Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / google-api-python-client / 3aaca548a7bea3c67d49c28f2b13b4cf9a21633b / . / docs / epy / oauth2client.crypt-pysrc.html
blob: 8d75e18b2a751d1a68fa790c596ff206630258d8 [file] [log] [blame]
Joe Gregorio5dc0f5c2012-06-05 13:34:31 -0400[diff] [blame]1<?xml version="1.0" encoding="ascii"?>
2<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
3 "DTD/xhtml1-transitional.dtd">
4<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
5<head>
6 <title>oauth2client.crypt</title>
7 <link rel="stylesheet" href="epydoc.css" type="text/css" />
8 <script type="text/javascript" src="epydoc.js"></script>
9</head>
10
11<body bgcolor="white" text="black" link="blue" vlink="#204080"
12 alink="#204080">
13<!-- ==================== NAVIGATION BAR ==================== -->
14<table class="navbar" border="0" width="100%" cellpadding="0"
15 bgcolor="#a0c0ff" cellspacing="0">
16 <tr valign="middle">
17
18 <!-- Tree link -->
19 <th>&nbsp;&nbsp;&nbsp;<a
20 href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>
21
22 <!-- Index link -->
23 <th>&nbsp;&nbsp;&nbsp;<a
24 href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>
25
26 <!-- Help link -->
27 <th>&nbsp;&nbsp;&nbsp;<a
28 href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>
29
30 <th class="navbar" width="100%"></th>
31 </tr>
32</table>
33<table width="100%" cellpadding="0" cellspacing="0">
34 <tr valign="top">
35 <td width="100%">
36 <span class="breadcrumbs">
37 <a href="oauth2client-module.html">Package&nbsp;oauth2client</a> ::
38 Module&nbsp;crypt
39 </span>
40 </td>
41 <td>
42 <table cellpadding="0" cellspacing="0">
43 <!-- hide/show private -->
44 <tr><td align="right"><span class="options">[<a href="javascript:void(0);" class="privatelink"
45 onclick="toggle_private();">hide&nbsp;private</a>]</span></td></tr>
46 <tr><td align="right"><span class="options"
47 >[<a href="frames.html" target="_top">frames</a
48 >]&nbsp;|&nbsp;<a href="oauth2client.crypt-pysrc.html"
49 target="_top">no&nbsp;frames</a>]</span></td></tr>
50 </table>
51 </td>
52 </tr>
53</table>
54<h1 class="epydoc">Source Code for <a href="oauth2client.crypt-module.html">Module oauth2client.crypt</a></h1>
55<pre class="py-src">
56<a name="L1"></a><tt class="py-lineno"> 1</tt> <tt class="py-line"><tt class="py-comment">#!/usr/bin/python2.4</tt> </tt>
57<a name="L2"></a><tt class="py-lineno"> 2</tt> <tt class="py-line"><tt class="py-comment"># -*- coding: utf-8 -*-</tt> </tt>
58<a name="L3"></a><tt class="py-lineno"> 3</tt> <tt class="py-line"><tt class="py-comment">#</tt> </tt>
59<a name="L4"></a><tt class="py-lineno"> 4</tt> <tt class="py-line"><tt class="py-comment"># Copyright (C) 2011 Google Inc.</tt> </tt>
60<a name="L5"></a><tt class="py-lineno"> 5</tt> <tt class="py-line"><tt class="py-comment">#</tt> </tt>
61<a name="L6"></a><tt class="py-lineno"> 6</tt> <tt class="py-line"><tt class="py-comment"># Licensed under the Apache License, Version 2.0 (the "License");</tt> </tt>
62<a name="L7"></a><tt class="py-lineno"> 7</tt> <tt class="py-line"><tt class="py-comment"># you may not use this file except in compliance with the License.</tt> </tt>
63<a name="L8"></a><tt class="py-lineno"> 8</tt> <tt class="py-line"><tt class="py-comment"># You may obtain a copy of the License at</tt> </tt>
64<a name="L9"></a><tt class="py-lineno"> 9</tt> <tt class="py-line"><tt class="py-comment">#</tt> </tt>
65<a name="L10"></a><tt class="py-lineno"> 10</tt> <tt class="py-line"><tt class="py-comment"># http://www.apache.org/licenses/LICENSE-2.0</tt> </tt>
66<a name="L11"></a><tt class="py-lineno"> 11</tt> <tt class="py-line"><tt class="py-comment">#</tt> </tt>
67<a name="L12"></a><tt class="py-lineno"> 12</tt> <tt class="py-line"><tt class="py-comment"># Unless required by applicable law or agreed to in writing, software</tt> </tt>
68<a name="L13"></a><tt class="py-lineno"> 13</tt> <tt class="py-line"><tt class="py-comment"># distributed under the License is distributed on an "AS IS" BASIS,</tt> </tt>
69<a name="L14"></a><tt class="py-lineno"> 14</tt> <tt class="py-line"><tt class="py-comment"># WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</tt> </tt>
70<a name="L15"></a><tt class="py-lineno"> 15</tt> <tt class="py-line"><tt class="py-comment"># See the License for the specific language governing permissions and</tt> </tt>
71<a name="L16"></a><tt class="py-lineno"> 16</tt> <tt class="py-line"><tt class="py-comment"># limitations under the License.</tt> </tt>
72<a name="L17"></a><tt class="py-lineno"> 17</tt> <tt class="py-line"> </tt>
73<a name="L18"></a><tt class="py-lineno"> 18</tt> <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">base64</tt> </tt>
74<a name="L19"></a><tt class="py-lineno"> 19</tt> <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">hashlib</tt> </tt>
75<a name="L20"></a><tt class="py-lineno"> 20</tt> <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">logging</tt> </tt>
76<a name="L21"></a><tt class="py-lineno"> 21</tt> <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">time</tt> </tt>
77<a name="L22"></a><tt class="py-lineno"> 22</tt> <tt class="py-line"> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]78<a name="L23"></a><tt class="py-lineno"> 23</tt> <tt class="py-line"><tt class="py-keyword">from</tt> <tt id="link-0" class="py-name" targets="Module oauth2client.anyjson=oauth2client.anyjson-module.html"><a title="oauth2client.anyjson" class="py-name" href="#" onclick="return doclink('link-0', 'anyjson', 'link-0');">anyjson</a></tt> <tt class="py-keyword">import</tt> <tt class="py-name">simplejson</tt> </tt>
79<a name="L24"></a><tt class="py-lineno"> 24</tt> <tt class="py-line"> </tt>
Joe Gregorio5dc0f5c2012-06-05 13:34:31 -0400[diff] [blame]80<a name="L25"></a><tt class="py-lineno"> 25</tt> <tt class="py-line"> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]81<a name="L26"></a><tt class="py-lineno"> 26</tt> <tt class="py-line"><tt id="link-1" class="py-name" targets="Variable oauth2client.crypt.CLOCK_SKEW_SECS=oauth2client.crypt-module.html#CLOCK_SKEW_SECS"><a title="oauth2client.crypt.CLOCK_SKEW_SECS" class="py-name" href="#" onclick="return doclink('link-1', 'CLOCK_SKEW_SECS', 'link-1');">CLOCK_SKEW_SECS</a></tt> <tt class="py-op">=</tt> <tt class="py-number">300</tt> <tt class="py-comment"># 5 minutes in seconds</tt> </tt>
