pem: string, public key in PEM format.</tt> </tt>
<a name="L179"></a><tt class="py-lineno">179</tt> <tt class="py-line"><tt class="py-docstring"> is_x509_cert: bool, True if key_pem is an X509 cert, otherwise it is</tt> </tt>
<a name="L180"></a><tt class="py-lineno">180</tt> <tt class="py-line"><tt class="py-docstring"> expected to be an RSA key in PEM format.</tt> </tt>
<a name="L181"></a><tt class="py-lineno">181</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L182"></a><tt class="py-lineno">182</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
<a name="L183"></a><tt class="py-lineno">183</tt> <tt class="py-line"><tt class="py-docstring"> Verifier instance.</tt> </tt>
<a name="L184"></a><tt class="py-lineno">184</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L185"></a><tt class="py-lineno">185</tt> <tt class="py-line"><tt class="py-docstring"> Raises:</tt> </tt>
<a name="L186"></a><tt class="py-lineno">186</tt> <tt class="py-line"><tt class="py-docstring"> NotImplementedError if is_x509_cert is true.</tt> </tt>
<a name="L187"></a><tt class="py-lineno">187</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
<a name="L188"></a><tt class="py-lineno">188</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">is_x509_cert</tt><tt class="py-op">:</tt> </tt>
<a name="L189"></a><tt class="py-lineno">189</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt class="py-name">NotImplementedError</tt><tt class="py-op">(</tt> </tt>
<a name="L190"></a><tt class="py-lineno">190</tt> <tt class="py-line"> <tt class="py-string">'X509 certs are not supported by the PyCrypto library. '</tt> </tt>
<a name="L191"></a><tt class="py-lineno">191</tt> <tt class="py-line"> <tt class="py-string">'Try using PyOpenSSL if native code is an option.'</tt><tt class="py-op">)</tt> </tt>
<a name="L192"></a><tt class="py-lineno">192</tt> <tt class="py-line"> <tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
<a name="L193"></a><tt class="py-lineno">193</tt> <tt class="py-line"> <tt class="py-name">pubkey</tt> <tt class="py-op">=</tt> <tt class="py-name">RSA</tt><tt class="py-op">.</tt><tt class="py-name">importKey</tt><tt class="py-op">(</tt><tt class="py-name">key_pem</tt><tt class="py-op">)</tt> </tt>
<a name="L194"></a><tt class="py-lineno">194</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt id="link-9" class="py-name" targets="Variable oauth2client.crypt.PyCryptoVerifier=oauth2client.crypt-module.html#PyCryptoVerifier"><a title="oauth2client.crypt.PyCryptoVerifier" class="py-name" href="#" onclick="return doclink('link-9', 'PyCryptoVerifier', 'link-9');">PyCryptoVerifier</a></tt><tt class="py-op">(</tt><tt class="py-name">pubkey</tt><tt class="py-op">)</tt> </tt>
</div></div><a name="L195"></a><tt class="py-lineno">195</tt> <tt class="py-line"> </tt>
<a name="PyCryptoSigner"></a><div id="PyCryptoSigner-def"><a name="L196"></a><tt class="py-lineno">196</tt> <tt class="py-line"> </tt>
<a name="L197"></a><tt class="py-lineno">197</tt> <a class="py-toggle" href="#" id="PyCryptoSigner-toggle" onclick="return toggle('PyCryptoSigner');">-</a><tt class="py-line"> <tt class="py-keyword">class</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoSigner-class.html">PyCryptoSigner</a><tt class="py-op">(</tt><tt class="py-base-class">object</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoSigner-collapsed" style="display:none;" pad="+++" indent="++++++"></div><div id="PyCryptoSigner-expanded"><a name="L198"></a><tt class="py-lineno">198</tt> <tt class="py-line"> <tt class="py-docstring">"""Signs messages with a private key."""</tt> </tt>
<a name="L199"></a><tt class="py-lineno">199</tt> <tt class="py-line"> </tt>
<a name="PyCryptoSigner.__init__"></a><div id="PyCryptoSigner.__init__-def"><a name="L200"></a><tt class="py-lineno">200</tt> <a class="py-toggle" href="#" id="PyCryptoSigner.__init__-toggle" onclick="return toggle('PyCryptoSigner.__init__');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoSigner-class.html#__init__">__init__</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">pkey</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoSigner.__init__-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoSigner.__init__-expanded"><a name="L201"></a><tt class="py-lineno">201</tt> <tt class="py-line"> <tt class="py-docstring">"""Constructor.</tt> </tt>
<a name="L202"></a><tt class="py-lineno">202</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L203"></a><tt class="py-lineno">203</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
<a name="L204"></a><tt class="py-lineno">204</tt> <tt class="py-line"><tt class="py-docstring"> pkey, OpenSSL.crypto.PKey (or equiv), The private key to sign with.</tt> </tt>
<a name="L205"></a><tt class="py-lineno">205</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
<a name="L206"></a><tt class="py-lineno">206</tt> <tt class="py-line"> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_key</tt> <tt class="py-op">=</tt> <tt class="py-name">pkey</tt> </tt>
</div><a name="L207"></a><tt class="py-lineno">207</tt> <tt class="py-line"> </tt>
<a name="PyCryptoSigner.sign"></a><div id="PyCryptoSigner.sign-def"><a name="L208"></a><tt class="py-lineno">208</tt> <a class="py-toggle" href="#" id="PyCryptoSigner.sign-toggle" onclick="return toggle('PyCryptoSigner.sign');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoSigner-class.html#sign">sign</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">message</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoSigner.sign-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoSigner.sign-expanded"><a name="L209"></a><tt class="py-lineno">209</tt> <tt class="py-line"> <tt class="py-docstring">"""Signs a message.</tt> </tt>
