| |
| <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
| <html><head><title>Python: module oauth2client.crypt</title> |
| </head><body bgcolor="#f0f0f8"> |
| |
| <table width="100%" cellspacing=0 cellpadding=2 border=0 summary="heading"> |
| <tr bgcolor="#7799ee"> |
| <td valign=bottom> <br> |
| <font color="#ffffff" face="helvetica, arial"> <br><big><big><strong><a href="oauth2client.html"><font color="#ffffff">oauth2client</font></a>.crypt</strong></big></big></font></td |
| ><td align=right valign=bottom |
| ><font color="#ffffff" face="helvetica, arial"><a href=".">index</a><br><a href="file:/home/jcgregorio/projects/google-api-python-client/oauth2client/crypt.py">/home/jcgregorio/projects/google-api-python-client/oauth2client/crypt.py</a></font></td></tr></table> |
| <p><tt># -*- coding: utf-8 -*-<br> |
| #<br> |
| # Copyright (C) 2011 Google Inc.<br> |
| #<br> |
| # Licensed under the Apache License, Version 2.0 (the "License");<br> |
| # you may not use this file except in compliance with the License.<br> |
| # You may obtain a copy of the License at<br> |
| #<br> |
| # <a href="http://www.apache.org/licenses/LICENSE-2.0">http://www.apache.org/licenses/LICENSE-2.0</a><br> |
| #<br> |
| # Unless required by applicable law or agreed to in writing, software<br> |
| # distributed under the License is distributed on an "AS IS" BASIS,<br> |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.<br> |
| # See the License for the specific language governing permissions and<br> |
| # limitations under the License.</tt></p> |
| <p> |
| <table width="100%" cellspacing=0 cellpadding=2 border=0 summary="section"> |
| <tr bgcolor="#aa55cc"> |
| <td colspan=3 valign=bottom> <br> |
| <font color="#ffffff" face="helvetica, arial"><big><strong>Modules</strong></big></font></td></tr> |
| |
| <tr><td bgcolor="#aa55cc"><tt> </tt></td><td> </td> |
| <td width="100%"><table width="100%" summary="list"><tr><td width="25%" valign=top><a href="base64.html">base64</a><br> |
| <a href="OpenSSL.crypto.html">OpenSSL.crypto</a><br> |
| </td><td width="25%" valign=top><a href="hashlib.html">hashlib</a><br> |
| <a href="logging.html">logging</a><br> |
| </td><td width="25%" valign=top><a href="json.html">json</a><br> |
| <a href="time.html">time</a><br> |
| </td><td width="25%" valign=top></td></tr></table></td></tr></table><p> |
| <table width="100%" cellspacing=0 cellpadding=2 border=0 summary="section"> |
| <tr bgcolor="#ee77aa"> |
| <td colspan=3 valign=bottom> <br> |
| <font color="#ffffff" face="helvetica, arial"><big><strong>Classes</strong></big></font></td></tr> |
| |
| <tr><td bgcolor="#ee77aa"><tt> </tt></td><td> </td> |
| <td width="100%"><dl> |
| <dt><font face="helvetica, arial"><a href="__builtin__.html#object">__builtin__.object</a> |
| </font></dt><dd> |
| <dl> |
| <dt><font face="helvetica, arial"><a href="oauth2client.crypt.html#Signer">Signer</a> |
| </font></dt><dt><font face="helvetica, arial"><a href="oauth2client.crypt.html#Verifier">Verifier</a> |
| </font></dt></dl> |
| </dd> |
| <dt><font face="helvetica, arial"><a href="exceptions.html#Exception">exceptions.Exception</a>(<a href="exceptions.html#BaseException">exceptions.BaseException</a>) |
| </font></dt><dd> |
| <dl> |
| <dt><font face="helvetica, arial"><a href="oauth2client.crypt.html#AppIdentityError">AppIdentityError</a> |
| </font></dt></dl> |