82<a name="L27"></a><tt class="py-lineno"> 27</tt> <tt class="py-line"><tt id="link-2" class="py-name" targets="Variable oauth2client.crypt.AUTH_TOKEN_LIFETIME_SECS=oauth2client.crypt-module.html#AUTH_TOKEN_LIFETIME_SECS"><a title="oauth2client.crypt.AUTH_TOKEN_LIFETIME_SECS" class="py-name" href="#" onclick="return doclink('link-2', 'AUTH_TOKEN_LIFETIME_SECS', 'link-2');">AUTH_TOKEN_LIFETIME_SECS</a></tt> <tt class="py-op">=</tt> <tt class="py-number">300</tt> <tt class="py-comment"># 5 minutes in seconds</tt> </tt>
83<a name="L28"></a><tt class="py-lineno"> 28</tt> <tt class="py-line"><tt id="link-3" class="py-name" targets="Variable oauth2client.client.SignedJwtAssertionCredentials.MAX_TOKEN_LIFETIME_SECS=oauth2client.client.SignedJwtAssertionCredentials-class.html#MAX_TOKEN_LIFETIME_SECS,Variable oauth2client.crypt.MAX_TOKEN_LIFETIME_SECS=oauth2client.crypt-module.html#MAX_TOKEN_LIFETIME_SECS"><a title="oauth2client.client.SignedJwtAssertionCredentials.MAX_TOKEN_LIFETIME_SECS
84oauth2client.crypt.MAX_TOKEN_LIFETIME_SECS" class="py-name" href="#" onclick="return doclink('link-3', 'MAX_TOKEN_LIFETIME_SECS', 'link-3');">MAX_TOKEN_LIFETIME_SECS</a></tt> <tt class="py-op">=</tt> <tt class="py-number">86400</tt> <tt class="py-comment"># 1 day in seconds</tt> </tt>
85<a name="L29"></a><tt class="py-lineno"> 29</tt> <tt class="py-line"> </tt>
86<a name="L30"></a><tt class="py-lineno"> 30</tt> <tt class="py-line"> </tt>
87<a name="L31"></a><tt class="py-lineno"> 31</tt> <tt class="py-line"><tt id="link-4" class="py-name" targets="Variable apiclient.discovery.logger=apiclient.discovery-module.html#logger,Variable oauth2client.appengine.logger=oauth2client.appengine-module.html#logger,Variable oauth2client.client.logger=oauth2client.client-module.html#logger,Variable oauth2client.crypt.logger=oauth2client.crypt-module.html#logger,Variable oauth2client.gce.logger=oauth2client.gce-module.html#logger,Variable oauth2client.locked_file.logger=oauth2client.locked_file-module.html#logger,Variable oauth2client.multistore_file.logger=oauth2client.multistore_file-module.html#logger,Variable oauth2client.util.logger=oauth2client.util-module.html#logger"><a title="apiclient.discovery.logger
Joe Gregorioe7a0c472012-07-12 11:46:04 -0400[diff] [blame]88oauth2client.appengine.logger
89oauth2client.client.logger
90oauth2client.crypt.logger
Joe Gregorio1b425aa2012-08-24 12:04:34 -0400[diff] [blame]91oauth2client.gce.logger
Joe Gregorioe7a0c472012-07-12 11:46:04 -0400[diff] [blame]92oauth2client.locked_file.logger
Joe Gregorioad8013f2012-08-03 08:44:02 -0400[diff] [blame]93oauth2client.multistore_file.logger
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]94oauth2client.util.logger" class="py-name" href="#" onclick="return doclink('link-4', 'logger', 'link-4');">logger</a></tt> <tt class="py-op">=</tt> <tt class="py-name">logging</tt><tt class="py-op">.</tt><tt class="py-name">getLogger</tt><tt class="py-op">(</tt><tt class="py-name">__name__</tt><tt class="py-op">)</tt> </tt>
Joe Gregorioe7a0c472012-07-12 11:46:04 -0400[diff] [blame]95<a name="AppIdentityError"></a><div id="AppIdentityError-def"><a name="L32"></a><tt class="py-lineno"> 32</tt> <tt class="py-line"> </tt>
96<a name="L33"></a><tt class="py-lineno"> 33</tt> <tt class="py-line"> </tt>
97<a name="L34"></a><tt class="py-lineno"> 34</tt> <a class="py-toggle" href="#" id="AppIdentityError-toggle" onclick="return toggle('AppIdentityError');">-</a><tt class="py-line"><tt class="py-keyword">class</tt> <a class="py-def-name" href="oauth2client.crypt.AppIdentityError-class.html">AppIdentityError</a><tt class="py-op">(</tt><tt class="py-base-class">Exception</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
98</div><div id="AppIdentityError-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="AppIdentityError-expanded"><a name="L35"></a><tt class="py-lineno"> 35</tt> <tt class="py-line"> <tt class="py-keyword">pass</tt> </tt>
99</div><a name="L36"></a><tt class="py-lineno"> 36</tt> <tt class="py-line"> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]100<a name="L37"></a><tt class="py-lineno"> 37</tt> <tt class="py-line"> </tt>
101<a name="L38"></a><tt class="py-lineno"> 38</tt> <tt class="py-line"><tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
102<a name="L39"></a><tt class="py-lineno"> 39</tt> <tt class="py-line"> <tt class="py-keyword">from</tt> <tt class="py-name">OpenSSL</tt> <tt class="py-keyword">import</tt> <tt class="py-name">crypto</tt> </tt>
103<a name="OpenSSLVerifier"></a><div id="OpenSSLVerifier-def"><a name="L40"></a><tt class="py-lineno"> 40</tt> <tt class="py-line"> </tt>
104<a name="L41"></a><tt class="py-lineno"> 41</tt> <tt class="py-line"> </tt>
105<a name="L42"></a><tt class="py-lineno"> 42</tt> <a class="py-toggle" href="#" id="OpenSSLVerifier-toggle" onclick="return toggle('OpenSSLVerifier');">-</a><tt class="py-line"> <tt class="py-keyword">class</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLVerifier-class.html">OpenSSLVerifier</a><tt class="py-op">(</tt><tt class="py-base-class">object</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
106</div><div id="OpenSSLVerifier-collapsed" style="display:none;" pad="+++" indent="++++++"></div><div id="OpenSSLVerifier-expanded"><a name="L43"></a><tt class="py-lineno"> 43</tt> <tt class="py-line"> <tt class="py-docstring">"""Verifies the signature on a message."""</tt> </tt>
107<a name="L44"></a><tt class="py-lineno"> 44</tt> <tt class="py-line"> </tt>
108<a name="OpenSSLVerifier.__init__"></a><div id="OpenSSLVerifier.__init__-def"><a name="L45"></a><tt class="py-lineno"> 45</tt> <a class="py-toggle" href="#" id="OpenSSLVerifier.__init__-toggle" onclick="return toggle('OpenSSLVerifier.__init__');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLVerifier-class.html#__init__">__init__</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">pubkey</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
109</div><div id="OpenSSLVerifier.__init__-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLVerifier.__init__-expanded"><a name="L46"></a><tt class="py-lineno"> 46</tt> <tt class="py-line"> <tt class="py-docstring">"""Constructor.</tt> </tt>