<a name="L210"></a><tt class="py-lineno">210</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L211"></a><tt class="py-lineno">211</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
<a name="L212"></a><tt class="py-lineno">212</tt> <tt class="py-line"><tt class="py-docstring"> message: string, Message to be signed.</tt> </tt>
<a name="L213"></a><tt class="py-lineno">213</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L214"></a><tt class="py-lineno">214</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
<a name="L215"></a><tt class="py-lineno">215</tt> <tt class="py-line"><tt class="py-docstring"> string, The signature of the message for the given key.</tt> </tt>
<a name="L216"></a><tt class="py-lineno">216</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
<a name="L217"></a><tt class="py-lineno">217</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">PKCS1_v1_5</tt><tt class="py-op">.</tt><tt class="py-name">new</tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_key</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt class="py-name">sign</tt><tt class="py-op">(</tt><tt class="py-name">SHA256</tt><tt class="py-op">.</tt><tt class="py-name">new</tt><tt class="py-op">(</tt><tt class="py-name">message</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
</div><a name="L218"></a><tt class="py-lineno">218</tt> <tt class="py-line"> </tt>
<a name="L219"></a><tt class="py-lineno">219</tt> <tt class="py-line"> <tt class="py-decorator">@</tt><tt class="py-decorator">staticmethod</tt> </tt>
<a name="PyCryptoSigner.from_string"></a><div id="PyCryptoSigner.from_string-def"><a name="L220"></a><tt class="py-lineno">220</tt> <a class="py-toggle" href="#" id="PyCryptoSigner.from_string-toggle" onclick="return toggle('PyCryptoSigner.from_string');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoSigner-class.html#from_string">from_string</a><tt class="py-op">(</tt><tt class="py-param">key</tt><tt class="py-op">,</tt> <tt class="py-param">password</tt><tt class="py-op">=</tt><tt class="py-string">'notasecret'</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="PyCryptoSigner.from_string-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoSigner.from_string-expanded"><a name="L221"></a><tt class="py-lineno">221</tt> <tt class="py-line"> <tt class="py-docstring">"""Construct a Signer instance from a string.</tt> </tt>
<a name="L222"></a><tt class="py-lineno">222</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L223"></a><tt class="py-lineno">223</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
<a name="L224"></a><tt class="py-lineno">224</tt> <tt class="py-line"><tt class="py-docstring"> key: string, private key in PEM format.</tt> </tt>
<a name="L225"></a><tt class="py-lineno">225</tt> <tt class="py-line"><tt class="py-docstring"> password: string, password for private key file. Unused for PEM files.</tt> </tt>
<a name="L226"></a><tt class="py-lineno">226</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L227"></a><tt class="py-lineno">227</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
<a name="L228"></a><tt class="py-lineno">228</tt> <tt class="py-line"><tt class="py-docstring"> Signer instance.</tt> </tt>
<a name="L229"></a><tt class="py-lineno">229</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L230"></a><tt class="py-lineno">230</tt> <tt class="py-line"><tt class="py-docstring"> Raises:</tt> </tt>
<a name="L231"></a><tt class="py-lineno">231</tt> <tt class="py-line"><tt class="py-docstring"> NotImplementedError if they key isn't in PEM format.</tt> </tt>
<a name="L232"></a><tt class="py-lineno">232</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
<a name="L233"></a><tt class="py-lineno">233</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">key</tt><tt class="py-op">.</tt><tt class="py-name">startswith</tt><tt class="py-op">(</tt><tt class="py-string">'-----BEGIN '</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L234"></a><tt class="py-lineno">234</tt> <tt class="py-line"> <tt class="py-name">pkey</tt> <tt class="py-op">=</tt> <tt class="py-name">RSA</tt><tt class="py-op">.</tt><tt class="py-name">importKey</tt><tt class="py-op">(</tt><tt class="py-name">key</tt><tt class="py-op">)</tt> </tt>
<a name="L235"></a><tt class="py-lineno">235</tt> <tt class="py-line"> <tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
<a name="L236"></a><tt class="py-lineno">236</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt class="py-name">NotImplementedError</tt><tt class="py-op">(</tt> </tt>
<a name="L237"></a><tt class="py-lineno">237</tt> <tt class="py-line"> <tt class="py-string">'PKCS12 format is not supported by the PyCrpto library. '</tt> </tt>
<a name="L238"></a><tt class="py-lineno">238</tt> <tt class="py-line"> <tt class="py-string">'Try converting to a "PEM" '</tt> </tt>
<a name="L239"></a><tt class="py-lineno">239</tt> <tt class="py-line"> <tt class="py-string">'(openssl pkcs12 -in xxxxx.p12 -nodes -nocerts &gt; privatekey.pem) '</tt> </tt>
<a name="L240"></a><tt class="py-lineno">240</tt> <tt class="py-line"> <tt class="py-string">'or using PyOpenSSL if native code is an option.'</tt><tt class="py-op">)</tt> </tt>
<a name="L241"></a><tt class="py-lineno">241</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt id="link-10" class="py-name" targets="Variable oauth2client.crypt.PyCryptoSigner=oauth2client.crypt-module.html#PyCryptoSigner"><a title="oauth2client.crypt.PyCryptoSigner" class="py-name" href="#" onclick="return doclink('link-10', 'PyCryptoSigner', 'link-10');">PyCryptoSigner</a></tt><tt class="py-op">(</tt><tt class="py-name">pkey</tt><tt class="py-op">)</tt> </tt>