| </dd> |
| </dl> |
| <p> |
| <table width="100%" cellspacing=0 cellpadding=2 border=0 summary="section"> |
| <tr bgcolor="#ffc8d8"> |
| <td colspan=3 valign=bottom> <br> |
| <font color="#000000" face="helvetica, arial"><a name="AppIdentityError">class <strong>AppIdentityError</strong></a>(<a href="exceptions.html#Exception">exceptions.Exception</a>)</font></td></tr> |
| |
| <tr><td bgcolor="#ffc8d8"><tt> </tt></td><td> </td> |
| <td width="100%"><dl><dt>Method resolution order:</dt> |
| <dd><a href="oauth2client.crypt.html#AppIdentityError">AppIdentityError</a></dd> |
| <dd><a href="exceptions.html#Exception">exceptions.Exception</a></dd> |
| <dd><a href="exceptions.html#BaseException">exceptions.BaseException</a></dd> |
| <dd><a href="__builtin__.html#object">__builtin__.object</a></dd> |
| </dl> |
| <hr> |
| Data descriptors defined here:<br> |
| <dl><dt><strong>__weakref__</strong></dt> |
| <dd><tt>list of weak references to the object (if defined)</tt></dd> |
| </dl> |
| <hr> |
| Methods inherited from <a href="exceptions.html#Exception">exceptions.Exception</a>:<br> |
| <dl><dt><a name="AppIdentityError-__init__"><strong>__init__</strong></a>(...)</dt><dd><tt>x.<a href="#AppIdentityError-__init__">__init__</a>(...) initializes x; see x.__class__.__doc__ for signature</tt></dd></dl> |
| |
| <hr> |
| Data and other attributes inherited from <a href="exceptions.html#Exception">exceptions.Exception</a>:<br> |
| <dl><dt><strong>__new__</strong> = <built-in method __new__ of type object><dd><tt>T.<a href="#AppIdentityError-__new__">__new__</a>(S, ...) -> a new <a href="__builtin__.html#object">object</a> with type S, a subtype of T</tt></dl> |
| |
| <hr> |
| Methods inherited from <a href="exceptions.html#BaseException">exceptions.BaseException</a>:<br> |
| <dl><dt><a name="AppIdentityError-__delattr__"><strong>__delattr__</strong></a>(...)</dt><dd><tt>x.<a href="#AppIdentityError-__delattr__">__delattr__</a>('name') <==> del x.name</tt></dd></dl> |
| |
| <dl><dt><a name="AppIdentityError-__getattribute__"><strong>__getattribute__</strong></a>(...)</dt><dd><tt>x.<a href="#AppIdentityError-__getattribute__">__getattribute__</a>('name') <==> x.name</tt></dd></dl> |
| |
| <dl><dt><a name="AppIdentityError-__getitem__"><strong>__getitem__</strong></a>(...)</dt><dd><tt>x.<a href="#AppIdentityError-__getitem__">__getitem__</a>(y) <==> x[y]</tt></dd></dl> |
| |
| <dl><dt><a name="AppIdentityError-__getslice__"><strong>__getslice__</strong></a>(...)</dt><dd><tt>x.<a href="#AppIdentityError-__getslice__">__getslice__</a>(i, j) <==> x[i:j]<br> |
| <br> |
| Use of negative indices is not supported.</tt></dd></dl> |
| |
| <dl><dt><a name="AppIdentityError-__reduce__"><strong>__reduce__</strong></a>(...)</dt></dl> |
| |
| <dl><dt><a name="AppIdentityError-__repr__"><strong>__repr__</strong></a>(...)</dt><dd><tt>x.<a href="#AppIdentityError-__repr__">__repr__</a>() <==> repr(x)</tt></dd></dl> |
| |
| <dl><dt><a name="AppIdentityError-__setattr__"><strong>__setattr__</strong></a>(...)</dt><dd><tt>x.<a href="#AppIdentityError-__setattr__">__setattr__</a>('name', value) <==> x.name = value</tt></dd></dl> |
| |
| <dl><dt><a name="AppIdentityError-__setstate__"><strong>__setstate__</strong></a>(...)</dt></dl> |
| |
| <dl><dt><a name="AppIdentityError-__str__"><strong>__str__</strong></a>(...)</dt><dd><tt>x.<a href="#AppIdentityError-__str__">__str__</a>() <==> str(x)</tt></dd></dl> |