110<a name="L47"></a><tt class="py-lineno"> 47</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
111<a name="L48"></a><tt class="py-lineno"> 48</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
112<a name="L49"></a><tt class="py-lineno"> 49</tt> <tt class="py-line"><tt class="py-docstring"> pubkey, OpenSSL.crypto.PKey, The public key to verify with.</tt> </tt>
113<a name="L50"></a><tt class="py-lineno"> 50</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
114<a name="L51"></a><tt class="py-lineno"> 51</tt> <tt class="py-line"> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_pubkey</tt> <tt class="py-op">=</tt> <tt class="py-name">pubkey</tt> </tt>
115</div><a name="L52"></a><tt class="py-lineno"> 52</tt> <tt class="py-line"> </tt>
116<a name="OpenSSLVerifier.verify"></a><div id="OpenSSLVerifier.verify-def"><a name="L53"></a><tt class="py-lineno"> 53</tt> <a class="py-toggle" href="#" id="OpenSSLVerifier.verify-toggle" onclick="return toggle('OpenSSLVerifier.verify');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLVerifier-class.html#verify">verify</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">message</tt><tt class="py-op">,</tt> <tt class="py-param">signature</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
117</div><div id="OpenSSLVerifier.verify-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLVerifier.verify-expanded"><a name="L54"></a><tt class="py-lineno"> 54</tt> <tt class="py-line"> <tt class="py-docstring">"""Verifies a message against a signature.</tt> </tt>
Joe Gregorioe7a0c472012-07-12 11:46:04 -0400[diff] [blame]118<a name="L55"></a><tt class="py-lineno"> 55</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]119<a name="L56"></a><tt class="py-lineno"> 56</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
120<a name="L57"></a><tt class="py-lineno"> 57</tt> <tt class="py-line"><tt class="py-docstring"> message: string, The message to verify.</tt> </tt>
121<a name="L58"></a><tt class="py-lineno"> 58</tt> <tt class="py-line"><tt class="py-docstring"> signature: string, The signature on the message.</tt> </tt>
122<a name="L59"></a><tt class="py-lineno"> 59</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
123<a name="L60"></a><tt class="py-lineno"> 60</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
124<a name="L61"></a><tt class="py-lineno"> 61</tt> <tt class="py-line"><tt class="py-docstring"> True if message was signed by the private key associated with the public</tt> </tt>
125<a name="L62"></a><tt class="py-lineno"> 62</tt> <tt class="py-line"><tt class="py-docstring"> key that this object was constructed with.</tt> </tt>
126<a name="L63"></a><tt class="py-lineno"> 63</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
127<a name="L64"></a><tt class="py-lineno"> 64</tt> <tt class="py-line"> <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]128<a name="L65"></a><tt class="py-lineno"> 65</tt> <tt class="py-line"> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">verify</tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_pubkey</tt><tt class="py-op">,</tt> <tt class="py-name">signature</tt><tt class="py-op">,</tt> <tt class="py-name">message</tt><tt class="py-op">,</tt> <tt class="py-string">'sha256'</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]129<a name="L66"></a><tt class="py-lineno"> 66</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">True</tt> </tt>
130<a name="L67"></a><tt class="py-lineno"> 67</tt> <tt class="py-line"> <tt class="py-keyword">except</tt><tt class="py-op">:</tt> </tt>
131<a name="L68"></a><tt class="py-lineno"> 68</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">False</tt> </tt>
132</div><a name="L69"></a><tt class="py-lineno"> 69</tt> <tt class="py-line"> </tt>
133<a name="L70"></a><tt class="py-lineno"> 70</tt> <tt class="py-line"> <tt class="py-decorator">@</tt><tt class="py-decorator">staticmethod</tt> </tt>
134<a name="OpenSSLVerifier.from_string"></a><div id="OpenSSLVerifier.from_string-def"><a name="L71"></a><tt class="py-lineno"> 71</tt> <a class="py-toggle" href="#" id="OpenSSLVerifier.from_string-toggle" onclick="return toggle('OpenSSLVerifier.from_string');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLVerifier-class.html#from_string">from_string</a><tt class="py-op">(</tt><tt class="py-param">key_pem</tt><tt class="py-op">,</tt> <tt class="py-param">is_x509_cert</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
135</div><div id="OpenSSLVerifier.from_string-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLVerifier.from_string-expanded"><a name="L72"></a><tt class="py-lineno"> 72</tt> <tt class="py-line"> <tt class="py-docstring">"""Construct a Verified instance from a string.</tt> </tt>
136<a name="L73"></a><tt class="py-lineno"> 73</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
137<a name="L74"></a><tt class="py-lineno"> 74</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
138<a name="L75"></a><tt class="py-lineno"> 75</tt> <tt class="py-line"><tt class="py-docstring"> key_pem: string, public key in PEM format.</tt> </tt>
139<a name="L76"></a><tt class="py-lineno"> 76</tt> <tt class="py-line"><tt class="py-docstring"> is_x509_cert: bool, True if key_pem is an X509 cert, otherwise it is</tt> </tt>
140<a name="L77"></a><tt class="py-lineno"> 77</tt> <tt class="py-line"><tt class="py-docstring"> expected to be an RSA key in PEM format.</tt> </tt>
141<a name="L78"></a><tt class="py-lineno"> 78</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
142<a name="L79"></a><tt class="py-lineno"> 79</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
143<a name="L80"></a><tt class="py-lineno"> 80</tt> <tt class="py-line"><tt class="py-docstring"> Verifier instance.</tt> </tt>
144<a name="L81"></a><tt class="py-lineno"> 81</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
145<a name="L82"></a><tt class="py-lineno"> 82</tt> <tt class="py-line"><tt class="py-docstring"> Raises:</tt> </tt>
146<a name="L83"></a><tt class="py-lineno"> 83</tt> <tt class="py-line"><tt class="py-docstring"> OpenSSL.crypto.Error if the key_pem can't be parsed.</tt> </tt>
147<a name="L84"></a><tt class="py-lineno"> 84</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