</div></div><a name="L242"></a><tt class="py-lineno">242</tt> <tt class="py-line"> </tt>
<a name="L243"></a><tt class="py-lineno">243</tt> <tt class="py-line"><tt class="py-keyword">except</tt> <tt class="py-name">ImportError</tt><tt class="py-op">:</tt> </tt>
<a name="L244"></a><tt class="py-lineno">244</tt> <tt class="py-line"> <tt id="link-11" class="py-name"><a title="oauth2client.crypt.PyCryptoVerifier" class="py-name" href="#" onclick="return doclink('link-11', 'PyCryptoVerifier', 'link-9');">PyCryptoVerifier</a></tt> <tt class="py-op">=</tt> <tt class="py-name">None</tt> </tt>
<a name="L245"></a><tt class="py-lineno">245</tt> <tt class="py-line"> <tt id="link-12" class="py-name"><a title="oauth2client.crypt.PyCryptoSigner" class="py-name" href="#" onclick="return doclink('link-12', 'PyCryptoSigner', 'link-10');">PyCryptoSigner</a></tt> <tt class="py-op">=</tt> <tt class="py-name">None</tt> </tt>
<a name="L246"></a><tt class="py-lineno">246</tt> <tt class="py-line"> </tt>
<a name="L247"></a><tt class="py-lineno">247</tt> <tt class="py-line"> </tt>
<a name="L248"></a><tt class="py-lineno">248</tt> <tt class="py-line"><tt class="py-keyword">if</tt> <tt id="link-13" class="py-name"><a title="oauth2client.crypt.OpenSSLSigner" class="py-name" href="#" onclick="return doclink('link-13', 'OpenSSLSigner', 'link-6');">OpenSSLSigner</a></tt><tt class="py-op">:</tt> </tt>
<a name="L249"></a><tt class="py-lineno">249</tt> <tt class="py-line"> <tt id="link-14" class="py-name" targets="Variable oauth2client.crypt.Signer=oauth2client.crypt-module.html#Signer"><a title="oauth2client.crypt.Signer" class="py-name" href="#" onclick="return doclink('link-14', 'Signer', 'link-14');">Signer</a></tt> <tt class="py-op">=</tt> <tt id="link-15" class="py-name"><a title="oauth2client.crypt.OpenSSLSigner" class="py-name" href="#" onclick="return doclink('link-15', 'OpenSSLSigner', 'link-6');">OpenSSLSigner</a></tt> </tt>
<a name="L250"></a><tt class="py-lineno">250</tt> <tt class="py-line"> <tt id="link-16" class="py-name" targets="Variable oauth2client.crypt.Verifier=oauth2client.crypt-module.html#Verifier"><a title="oauth2client.crypt.Verifier" class="py-name" href="#" onclick="return doclink('link-16', 'Verifier', 'link-16');">Verifier</a></tt> <tt class="py-op">=</tt> <tt id="link-17" class="py-name"><a title="oauth2client.crypt.OpenSSLVerifier" class="py-name" href="#" onclick="return doclink('link-17', 'OpenSSLVerifier', 'link-5');">OpenSSLVerifier</a></tt> </tt>
<a name="L251"></a><tt class="py-lineno">251</tt> <tt class="py-line"><tt class="py-keyword">elif</tt> <tt id="link-18" class="py-name"><a title="oauth2client.crypt.PyCryptoSigner" class="py-name" href="#" onclick="return doclink('link-18', 'PyCryptoSigner', 'link-10');">PyCryptoSigner</a></tt><tt class="py-op">:</tt> </tt>
<a name="L252"></a><tt class="py-lineno">252</tt> <tt class="py-line"> <tt id="link-19" class="py-name"><a title="oauth2client.crypt.Signer" class="py-name" href="#" onclick="return doclink('link-19', 'Signer', 'link-14');">Signer</a></tt> <tt class="py-op">=</tt> <tt id="link-20" class="py-name"><a title="oauth2client.crypt.PyCryptoSigner" class="py-name" href="#" onclick="return doclink('link-20', 'PyCryptoSigner', 'link-10');">PyCryptoSigner</a></tt> </tt>
<a name="L253"></a><tt class="py-lineno">253</tt> <tt class="py-line"> <tt id="link-21" class="py-name"><a title="oauth2client.crypt.Verifier" class="py-name" href="#" onclick="return doclink('link-21', 'Verifier', 'link-16');">Verifier</a></tt> <tt class="py-op">=</tt> <tt id="link-22" class="py-name"><a title="oauth2client.crypt.PyCryptoVerifier" class="py-name" href="#" onclick="return doclink('link-22', 'PyCryptoVerifier', 'link-9');">PyCryptoVerifier</a></tt> </tt>
<a name="L254"></a><tt class="py-lineno">254</tt> <tt class="py-line"><tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
<a name="L255"></a><tt class="py-lineno">255</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt class="py-name">ImportError</tt><tt class="py-op">(</tt><tt class="py-string">'No encryption library found. Please install either '</tt> </tt>
<a name="L256"></a><tt class="py-lineno">256</tt> <tt class="py-line"> <tt class="py-string">'PyOpenSSL, or PyCrypto 2.6 or later'</tt><tt class="py-op">)</tt> </tt>
<a name="_urlsafe_b64encode"></a><div id="_urlsafe_b64encode-def"><a name="L257"></a><tt class="py-lineno">257</tt> <tt class="py-line"> </tt>
<a name="L258"></a><tt class="py-lineno">258</tt> <tt class="py-line"> </tt>
<a name="L259"></a><tt class="py-lineno">259</tt> <a class="py-toggle" href="#" id="_urlsafe_b64encode-toggle" onclick="return toggle('_urlsafe_b64encode');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt-module.html#_urlsafe_b64encode">_urlsafe_b64encode</a><tt class="py-op">(</tt><tt class="py-param">raw_bytes</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="_urlsafe_b64encode-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="_urlsafe_b64encode-expanded"><a name="L260"></a><tt class="py-lineno">260</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">base64</tt><tt class="py-op">.</tt><tt class="py-name">urlsafe_b64encode</tt><tt class="py-op">(</tt><tt class="py-name">raw_bytes</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt class="py-name">rstrip</tt><tt class="py-op">(</tt><tt class="py-string">'='</tt><tt class="py-op">)</tt> </tt>
</div><a name="L261"></a><tt class="py-lineno">261</tt> <tt class="py-line"> </tt>
<a name="_urlsafe_b64decode"></a><div id="_urlsafe_b64decode-def"><a name="L262"></a><tt class="py-lineno">262</tt> <tt class="py-line"> </tt>