| |
| <dl><dt><a name="AppIdentityError-__unicode__"><strong>__unicode__</strong></a>(...)</dt></dl> |
| |
| <hr> |
| Data descriptors inherited from <a href="exceptions.html#BaseException">exceptions.BaseException</a>:<br> |
| <dl><dt><strong>__dict__</strong></dt> |
| </dl> |
| <dl><dt><strong>args</strong></dt> |
| </dl> |
| <dl><dt><strong>message</strong></dt> |
| </dl> |
| </td></tr></table> <p> |
| <table width="100%" cellspacing=0 cellpadding=2 border=0 summary="section"> |
| <tr bgcolor="#ffc8d8"> |
| <td colspan=3 valign=bottom> <br> |
| <font color="#000000" face="helvetica, arial"><a name="Signer">class <strong>Signer</strong></a>(<a href="__builtin__.html#object">__builtin__.object</a>)</font></td></tr> |
| |
| <tr bgcolor="#ffc8d8"><td rowspan=2><tt> </tt></td> |
| <td colspan=2><tt>Signs messages with a private key.<br> </tt></td></tr> |
| <tr><td> </td> |
| <td width="100%">Methods defined here:<br> |
| <dl><dt><a name="Signer-__init__"><strong>__init__</strong></a>(self, pkey)</dt><dd><tt>Constructor.<br> |
| <br> |
| Args:<br> |
| pkey, OpenSSL.crypto.PKey, The private key to sign with.</tt></dd></dl> |
| |
| <dl><dt><a name="Signer-sign"><strong>sign</strong></a>(self, message)</dt><dd><tt>Signs a message.<br> |
| <br> |
| Args:<br> |
| message: string, Message to be signed.<br> |
| <br> |
| Returns:<br> |
| string, The signature of the message for the given key.</tt></dd></dl> |
| |
| <hr> |
| Static methods defined here:<br> |
| <dl><dt><a name="Signer-from_string"><strong>from_string</strong></a>(key, password<font color="#909090">='notasecret'</font>)</dt><dd><tt>Construct a <a href="#Signer">Signer</a> instance from a string.<br> |
| <br> |
| Args:<br> |
| key: string, private key in P12 format.<br> |
| password: string, password for the private key file.<br> |
| <br> |
| Returns:<br> |
| <a href="#Signer">Signer</a> instance.<br> |
| <br> |
| Raises:<br> |
| OpenSSL.crypto.Error if the key can't be parsed.</tt></dd></dl> |
| |
| <hr> |
| Data descriptors defined here:<br> |
| <dl><dt><strong>__dict__</strong></dt> |
| <dd><tt>dictionary for instance variables (if defined)</tt></dd> |
| </dl> |
| <dl><dt><strong>__weakref__</strong></dt> |
| <dd><tt>list of weak references to the object (if defined)</tt></dd> |
| </dl> |
| </td></tr></table> <p> |
| <table width="100%" cellspacing=0 cellpadding=2 border=0 summary="section"> |
| <tr bgcolor="#ffc8d8"> |
| <td colspan=3 valign=bottom> <br> |
| <font color="#000000" face="helvetica, arial"><a name="Verifier">class <strong>Verifier</strong></a>(<a href="__builtin__.html#object">__builtin__.object</a>)</font></td></tr> |
| |
| <tr bgcolor="#ffc8d8"><td rowspan=2><tt> </tt></td> |
| <td colspan=2><tt>Verifies the signature on a message.<br> </tt></td></tr> |
| <tr><td> </td> |
| <td width="100%">Methods defined here:<br> |
| <dl><dt><a name="Verifier-__init__"><strong>__init__</strong></a>(self, pubkey)</dt><dd><tt>Constructor.<br> |
| <br> |
| Args:<br> |
| pubkey, OpenSSL.crypto.PKey, The public key to verify with.</tt></dd></dl> |
| |
| <dl><dt><a name="Verifier-verify"><strong>verify</strong></a>(self, message, signature)</dt><dd><tt>Verifies a message against a signature.<br> |
| <br> |
| Args:<br> |
| message: string, The message to verify.<br> |
| signature: string, The signature on the message.<br> |