148<a name="L85"></a><tt class="py-lineno"> 85</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">is_x509_cert</tt><tt class="py-op">:</tt> </tt>
149<a name="L86"></a><tt class="py-lineno"> 86</tt> <tt class="py-line"> <tt class="py-name">pubkey</tt> <tt class="py-op">=</tt> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">load_certificate</tt><tt class="py-op">(</tt><tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">FILETYPE_PEM</tt><tt class="py-op">,</tt> <tt class="py-name">key_pem</tt><tt class="py-op">)</tt> </tt>
150<a name="L87"></a><tt class="py-lineno"> 87</tt> <tt class="py-line"> <tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
151<a name="L88"></a><tt class="py-lineno"> 88</tt> <tt class="py-line"> <tt class="py-name">pubkey</tt> <tt class="py-op">=</tt> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">load_privatekey</tt><tt class="py-op">(</tt><tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">FILETYPE_PEM</tt><tt class="py-op">,</tt> <tt class="py-name">key_pem</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]152<a name="L89"></a><tt class="py-lineno"> 89</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt id="link-5" class="py-name" targets="Variable oauth2client.crypt.OpenSSLVerifier=oauth2client.crypt-module.html#OpenSSLVerifier"><a title="oauth2client.crypt.OpenSSLVerifier" class="py-name" href="#" onclick="return doclink('link-5', 'OpenSSLVerifier', 'link-5');">OpenSSLVerifier</a></tt><tt class="py-op">(</tt><tt class="py-name">pubkey</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]153</div></div><a name="L90"></a><tt class="py-lineno"> 90</tt> <tt class="py-line"> </tt>
154<a name="OpenSSLSigner"></a><div id="OpenSSLSigner-def"><a name="L91"></a><tt class="py-lineno"> 91</tt> <tt class="py-line"> </tt>
155<a name="L92"></a><tt class="py-lineno"> 92</tt> <a class="py-toggle" href="#" id="OpenSSLSigner-toggle" onclick="return toggle('OpenSSLSigner');">-</a><tt class="py-line"> <tt class="py-keyword">class</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLSigner-class.html">OpenSSLSigner</a><tt class="py-op">(</tt><tt class="py-base-class">object</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
156</div><div id="OpenSSLSigner-collapsed" style="display:none;" pad="+++" indent="++++++"></div><div id="OpenSSLSigner-expanded"><a name="L93"></a><tt class="py-lineno"> 93</tt> <tt class="py-line"> <tt class="py-docstring">"""Signs messages with a private key."""</tt> </tt>
157<a name="L94"></a><tt class="py-lineno"> 94</tt> <tt class="py-line"> </tt>
158<a name="OpenSSLSigner.__init__"></a><div id="OpenSSLSigner.__init__-def"><a name="L95"></a><tt class="py-lineno"> 95</tt> <a class="py-toggle" href="#" id="OpenSSLSigner.__init__-toggle" onclick="return toggle('OpenSSLSigner.__init__');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLSigner-class.html#__init__">__init__</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">pkey</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
159</div><div id="OpenSSLSigner.__init__-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLSigner.__init__-expanded"><a name="L96"></a><tt class="py-lineno"> 96</tt> <tt class="py-line"> <tt class="py-docstring">"""Constructor.</tt> </tt>
160<a name="L97"></a><tt class="py-lineno"> 97</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
161<a name="L98"></a><tt class="py-lineno"> 98</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
162<a name="L99"></a><tt class="py-lineno"> 99</tt> <tt class="py-line"><tt class="py-docstring"> pkey, OpenSSL.crypto.PKey (or equiv), The private key to sign with.</tt> </tt>
163<a name="L100"></a><tt class="py-lineno">100</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
164<a name="L101"></a><tt class="py-lineno">101</tt> <tt class="py-line"> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_key</tt> <tt class="py-op">=</tt> <tt class="py-name">pkey</tt> </tt>
165</div><a name="L102"></a><tt class="py-lineno">102</tt> <tt class="py-line"> </tt>
166<a name="OpenSSLSigner.sign"></a><div id="OpenSSLSigner.sign-def"><a name="L103"></a><tt class="py-lineno">103</tt> <a class="py-toggle" href="#" id="OpenSSLSigner.sign-toggle" onclick="return toggle('OpenSSLSigner.sign');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLSigner-class.html#sign">sign</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">message</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
167</div><div id="OpenSSLSigner.sign-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLSigner.sign-expanded"><a name="L104"></a><tt class="py-lineno">104</tt> <tt class="py-line"> <tt class="py-docstring">"""Signs a message.</tt> </tt>
168<a name="L105"></a><tt class="py-lineno">105</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
169<a name="L106"></a><tt class="py-lineno">106</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
170<a name="L107"></a><tt class="py-lineno">107</tt> <tt class="py-line"><tt class="py-docstring"> message: string, Message to be signed.</tt> </tt>
171<a name="L108"></a><tt class="py-lineno">108</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
172<a name="L109"></a><tt class="py-lineno">109</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
173<a name="L110"></a><tt class="py-lineno">110</tt> <tt class="py-line"><tt class="py-docstring"> string, The signature of the message for the given key.</tt> </tt>
174<a name="L111"></a><tt class="py-lineno">111</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
175<a name="L112"></a><tt class="py-lineno">112</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">sign</tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_key</tt><tt class="py-op">,</tt> <tt class="py-name">message</tt><tt class="py-op">,</tt> <tt class="py-string">'sha256'</tt><tt class="py-op">)</tt> </tt>
176</div><a name="L113"></a><tt class="py-lineno">113</tt> <tt class="py-line"> </tt>
177<a name="L114"></a><tt class="py-lineno">114</tt> <tt class="py-line"> <tt class="py-decorator">@</tt><tt class="py-decorator">staticmethod</tt> </tt>