<a name="L263"></a><tt class="py-lineno">263</tt> <a class="py-toggle" href="#" id="_urlsafe_b64decode-toggle" onclick="return toggle('_urlsafe_b64decode');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt-module.html#_urlsafe_b64decode">_urlsafe_b64decode</a><tt class="py-op">(</tt><tt class="py-param">b64string</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="_urlsafe_b64decode-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="_urlsafe_b64decode-expanded"><a name="L264"></a><tt class="py-lineno">264</tt> <tt class="py-line"> <tt class="py-comment"># Guard against unicode strings, which base64 can't handle.</tt> </tt>
<a name="L265"></a><tt class="py-lineno">265</tt> <tt class="py-line"> <tt class="py-name">b64string</tt> <tt class="py-op">=</tt> <tt class="py-name">b64string</tt><tt class="py-op">.</tt><tt class="py-name">encode</tt><tt class="py-op">(</tt><tt class="py-string">'ascii'</tt><tt class="py-op">)</tt> </tt>
<a name="L266"></a><tt class="py-lineno">266</tt> <tt class="py-line"> <tt class="py-name">padded</tt> <tt class="py-op">=</tt> <tt class="py-name">b64string</tt> <tt class="py-op">+</tt> <tt class="py-string">'='</tt> <tt class="py-op">*</tt> <tt class="py-op">(</tt><tt class="py-number">4</tt> <tt class="py-op">-</tt> <tt class="py-name">len</tt><tt class="py-op">(</tt><tt class="py-name">b64string</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> <tt class="py-number">4</tt><tt class="py-op">)</tt> </tt>
<a name="L267"></a><tt class="py-lineno">267</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">base64</tt><tt class="py-op">.</tt><tt class="py-name">urlsafe_b64decode</tt><tt class="py-op">(</tt><tt class="py-name">padded</tt><tt class="py-op">)</tt> </tt>
</div><a name="L268"></a><tt class="py-lineno">268</tt> <tt class="py-line"> </tt>
<a name="_json_encode"></a><div id="_json_encode-def"><a name="L269"></a><tt class="py-lineno">269</tt> <tt class="py-line"> </tt>
<a name="L270"></a><tt class="py-lineno">270</tt> <a class="py-toggle" href="#" id="_json_encode-toggle" onclick="return toggle('_json_encode');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt-module.html#_json_encode">_json_encode</a><tt class="py-op">(</tt><tt class="py-param">data</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="_json_encode-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="_json_encode-expanded"><a name="L271"></a><tt class="py-lineno">271</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">simplejson</tt><tt class="py-op">.</tt><tt class="py-name">dumps</tt><tt class="py-op">(</tt><tt class="py-name">data</tt><tt class="py-op">,</tt> <tt class="py-name">separators</tt> <tt class="py-op">=</tt> <tt class="py-op">(</tt><tt class="py-string">','</tt><tt class="py-op">,</tt> <tt class="py-string">':'</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
</div><a name="L272"></a><tt class="py-lineno">272</tt> <tt class="py-line"> </tt>
<a name="make_signed_jwt"></a><div id="make_signed_jwt-def"><a name="L273"></a><tt class="py-lineno">273</tt> <tt class="py-line"> </tt>
<a name="L274"></a><tt class="py-lineno">274</tt> <a class="py-toggle" href="#" id="make_signed_jwt-toggle" onclick="return toggle('make_signed_jwt');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt-module.html#make_signed_jwt">make_signed_jwt</a><tt class="py-op">(</tt><tt class="py-param">signer</tt><tt class="py-op">,</tt> <tt class="py-param">payload</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="make_signed_jwt-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="make_signed_jwt-expanded"><a name="L275"></a><tt class="py-lineno">275</tt> <tt class="py-line"> <tt class="py-docstring">"""Make a signed JWT.</tt> </tt>
<a name="L276"></a><tt class="py-lineno">276</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L277"></a><tt class="py-lineno">277</tt> <tt class="py-line"><tt class="py-docstring"> See http://self-issued.info/docs/draft-jones-json-web-token.html.</tt> </tt>
<a name="L278"></a><tt class="py-lineno">278</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L279"></a><tt class="py-lineno">279</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
<a name="L280"></a><tt class="py-lineno">280</tt> <tt class="py-line"><tt class="py-docstring"> signer: crypt.Signer, Cryptographic signer.</tt> </tt>
<a name="L281"></a><tt class="py-lineno">281</tt> <tt class="py-line"><tt class="py-docstring"> payload: dict, Dictionary of data to convert to JSON and then sign.</tt> </tt>
<a name="L282"></a><tt class="py-lineno">282</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L283"></a><tt class="py-lineno">283</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
<a name="L284"></a><tt class="py-lineno">284</tt> <tt class="py-line"><tt class="py-docstring"> string, The JWT for the payload.</tt> </tt>
<a name="L285"></a><tt class="py-lineno">285</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
<a name="L286"></a><tt class="py-lineno">286</tt> <tt class="py-line"> <tt class="py-name">header</tt> <tt class="py-op">=</tt> <tt class="py-op">{</tt><tt class="py-string">'typ'</tt><tt class="py-op">:</tt> <tt class="py-string">'JWT'</tt><tt class="py-op">,</tt> <tt class="py-string">'alg'</tt><tt class="py-op">:</tt> <tt class="py-string">'RS256'</tt><tt class="py-op">}</tt> </tt>
<a name="L287"></a><tt class="py-lineno">287</tt> <tt class="py-line"> </tt>
<a name="L288"></a><tt class="py-lineno">288</tt> <tt class="py-line"> <tt class="py-name">segments</tt> <tt class="py-op">=</tt> <tt class="py-op">[</tt> </tt>