| <br> |
| Returns:<br> |
| True if message was singed by the private key associated with the public<br> |
| key that this <a href="__builtin__.html#object">object</a> was constructed with.</tt></dd></dl> |
| |
| <hr> |
| Static methods defined here:<br> |
| <dl><dt><a name="Verifier-from_string"><strong>from_string</strong></a>(key_pem, is_x509_cert)</dt><dd><tt>Construct a Verified instance from a string.<br> |
| <br> |
| Args:<br> |
| key_pem: string, public key in PEM format.<br> |
| is_x509_cert: bool, True if key_pem is an X509 cert, otherwise it is<br> |
| expected to be an RSA key in PEM format.<br> |
| <br> |
| Returns:<br> |
| <a href="#Verifier">Verifier</a> instance.<br> |
| <br> |
| Raises:<br> |
| OpenSSL.crypto.Error if the key_pem can't be parsed.</tt></dd></dl> |
| |
| <hr> |
| Data descriptors defined here:<br> |
| <dl><dt><strong>__dict__</strong></dt> |
| <dd><tt>dictionary for instance variables (if defined)</tt></dd> |
| </dl> |
| <dl><dt><strong>__weakref__</strong></dt> |
| <dd><tt>list of weak references to the object (if defined)</tt></dd> |
| </dl> |
| </td></tr></table></td></tr></table><p> |
| <table width="100%" cellspacing=0 cellpadding=2 border=0 summary="section"> |
| <tr bgcolor="#eeaa77"> |
| <td colspan=3 valign=bottom> <br> |
| <font color="#ffffff" face="helvetica, arial"><big><strong>Functions</strong></big></font></td></tr> |
| |
| <tr><td bgcolor="#eeaa77"><tt> </tt></td><td> </td> |
| <td width="100%"><dl><dt><a name="-make_signed_jwt"><strong>make_signed_jwt</strong></a>(signer, payload)</dt><dd><tt>Make a signed JWT.<br> |
| <br> |
| See <a href="http://self-issued.info/docs/draft-jones-json-web-token.html">http://self-issued.info/docs/draft-jones-json-web-token.html</a>.<br> |
| <br> |
| Args:<br> |
| signer: crypt.<a href="#Signer">Signer</a>, Cryptographic signer.<br> |
| payload: dict, Dictionary of data to convert to JSON and then sign.<br> |
| <br> |
| Returns:<br> |
| string, The JWT for the payload.</tt></dd></dl> |
| <dl><dt><a name="-verify_signed_jwt_with_certs"><strong>verify_signed_jwt_with_certs</strong></a>(jwt, certs, audience)</dt><dd><tt>Verify a JWT against public certs.<br> |
| <br> |
| See <a href="http://self-issued.info/docs/draft-jones-json-web-token.html">http://self-issued.info/docs/draft-jones-json-web-token.html</a>.<br> |
| <br> |
| Args:<br> |
| jwt: string, A JWT.<br> |
| certs: dict, Dictionary where values of public keys in PEM format.<br> |
| audience: string, The audience, 'aud', that this JWT should contain. If<br> |
| None then the JWT's 'aud' parameter is not verified.<br> |
| <br> |
| Returns:<br> |
| dict, The deserialized JSON payload in the JWT.<br> |
| <br> |
| Raises:<br> |
| <a href="#AppIdentityError">AppIdentityError</a> if any checks are failed.</tt></dd></dl> |
| </td></tr></table><p> |
| <table width="100%" cellspacing=0 cellpadding=2 border=0 summary="section"> |
| <tr bgcolor="#55aa55"> |
| <td colspan=3 valign=bottom> <br> |
| <font color="#ffffff" face="helvetica, arial"><big><strong>Data</strong></big></font></td></tr> |
| |
| <tr><td bgcolor="#55aa55"><tt> </tt></td><td> </td> |
| <td width="100%"><strong>AUTH_TOKEN_LIFETIME_SECS</strong> = 300<br> |
| <strong>CLOCK_SKEW_SECS</strong> = 300<br> |
| <strong>MAX_TOKEN_LIFETIME_SECS</strong> = 86400</td></tr></table> |
| </body></html> |