178<a name="OpenSSLSigner.from_string"></a><div id="OpenSSLSigner.from_string-def"><a name="L115"></a><tt class="py-lineno">115</tt> <a class="py-toggle" href="#" id="OpenSSLSigner.from_string-toggle" onclick="return toggle('OpenSSLSigner.from_string');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.OpenSSLSigner-class.html#from_string">from_string</a><tt class="py-op">(</tt><tt class="py-param">key</tt><tt class="py-op">,</tt> <tt class="py-param">password</tt><tt class="py-op">=</tt><tt class="py-string">'notasecret'</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
179</div><div id="OpenSSLSigner.from_string-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="OpenSSLSigner.from_string-expanded"><a name="L116"></a><tt class="py-lineno">116</tt> <tt class="py-line"> <tt class="py-docstring">"""Construct a Signer instance from a string.</tt> </tt>
Joe Gregorioe7a0c472012-07-12 11:46:04 -0400[diff] [blame]180<a name="L117"></a><tt class="py-lineno">117</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]181<a name="L118"></a><tt class="py-lineno">118</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
182<a name="L119"></a><tt class="py-lineno">119</tt> <tt class="py-line"><tt class="py-docstring"> key: string, private key in PKCS12 or PEM format.</tt> </tt>
183<a name="L120"></a><tt class="py-lineno">120</tt> <tt class="py-line"><tt class="py-docstring"> password: string, password for the private key file.</tt> </tt>
184<a name="L121"></a><tt class="py-lineno">121</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
185<a name="L122"></a><tt class="py-lineno">122</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
186<a name="L123"></a><tt class="py-lineno">123</tt> <tt class="py-line"><tt class="py-docstring"> Signer instance.</tt> </tt>
187<a name="L124"></a><tt class="py-lineno">124</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
188<a name="L125"></a><tt class="py-lineno">125</tt> <tt class="py-line"><tt class="py-docstring"> Raises:</tt> </tt>
189<a name="L126"></a><tt class="py-lineno">126</tt> <tt class="py-line"><tt class="py-docstring"> OpenSSL.crypto.Error if the key can't be parsed.</tt> </tt>
190<a name="L127"></a><tt class="py-lineno">127</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
191<a name="L128"></a><tt class="py-lineno">128</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">key</tt><tt class="py-op">.</tt><tt class="py-name">startswith</tt><tt class="py-op">(</tt><tt class="py-string">'-----BEGIN '</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
192<a name="L129"></a><tt class="py-lineno">129</tt> <tt class="py-line"> <tt class="py-name">pkey</tt> <tt class="py-op">=</tt> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">load_privatekey</tt><tt class="py-op">(</tt><tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">FILETYPE_PEM</tt><tt class="py-op">,</tt> <tt class="py-name">key</tt><tt class="py-op">)</tt> </tt>
193<a name="L130"></a><tt class="py-lineno">130</tt> <tt class="py-line"> <tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
194<a name="L131"></a><tt class="py-lineno">131</tt> <tt class="py-line"> <tt class="py-name">pkey</tt> <tt class="py-op">=</tt> <tt class="py-name">crypto</tt><tt class="py-op">.</tt><tt class="py-name">load_pkcs12</tt><tt class="py-op">(</tt><tt class="py-name">key</tt><tt class="py-op">,</tt> <tt class="py-name">password</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt class="py-name">get_privatekey</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]195<a name="L132"></a><tt class="py-lineno">132</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt id="link-6" class="py-name" targets="Variable oauth2client.crypt.OpenSSLSigner=oauth2client.crypt-module.html#OpenSSLSigner"><a title="oauth2client.crypt.OpenSSLSigner" class="py-name" href="#" onclick="return doclink('link-6', 'OpenSSLSigner', 'link-6');">OpenSSLSigner</a></tt><tt class="py-op">(</tt><tt class="py-name">pkey</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]196</div></div><a name="L133"></a><tt class="py-lineno">133</tt> <tt class="py-line"> </tt>
197<a name="L134"></a><tt class="py-lineno">134</tt> <tt class="py-line"><tt class="py-keyword">except</tt> <tt class="py-name">ImportError</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]198<a name="L135"></a><tt class="py-lineno">135</tt> <tt class="py-line"> <tt id="link-7" class="py-name"><a title="oauth2client.crypt.OpenSSLVerifier" class="py-name" href="#" onclick="return doclink('link-7', 'OpenSSLVerifier', 'link-5');">OpenSSLVerifier</a></tt> <tt class="py-op">=</tt> <tt class="py-name">None</tt> </tt>
199<a name="L136"></a><tt class="py-lineno">136</tt> <tt class="py-line"> <tt id="link-8" class="py-name"><a title="oauth2client.crypt.OpenSSLSigner" class="py-name" href="#" onclick="return doclink('link-8', 'OpenSSLSigner', 'link-6');">OpenSSLSigner</a></tt> <tt class="py-op">=</tt> <tt class="py-name">None</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]200<a name="L137"></a><tt class="py-lineno">137</tt> <tt class="py-line"> </tt>
201<a name="L138"></a><tt class="py-lineno">138</tt> <tt class="py-line"> </tt>
202<a name="L139"></a><tt class="py-lineno">139</tt> <tt class="py-line"><tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
203<a name="L140"></a><tt class="py-lineno">140</tt> <tt class="py-line"> <tt class="py-keyword">from</tt> <tt class="py-name">Crypto</tt><tt class="py-op">.</tt><tt class="py-name">PublicKey</tt> <tt class="py-keyword">import</tt> <tt class="py-name">RSA</tt> </tt>
204<a name="L141"></a><tt class="py-lineno">141</tt> <tt class="py-line"> <tt class="py-keyword">from</tt> <tt class="py-name">Crypto</tt><tt class="py-op">.</tt><tt class="py-name">Hash</tt> <tt class="py-keyword">import</tt> <tt class="py-name">SHA256</tt> </tt>
205<a name="L142"></a><tt class="py-lineno">142</tt> <tt class="py-line"> <tt class="py-keyword">from</tt> <tt class="py-name">Crypto</tt><tt class="py-op">.</tt><tt class="py-name">Signature</tt> <tt class="py-keyword">import</tt> <tt class="py-name">PKCS1_v1_5</tt> </tt>
206<a name="PyCryptoVerifier"></a><div id="PyCryptoVerifier-def"><a name="L143"></a><tt class="py-lineno">143</tt> <tt class="py-line"> </tt>
207<a name="L144"></a><tt class="py-lineno">144</tt> <tt class="py-line"> </tt>