<a name="L289"></a><tt class="py-lineno">289</tt> <tt class="py-line"> <tt id="link-23" class="py-name" targets="Function oauth2client.crypt._urlsafe_b64encode()=oauth2client.crypt-module.html#_urlsafe_b64encode"><a title="oauth2client.crypt._urlsafe_b64encode" class="py-name" href="#" onclick="return doclink('link-23', '_urlsafe_b64encode', 'link-23');">_urlsafe_b64encode</a></tt><tt class="py-op">(</tt><tt id="link-24" class="py-name" targets="Function oauth2client.crypt._json_encode()=oauth2client.crypt-module.html#_json_encode"><a title="oauth2client.crypt._json_encode" class="py-name" href="#" onclick="return doclink('link-24', '_json_encode', 'link-24');">_json_encode</a></tt><tt class="py-op">(</tt><tt class="py-name">header</tt><tt class="py-op">)</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L290"></a><tt class="py-lineno">290</tt> <tt class="py-line"> <tt id="link-25" class="py-name"><a title="oauth2client.crypt._urlsafe_b64encode" class="py-name" href="#" onclick="return doclink('link-25', '_urlsafe_b64encode', 'link-23');">_urlsafe_b64encode</a></tt><tt class="py-op">(</tt><tt id="link-26" class="py-name"><a title="oauth2client.crypt._json_encode" class="py-name" href="#" onclick="return doclink('link-26', '_json_encode', 'link-24');">_json_encode</a></tt><tt class="py-op">(</tt><tt class="py-name">payload</tt><tt class="py-op">)</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L291"></a><tt class="py-lineno">291</tt> <tt class="py-line"> <tt class="py-op">]</tt> </tt>
<a name="L292"></a><tt class="py-lineno">292</tt> <tt class="py-line"> <tt class="py-name">signing_input</tt> <tt class="py-op">=</tt> <tt class="py-string">'.'</tt><tt class="py-op">.</tt><tt class="py-name">join</tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">)</tt> </tt>
<a name="L293"></a><tt class="py-lineno">293</tt> <tt class="py-line"> </tt>
<a name="L294"></a><tt class="py-lineno">294</tt> <tt class="py-line"> <tt class="py-name">signature</tt> <tt class="py-op">=</tt> <tt class="py-name">signer</tt><tt class="py-op">.</tt><tt class="py-name">sign</tt><tt class="py-op">(</tt><tt class="py-name">signing_input</tt><tt class="py-op">)</tt> </tt>
<a name="L295"></a><tt class="py-lineno">295</tt> <tt class="py-line"> <tt class="py-name">segments</tt><tt class="py-op">.</tt><tt class="py-name">append</tt><tt class="py-op">(</tt><tt id="link-27" class="py-name"><a title="oauth2client.crypt._urlsafe_b64encode" class="py-name" href="#" onclick="return doclink('link-27', '_urlsafe_b64encode', 'link-23');">_urlsafe_b64encode</a></tt><tt class="py-op">(</tt><tt class="py-name">signature</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
<a name="L296"></a><tt class="py-lineno">296</tt> <tt class="py-line"> </tt>
<a name="L297"></a><tt class="py-lineno">297</tt> <tt class="py-line"> <tt id="link-28" class="py-name"><a title="apiclient.discovery.logger
oauth2client.appengine.logger
oauth2client.client.logger
oauth2client.crypt.logger
oauth2client.gce.logger
oauth2client.locked_file.logger
oauth2client.multistore_file.logger
oauth2client.util.logger" class="py-name" href="#" onclick="return doclink('link-28', 'logger', 'link-4');">logger</a></tt><tt class="py-op">.</tt><tt class="py-name">debug</tt><tt class="py-op">(</tt><tt class="py-name">str</tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
<a name="L298"></a><tt class="py-lineno">298</tt> <tt class="py-line"> </tt>
<a name="L299"></a><tt class="py-lineno">299</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-string">'.'</tt><tt class="py-op">.</tt><tt class="py-name">join</tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">)</tt> </tt>
</div><a name="L300"></a><tt class="py-lineno">300</tt> <tt class="py-line"> </tt>
<a name="verify_signed_jwt_with_certs"></a><div id="verify_signed_jwt_with_certs-def"><a name="L301"></a><tt class="py-lineno">301</tt> <tt class="py-line"> </tt>
<a name="L302"></a><tt class="py-lineno">302</tt> <a class="py-toggle" href="#" id="verify_signed_jwt_with_certs-toggle" onclick="return toggle('verify_signed_jwt_with_certs');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt-module.html#verify_signed_jwt_with_certs">verify_signed_jwt_with_certs</a><tt class="py-op">(</tt><tt class="py-param">jwt</tt><tt class="py-op">,</tt> <tt class="py-param">certs</tt><tt class="py-op">,</tt> <tt class="py-param">audience</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="verify_signed_jwt_with_certs-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="verify_signed_jwt_with_certs-expanded"><a name="L303"></a><tt class="py-lineno">303</tt> <tt class="py-line"> <tt class="py-docstring">"""Verify a JWT against public certs.</tt> </tt>
<a name="L304"></a><tt class="py-lineno">304</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L305"></a><tt class="py-lineno">305</tt> <tt class="py-line"><tt class="py-docstring"> See http://self-issued.info/docs/draft-jones-json-web-token.html.</tt> </tt>
<a name="L306"></a><tt class="py-lineno">306</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L307"></a><tt class="py-lineno">307</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
<a name="L308"></a><tt class="py-lineno">308</tt> <tt class="py-line"><tt class="py-docstring"> jwt: string, A JWT.</tt> </tt>
<a name="L309"></a><tt class="py-lineno">309</tt> <tt class="py-line"><tt class="py-docstring"> certs: dict, Dictionary where values of public keys in PEM format.</tt> </tt>
<a name="L310"></a><tt class="py-lineno">310</tt> <tt class="py-line"><tt class="py-docstring"> audience: string, The audience, 'aud', that this JWT should contain. If</tt> </tt>
<a name="L311"></a><tt class="py-lineno">311</tt> <tt class="py-line"><tt class="py-docstring"> None then the JWT's 'aud' parameter is not verified.</tt> </tt>
<a name="L312"></a><tt class="py-lineno">312</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L313"></a><tt class="py-lineno">313</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