208<a name="L145"></a><tt class="py-lineno">145</tt> <a class="py-toggle" href="#" id="PyCryptoVerifier-toggle" onclick="return toggle('PyCryptoVerifier');">-</a><tt class="py-line"> <tt class="py-keyword">class</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoVerifier-class.html">PyCryptoVerifier</a><tt class="py-op">(</tt><tt class="py-base-class">object</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
209</div><div id="PyCryptoVerifier-collapsed" style="display:none;" pad="+++" indent="++++++"></div><div id="PyCryptoVerifier-expanded"><a name="L146"></a><tt class="py-lineno">146</tt> <tt class="py-line"> <tt class="py-docstring">"""Verifies the signature on a message."""</tt> </tt>
210<a name="L147"></a><tt class="py-lineno">147</tt> <tt class="py-line"> </tt>
211<a name="PyCryptoVerifier.__init__"></a><div id="PyCryptoVerifier.__init__-def"><a name="L148"></a><tt class="py-lineno">148</tt> <a class="py-toggle" href="#" id="PyCryptoVerifier.__init__-toggle" onclick="return toggle('PyCryptoVerifier.__init__');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoVerifier-class.html#__init__">__init__</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">pubkey</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
212</div><div id="PyCryptoVerifier.__init__-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoVerifier.__init__-expanded"><a name="L149"></a><tt class="py-lineno">149</tt> <tt class="py-line"> <tt class="py-docstring">"""Constructor.</tt> </tt>
213<a name="L150"></a><tt class="py-lineno">150</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
214<a name="L151"></a><tt class="py-lineno">151</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
215<a name="L152"></a><tt class="py-lineno">152</tt> <tt class="py-line"><tt class="py-docstring"> pubkey, OpenSSL.crypto.PKey (or equiv), The public key to verify with.</tt> </tt>
216<a name="L153"></a><tt class="py-lineno">153</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
217<a name="L154"></a><tt class="py-lineno">154</tt> <tt class="py-line"> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_pubkey</tt> <tt class="py-op">=</tt> <tt class="py-name">pubkey</tt> </tt>
218</div><a name="L155"></a><tt class="py-lineno">155</tt> <tt class="py-line"> </tt>
219<a name="PyCryptoVerifier.verify"></a><div id="PyCryptoVerifier.verify-def"><a name="L156"></a><tt class="py-lineno">156</tt> <a class="py-toggle" href="#" id="PyCryptoVerifier.verify-toggle" onclick="return toggle('PyCryptoVerifier.verify');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoVerifier-class.html#verify">verify</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">message</tt><tt class="py-op">,</tt> <tt class="py-param">signature</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
220</div><div id="PyCryptoVerifier.verify-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoVerifier.verify-expanded"><a name="L157"></a><tt class="py-lineno">157</tt> <tt class="py-line"> <tt class="py-docstring">"""Verifies a message against a signature.</tt> </tt>
221<a name="L158"></a><tt class="py-lineno">158</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
222<a name="L159"></a><tt class="py-lineno">159</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
223<a name="L160"></a><tt class="py-lineno">160</tt> <tt class="py-line"><tt class="py-docstring"> message: string, The message to verify.</tt> </tt>
224<a name="L161"></a><tt class="py-lineno">161</tt> <tt class="py-line"><tt class="py-docstring"> signature: string, The signature on the message.</tt> </tt>
225<a name="L162"></a><tt class="py-lineno">162</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
226<a name="L163"></a><tt class="py-lineno">163</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
227<a name="L164"></a><tt class="py-lineno">164</tt> <tt class="py-line"><tt class="py-docstring"> True if message was signed by the private key associated with the public</tt> </tt>
228<a name="L165"></a><tt class="py-lineno">165</tt> <tt class="py-line"><tt class="py-docstring"> key that this object was constructed with.</tt> </tt>
229<a name="L166"></a><tt class="py-lineno">166</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
230<a name="L167"></a><tt class="py-lineno">167</tt> <tt class="py-line"> <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]231<a name="L168"></a><tt class="py-lineno">168</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">PKCS1_v1_5</tt><tt class="py-op">.</tt><tt class="py-name">new</tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_pubkey</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt class="py-name">verify</tt><tt class="py-op">(</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]232<a name="L169"></a><tt class="py-lineno">169</tt> <tt class="py-line"> <tt class="py-name">SHA256</tt><tt class="py-op">.</tt><tt class="py-name">new</tt><tt class="py-op">(</tt><tt class="py-name">message</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> <tt class="py-name">signature</tt><tt class="py-op">)</tt> </tt>
233<a name="L170"></a><tt class="py-lineno">170</tt> <tt class="py-line"> <tt class="py-keyword">except</tt><tt class="py-op">:</tt> </tt>
234<a name="L171"></a><tt class="py-lineno">171</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">False</tt> </tt>
235</div><a name="L172"></a><tt class="py-lineno">172</tt> <tt class="py-line"> </tt>
236<a name="L173"></a><tt class="py-lineno">173</tt> <tt class="py-line"> <tt class="py-decorator">@</tt><tt class="py-decorator">staticmethod</tt> </tt>
237<a name="PyCryptoVerifier.from_string"></a><div id="PyCryptoVerifier.from_string-def"><a name="L174"></a><tt class="py-lineno">174</tt> <a class="py-toggle" href="#" id="PyCryptoVerifier.from_string-toggle" onclick="return toggle('PyCryptoVerifier.from_string');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoVerifier-class.html#from_string">from_string</a><tt class="py-op">(</tt><tt class="py-param">key_pem</tt><tt class="py-op">,</tt> <tt class="py-param">is_x509_cert</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
238</div><div id="PyCryptoVerifier.from_string-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoVerifier.from_string-expanded"><a name="L175"></a><tt class="py-lineno">175</tt> <tt class="py-line"> <tt class="py-docstring">"""Construct a Verified instance from a string.</tt> </tt>