<a name="L314"></a><tt class="py-lineno">314</tt> <tt class="py-line"><tt class="py-docstring"> dict, The deserialized JSON payload in the JWT.</tt> </tt>
<a name="L315"></a><tt class="py-lineno">315</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L316"></a><tt class="py-lineno">316</tt> <tt class="py-line"><tt class="py-docstring"> Raises:</tt> </tt>
<a name="L317"></a><tt class="py-lineno">317</tt> <tt class="py-line"><tt class="py-docstring"> AppIdentityError if any checks are failed.</tt> </tt>
<a name="L318"></a><tt class="py-lineno">318</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
<a name="L319"></a><tt class="py-lineno">319</tt> <tt class="py-line"> <tt class="py-name">segments</tt> <tt class="py-op">=</tt> <tt class="py-name">jwt</tt><tt class="py-op">.</tt><tt class="py-name">split</tt><tt class="py-op">(</tt><tt class="py-string">'.'</tt><tt class="py-op">)</tt> </tt>
<a name="L320"></a><tt class="py-lineno">320</tt> <tt class="py-line"> </tt>
<a name="L321"></a><tt class="py-lineno">321</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-op">(</tt><tt class="py-name">len</tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">)</tt> <tt class="py-op">!=</tt> <tt class="py-number">3</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L322"></a><tt class="py-lineno">322</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-29" class="py-name" targets="Class oauth2client.crypt.AppIdentityError=oauth2client.crypt.AppIdentityError-class.html"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-29', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt> </tt>
<a name="L323"></a><tt class="py-lineno">323</tt> <tt class="py-line"> <tt class="py-string">'Wrong number of segments in token: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">jwt</tt><tt class="py-op">)</tt> </tt>
<a name="L324"></a><tt class="py-lineno">324</tt> <tt class="py-line"> <tt class="py-name">signed</tt> <tt class="py-op">=</tt> <tt class="py-string">'%s.%s'</tt> <tt class="py-op">%</tt> <tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">[</tt><tt class="py-number">0</tt><tt class="py-op">]</tt><tt class="py-op">,</tt> <tt class="py-name">segments</tt><tt class="py-op">[</tt><tt class="py-number">1</tt><tt class="py-op">]</tt><tt class="py-op">)</tt> </tt>
<a name="L325"></a><tt class="py-lineno">325</tt> <tt class="py-line"> </tt>
<a name="L326"></a><tt class="py-lineno">326</tt> <tt class="py-line"> <tt class="py-name">signature</tt> <tt class="py-op">=</tt> <tt id="link-30" class="py-name" targets="Function oauth2client.client._urlsafe_b64decode()=oauth2client.client-module.html#_urlsafe_b64decode,Function oauth2client.crypt._urlsafe_b64decode()=oauth2client.crypt-module.html#_urlsafe_b64decode"><a title="oauth2client.client._urlsafe_b64decode
oauth2client.crypt._urlsafe_b64decode" class="py-name" href="#" onclick="return doclink('link-30', '_urlsafe_b64decode', 'link-30');">_urlsafe_b64decode</a></tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">[</tt><tt class="py-number">2</tt><tt class="py-op">]</tt><tt class="py-op">)</tt> </tt>
<a name="L327"></a><tt class="py-lineno">327</tt> <tt class="py-line"> </tt>
<a name="L328"></a><tt class="py-lineno">328</tt> <tt class="py-line"> <tt class="py-comment"># Parse token.</tt> </tt>
<a name="L329"></a><tt class="py-lineno">329</tt> <tt class="py-line"> <tt class="py-name">json_body</tt> <tt class="py-op">=</tt> <tt id="link-31" class="py-name"><a title="oauth2client.client._urlsafe_b64decode
oauth2client.crypt._urlsafe_b64decode" class="py-name" href="#" onclick="return doclink('link-31', '_urlsafe_b64decode', 'link-30');">_urlsafe_b64decode</a></tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">[</tt><tt class="py-number">1</tt><tt class="py-op">]</tt><tt class="py-op">)</tt> </tt>
<a name="L330"></a><tt class="py-lineno">330</tt> <tt class="py-line"> <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L331"></a><tt class="py-lineno">331</tt> <tt class="py-line"> <tt class="py-name">parsed</tt> <tt class="py-op">=</tt> <tt class="py-name">simplejson</tt><tt class="py-op">.</tt><tt id="link-32" class="py-name" targets="Function oauth2client.clientsecrets.loads()=oauth2client.clientsecrets-module.html#loads"><a title="oauth2client.clientsecrets.loads" class="py-name" href="#" onclick="return doclink('link-32', 'loads', 'link-32');">loads</a></tt><tt class="py-op">(</tt><tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
<a name="L332"></a><tt class="py-lineno">332</tt> <tt class="py-line"> <tt class="py-keyword">except</tt><tt class="py-op">:</tt> </tt>
<a name="L333"></a><tt class="py-lineno">333</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-33" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-33', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'Can\'t parse token: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
<a name="L334"></a><tt class="py-lineno">334</tt> <tt class="py-line"> </tt>
<a name="L335"></a><tt class="py-lineno">335</tt> <tt class="py-line"> <tt class="py-comment"># Check signature.</tt> </tt>
<a name="L336"></a><tt class="py-lineno">336</tt> <tt class="py-line"> <tt class="py-name">verified</tt> <tt class="py-op">=</tt> <tt class="py-name">False</tt> </tt>