239<a name="L176"></a><tt class="py-lineno">176</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
240<a name="L177"></a><tt class="py-lineno">177</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
241<a name="L178"></a><tt class="py-lineno">178</tt> <tt class="py-line"><tt class="py-docstring"> key_pem: string, public key in PEM format.</tt> </tt>
242<a name="L179"></a><tt class="py-lineno">179</tt> <tt class="py-line"><tt class="py-docstring"> is_x509_cert: bool, True if key_pem is an X509 cert, otherwise it is</tt> </tt>
243<a name="L180"></a><tt class="py-lineno">180</tt> <tt class="py-line"><tt class="py-docstring"> expected to be an RSA key in PEM format.</tt> </tt>
244<a name="L181"></a><tt class="py-lineno">181</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
245<a name="L182"></a><tt class="py-lineno">182</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
246<a name="L183"></a><tt class="py-lineno">183</tt> <tt class="py-line"><tt class="py-docstring"> Verifier instance.</tt> </tt>
247<a name="L184"></a><tt class="py-lineno">184</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
248<a name="L185"></a><tt class="py-lineno">185</tt> <tt class="py-line"><tt class="py-docstring"> Raises:</tt> </tt>
249<a name="L186"></a><tt class="py-lineno">186</tt> <tt class="py-line"><tt class="py-docstring"> NotImplementedError if is_x509_cert is true.</tt> </tt>
250<a name="L187"></a><tt class="py-lineno">187</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
251<a name="L188"></a><tt class="py-lineno">188</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">is_x509_cert</tt><tt class="py-op">:</tt> </tt>
252<a name="L189"></a><tt class="py-lineno">189</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt class="py-name">NotImplementedError</tt><tt class="py-op">(</tt> </tt>
253<a name="L190"></a><tt class="py-lineno">190</tt> <tt class="py-line"> <tt class="py-string">'X509 certs are not supported by the PyCrypto library. '</tt> </tt>
254<a name="L191"></a><tt class="py-lineno">191</tt> <tt class="py-line"> <tt class="py-string">'Try using PyOpenSSL if native code is an option.'</tt><tt class="py-op">)</tt> </tt>
255<a name="L192"></a><tt class="py-lineno">192</tt> <tt class="py-line"> <tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
256<a name="L193"></a><tt class="py-lineno">193</tt> <tt class="py-line"> <tt class="py-name">pubkey</tt> <tt class="py-op">=</tt> <tt class="py-name">RSA</tt><tt class="py-op">.</tt><tt class="py-name">importKey</tt><tt class="py-op">(</tt><tt class="py-name">key_pem</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]257<a name="L194"></a><tt class="py-lineno">194</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt id="link-9" class="py-name" targets="Variable oauth2client.crypt.PyCryptoVerifier=oauth2client.crypt-module.html#PyCryptoVerifier"><a title="oauth2client.crypt.PyCryptoVerifier" class="py-name" href="#" onclick="return doclink('link-9', 'PyCryptoVerifier', 'link-9');">PyCryptoVerifier</a></tt><tt class="py-op">(</tt><tt class="py-name">pubkey</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]258</div></div><a name="L195"></a><tt class="py-lineno">195</tt> <tt class="py-line"> </tt>
259<a name="PyCryptoSigner"></a><div id="PyCryptoSigner-def"><a name="L196"></a><tt class="py-lineno">196</tt> <tt class="py-line"> </tt>
260<a name="L197"></a><tt class="py-lineno">197</tt> <a class="py-toggle" href="#" id="PyCryptoSigner-toggle" onclick="return toggle('PyCryptoSigner');">-</a><tt class="py-line"> <tt class="py-keyword">class</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoSigner-class.html">PyCryptoSigner</a><tt class="py-op">(</tt><tt class="py-base-class">object</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
261</div><div id="PyCryptoSigner-collapsed" style="display:none;" pad="+++" indent="++++++"></div><div id="PyCryptoSigner-expanded"><a name="L198"></a><tt class="py-lineno">198</tt> <tt class="py-line"> <tt class="py-docstring">"""Signs messages with a private key."""</tt> </tt>
262<a name="L199"></a><tt class="py-lineno">199</tt> <tt class="py-line"> </tt>
263<a name="PyCryptoSigner.__init__"></a><div id="PyCryptoSigner.__init__-def"><a name="L200"></a><tt class="py-lineno">200</tt> <a class="py-toggle" href="#" id="PyCryptoSigner.__init__-toggle" onclick="return toggle('PyCryptoSigner.__init__');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoSigner-class.html#__init__">__init__</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">pkey</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
264</div><div id="PyCryptoSigner.__init__-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoSigner.__init__-expanded"><a name="L201"></a><tt class="py-lineno">201</tt> <tt class="py-line"> <tt class="py-docstring">"""Constructor.</tt> </tt>
265<a name="L202"></a><tt class="py-lineno">202</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
266<a name="L203"></a><tt class="py-lineno">203</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
267<a name="L204"></a><tt class="py-lineno">204</tt> <tt class="py-line"><tt class="py-docstring"> pkey, OpenSSL.crypto.PKey (or equiv), The private key to sign with.</tt> </tt>
268<a name="L205"></a><tt class="py-lineno">205</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
269<a name="L206"></a><tt class="py-lineno">206</tt> <tt class="py-line"> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_key</tt> <tt class="py-op">=</tt> <tt class="py-name">pkey</tt> </tt>
270</div><a name="L207"></a><tt class="py-lineno">207</tt> <tt class="py-line"> </tt>
271<a name="PyCryptoSigner.sign"></a><div id="PyCryptoSigner.sign-def"><a name="L208"></a><tt class="py-lineno">208</tt> <a class="py-toggle" href="#" id="PyCryptoSigner.sign-toggle" onclick="return toggle('PyCryptoSigner.sign');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoSigner-class.html#sign">sign</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">message</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
272</div><div id="PyCryptoSigner.sign-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoSigner.sign-expanded"><a name="L209"></a><tt class="py-lineno">209</tt> <tt class="py-line"> <tt class="py-docstring">"""Signs a message.</tt> </tt>