<a name="L337"></a><tt class="py-lineno">337</tt> <tt class="py-line"> <tt class="py-keyword">for</tt> <tt class="py-op">(</tt><tt class="py-name">keyname</tt><tt class="py-op">,</tt> <tt class="py-name">pem</tt><tt class="py-op">)</tt> <tt class="py-keyword">in</tt> <tt class="py-name">certs</tt><tt class="py-op">.</tt><tt class="py-name">items</tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L338"></a><tt class="py-lineno">338</tt> <tt class="py-line"> <tt class="py-name">verifier</tt> <tt class="py-op">=</tt> <tt id="link-34" class="py-name"><a title="oauth2client.crypt.Verifier" class="py-name" href="#" onclick="return doclink('link-34', 'Verifier', 'link-16');">Verifier</a></tt><tt class="py-op">.</tt><tt class="py-name">from_string</tt><tt class="py-op">(</tt><tt class="py-name">pem</tt><tt class="py-op">,</tt> <tt class="py-name">True</tt><tt class="py-op">)</tt> </tt>
<a name="L339"></a><tt class="py-lineno">339</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-op">(</tt><tt class="py-name">verifier</tt><tt class="py-op">.</tt><tt class="py-name">verify</tt><tt class="py-op">(</tt><tt class="py-name">signed</tt><tt class="py-op">,</tt> <tt class="py-name">signature</tt><tt class="py-op">)</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L340"></a><tt class="py-lineno">340</tt> <tt class="py-line"> <tt class="py-name">verified</tt> <tt class="py-op">=</tt> <tt class="py-name">True</tt> </tt>
<a name="L341"></a><tt class="py-lineno">341</tt> <tt class="py-line"> <tt class="py-keyword">break</tt> </tt>
<a name="L342"></a><tt class="py-lineno">342</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-keyword">not</tt> <tt class="py-name">verified</tt><tt class="py-op">:</tt> </tt>
<a name="L343"></a><tt class="py-lineno">343</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-35" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-35', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'Invalid token signature: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">jwt</tt><tt class="py-op">)</tt> </tt>
<a name="L344"></a><tt class="py-lineno">344</tt> <tt class="py-line"> </tt>
<a name="L345"></a><tt class="py-lineno">345</tt> <tt class="py-line"> <tt class="py-comment"># Check creation timestamp.</tt> </tt>
<a name="L346"></a><tt class="py-lineno">346</tt> <tt class="py-line"> <tt class="py-name">iat</tt> <tt class="py-op">=</tt> <tt class="py-name">parsed</tt><tt class="py-op">.</tt><tt id="link-36" class="py-name" targets="Method apiclient.schema.Schemas.get()=apiclient.schema.Schemas-class.html#get,Method oauth2client.client.MemoryCache.get()=oauth2client.client.MemoryCache-class.html#get,Method oauth2client.client.Storage.get()=oauth2client.client.Storage-class.html#get"><a title="apiclient.schema.Schemas.get
oauth2client.client.MemoryCache.get
oauth2client.client.Storage.get" class="py-name" href="#" onclick="return doclink('link-36', 'get', 'link-36');">get</a></tt><tt class="py-op">(</tt><tt class="py-string">'iat'</tt><tt class="py-op">)</tt> </tt>
<a name="L347"></a><tt class="py-lineno">347</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">iat</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L348"></a><tt class="py-lineno">348</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-37" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-37', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'No iat field in token: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
<a name="L349"></a><tt class="py-lineno">349</tt> <tt class="py-line"> <tt class="py-name">earliest</tt> <tt class="py-op">=</tt> <tt class="py-name">iat</tt> <tt class="py-op">-</tt> <tt id="link-38" class="py-name"><a title="oauth2client.crypt.CLOCK_SKEW_SECS" class="py-name" href="#" onclick="return doclink('link-38', 'CLOCK_SKEW_SECS', 'link-1');">CLOCK_SKEW_SECS</a></tt> </tt>
<a name="L350"></a><tt class="py-lineno">350</tt> <tt class="py-line"> </tt>
<a name="L351"></a><tt class="py-lineno">351</tt> <tt class="py-line"> <tt class="py-comment"># Check expiration timestamp.</tt> </tt>
<a name="L352"></a><tt class="py-lineno">352</tt> <tt class="py-line"> <tt class="py-name">now</tt> <tt class="py-op">=</tt> <tt class="py-name">long</tt><tt class="py-op">(</tt><tt class="py-name">time</tt><tt class="py-op">.</tt><tt class="py-name">time</tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
<a name="L353"></a><tt class="py-lineno">353</tt> <tt class="py-line"> <tt class="py-name">exp</tt> <tt class="py-op">=</tt> <tt class="py-name">parsed</tt><tt class="py-op">.</tt><tt id="link-39" class="py-name"><a title="apiclient.schema.Schemas.get
oauth2client.client.MemoryCache.get
oauth2client.client.Storage.get" class="py-name" href="#" onclick="return doclink('link-39', 'get', 'link-36');">get</a></tt><tt class="py-op">(</tt><tt class="py-string">'exp'</tt><tt class="py-op">)</tt> </tt>
<a name="L354"></a><tt class="py-lineno">354</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">exp</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L355"></a><tt class="py-lineno">355</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-40" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-40', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'No exp field in token: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
<a name="L356"></a><tt class="py-lineno">356</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">exp</tt> <tt class="py-op">&gt;=</tt> <tt class="py-name">now</tt> <tt class="py-op">+</tt> <tt id="link-41" class="py-name"><a title="oauth2client.client.SignedJwtAssertionCredentials.MAX_TOKEN_LIFETIME_SECS
oauth2client.crypt.MAX_TOKEN_LIFETIME_SECS" class="py-name" href="#" onclick="return doclink('link-41', 'MAX_TOKEN_LIFETIME_SECS', 'link-3');">MAX_TOKEN_LIFETIME_SECS</a></tt><tt class="py-op">:</tt> </tt>
<a name="L357"></a><tt class="py-lineno">357</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-42" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-42', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt> </tt>
<a name="L358"></a><tt class="py-lineno">358</tt> <tt class="py-line"> <tt class="py-string">'exp field too far in future: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
<a name="L359"></a><tt class="py-lineno">359</tt> <tt class="py-line"> <tt class="py-name">latest</tt> <tt class="py-op">=</tt> <tt class="py-name">exp</tt> <tt class="py-op">+</tt> <tt id="link-43" class="py-name"><a title="oauth2client.crypt.CLOCK_SKEW_SECS" class="py-name" href="#" onclick="return doclink('link-43', 'CLOCK_SKEW_SECS', 'link-1');">CLOCK_SKEW_SECS</a></tt> </tt>
<a name="L360"></a><tt class="py-lineno">360</tt> <tt class="py-line"> </tt>
<a name="L361"></a><tt class="py-lineno">361</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">now</tt> <tt class="py-op">&lt;</tt> <tt class="py-name">earliest</tt><tt class="py-op">:</tt> </tt>
<a name="L362"></a><tt class="py-lineno">362</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-44" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-44', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'Token used too early, %d &lt; %d: %s'</tt> <tt class="py-op">%</tt> </tt>
<a name="L363"></a><tt class="py-lineno">363</tt> <tt class="py-line"> <tt class="py-op">(</tt><tt class="py-name">now</tt><tt class="py-op">,</tt> <tt class="py-name">earliest</tt><tt class="py-op">,</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
<a name="L364"></a><tt class="py-lineno">364</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">now</tt> <tt class="py-op">&gt;</tt> <tt class="py-name">latest</tt><tt class="py-op">:</tt> </tt>
<a name="L365"></a><tt class="py-lineno">365</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-45" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-45', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'Token used too late, %d &gt; %d: %s'</tt> <tt class="py-op">%</tt> </tt>
<a name="L366"></a><tt class="py-lineno">366</tt> <tt class="py-line"> <tt class="py-op">(</tt><tt class="py-name">now</tt><tt class="py-op">,</tt> <tt class="py-name">latest</tt><tt class="py-op">,</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
<a name="L367"></a><tt class="py-lineno">367</tt> <tt class="py-line"> </tt>
<a name="L368"></a><tt class="py-lineno">368</tt> <tt class="py-line"> <tt class="py-comment"># Check audience.</tt> </tt>
<a name="L369"></a><tt class="py-lineno">369</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">audience</tt> <tt class="py-keyword">is</tt> <tt class="py-keyword">not</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L370"></a><tt class="py-lineno">370</tt> <tt class="py-line"> <tt class="py-name">aud</tt> <tt class="py-op">=</tt> <tt class="py-name">parsed</tt><tt class="py-op">.</tt><tt id="link-46" class="py-name"><a title="apiclient.schema.Schemas.get
oauth2client.client.MemoryCache.get
oauth2client.client.Storage.get" class="py-name" href="#" onclick="return doclink('link-46', 'get', 'link-36');">get</a></tt><tt class="py-op">(</tt><tt class="py-string">'aud'</tt><tt class="py-op">)</tt> </tt>
<a name="L371"></a><tt class="py-lineno">371</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">aud</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L372"></a><tt class="py-lineno">372</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-47" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-47', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'No aud field in token: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
<a name="L373"></a><tt class="py-lineno">373</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">aud</tt> <tt class="py-op">!=</tt> <tt class="py-name">audience</tt><tt class="py-op">:</tt> </tt>
<a name="L374"></a><tt class="py-lineno">374</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-48" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-48', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'Wrong recipient, %s != %s: %s'</tt> <tt class="py-op">%</tt> </tt>
<a name="L375"></a><tt class="py-lineno">375</tt> <tt class="py-line"> <tt class="py-op">(</tt><tt class="py-name">aud</tt><tt class="py-op">,</tt> <tt class="py-name">audience</tt><tt class="py-op">,</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
<a name="L376"></a><tt class="py-lineno">376</tt> <tt class="py-line"> </tt>
<a name="L377"></a><tt class="py-lineno">377</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">parsed</tt> </tt>
</div><a name="L378"></a><tt class="py-lineno">378</tt> <tt class="py-line"> </tt><script type="text/javascript">
<!--
expandto(location.href);
// -->
</script>
</pre>
<br />
<!-- ==================== NAVIGATION BAR ==================== -->
<table class="navbar" border="0" width="100%" cellpadding="0"
bgcolor="#a0c0ff" cellspacing="0">
<tr valign="middle">
<!-- Tree link -->
<th>&nbsp;&nbsp;&nbsp;<a
href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>
<!-- Index link -->
<th>&nbsp;&nbsp;&nbsp;<a
href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>
<!-- Help link -->
<th>&nbsp;&nbsp;&nbsp;<a
href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>
<th class="navbar" width="100%"></th>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0" width="100%%">
<tr>
<td align="left" class="footer">
Generated by Epydoc 3.0.1 on Tue Aug 6 12:16:46 2013
</td>
<td align="right" class="footer">
<a target="mainFrame" href="http://epydoc.sourceforge.net"
>http://epydoc.sourceforge.net</a>
</td>
</tr>
</table>
<script type="text/javascript">
<!--
// Private objects are initially displayed (because if
// javascript is turned off then we want them to be
// visible); but by default, we want to hide them. So hide
// them unless we have a cookie that says to show them.
checkCookie();
// -->
</script>
</body>
</html>