273<a name="L210"></a><tt class="py-lineno">210</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
274<a name="L211"></a><tt class="py-lineno">211</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
275<a name="L212"></a><tt class="py-lineno">212</tt> <tt class="py-line"><tt class="py-docstring"> message: string, Message to be signed.</tt> </tt>
276<a name="L213"></a><tt class="py-lineno">213</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
277<a name="L214"></a><tt class="py-lineno">214</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
278<a name="L215"></a><tt class="py-lineno">215</tt> <tt class="py-line"><tt class="py-docstring"> string, The signature of the message for the given key.</tt> </tt>
279<a name="L216"></a><tt class="py-lineno">216</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
280<a name="L217"></a><tt class="py-lineno">217</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">PKCS1_v1_5</tt><tt class="py-op">.</tt><tt class="py-name">new</tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">_key</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt class="py-name">sign</tt><tt class="py-op">(</tt><tt class="py-name">SHA256</tt><tt class="py-op">.</tt><tt class="py-name">new</tt><tt class="py-op">(</tt><tt class="py-name">message</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
281</div><a name="L218"></a><tt class="py-lineno">218</tt> <tt class="py-line"> </tt>
282<a name="L219"></a><tt class="py-lineno">219</tt> <tt class="py-line"> <tt class="py-decorator">@</tt><tt class="py-decorator">staticmethod</tt> </tt>
283<a name="PyCryptoSigner.from_string"></a><div id="PyCryptoSigner.from_string-def"><a name="L220"></a><tt class="py-lineno">220</tt> <a class="py-toggle" href="#" id="PyCryptoSigner.from_string-toggle" onclick="return toggle('PyCryptoSigner.from_string');">-</a><tt class="py-line"> <tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt.PyCryptoSigner-class.html#from_string">from_string</a><tt class="py-op">(</tt><tt class="py-param">key</tt><tt class="py-op">,</tt> <tt class="py-param">password</tt><tt class="py-op">=</tt><tt class="py-string">'notasecret'</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
284</div><div id="PyCryptoSigner.from_string-collapsed" style="display:none;" pad="+++" indent="++++++++++"></div><div id="PyCryptoSigner.from_string-expanded"><a name="L221"></a><tt class="py-lineno">221</tt> <tt class="py-line"> <tt class="py-docstring">"""Construct a Signer instance from a string.</tt> </tt>
285<a name="L222"></a><tt class="py-lineno">222</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
286<a name="L223"></a><tt class="py-lineno">223</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
287<a name="L224"></a><tt class="py-lineno">224</tt> <tt class="py-line"><tt class="py-docstring"> key: string, private key in PEM format.</tt> </tt>
288<a name="L225"></a><tt class="py-lineno">225</tt> <tt class="py-line"><tt class="py-docstring"> password: string, password for private key file. Unused for PEM files.</tt> </tt>
289<a name="L226"></a><tt class="py-lineno">226</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
290<a name="L227"></a><tt class="py-lineno">227</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
291<a name="L228"></a><tt class="py-lineno">228</tt> <tt class="py-line"><tt class="py-docstring"> Signer instance.</tt> </tt>
292<a name="L229"></a><tt class="py-lineno">229</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
293<a name="L230"></a><tt class="py-lineno">230</tt> <tt class="py-line"><tt class="py-docstring"> Raises:</tt> </tt>
294<a name="L231"></a><tt class="py-lineno">231</tt> <tt class="py-line"><tt class="py-docstring"> NotImplementedError if they key isn't in PEM format.</tt> </tt>
295<a name="L232"></a><tt class="py-lineno">232</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
296<a name="L233"></a><tt class="py-lineno">233</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">key</tt><tt class="py-op">.</tt><tt class="py-name">startswith</tt><tt class="py-op">(</tt><tt class="py-string">'-----BEGIN '</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
297<a name="L234"></a><tt class="py-lineno">234</tt> <tt class="py-line"> <tt class="py-name">pkey</tt> <tt class="py-op">=</tt> <tt class="py-name">RSA</tt><tt class="py-op">.</tt><tt class="py-name">importKey</tt><tt class="py-op">(</tt><tt class="py-name">key</tt><tt class="py-op">)</tt> </tt>
298<a name="L235"></a><tt class="py-lineno">235</tt> <tt class="py-line"> <tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
299<a name="L236"></a><tt class="py-lineno">236</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt class="py-name">NotImplementedError</tt><tt class="py-op">(</tt> </tt>
300<a name="L237"></a><tt class="py-lineno">237</tt> <tt class="py-line"> <tt class="py-string">'PKCS12 format is not supported by the PyCrpto library. '</tt> </tt>
301<a name="L238"></a><tt class="py-lineno">238</tt> <tt class="py-line"> <tt class="py-string">'Try converting to a "PEM" '</tt> </tt>
302<a name="L239"></a><tt class="py-lineno">239</tt> <tt class="py-line"> <tt class="py-string">'(openssl pkcs12 -in xxxxx.p12 -nodes -nocerts &gt; privatekey.pem) '</tt> </tt>
303<a name="L240"></a><tt class="py-lineno">240</tt> <tt class="py-line"> <tt class="py-string">'or using PyOpenSSL if native code is an option.'</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]304<a name="L241"></a><tt class="py-lineno">241</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt id="link-10" class="py-name" targets="Variable oauth2client.crypt.PyCryptoSigner=oauth2client.crypt-module.html#PyCryptoSigner"><a title="oauth2client.crypt.PyCryptoSigner" class="py-name" href="#" onclick="return doclink('link-10', 'PyCryptoSigner', 'link-10');">PyCryptoSigner</a></tt><tt class="py-op">(</tt><tt class="py-name">pkey</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]305</div></div><a name="L242"></a><tt class="py-lineno">242</tt> <tt class="py-line"> </tt>
306<a name="L243"></a><tt class="py-lineno">243</tt> <tt class="py-line"><tt class="py-keyword">except</tt> <tt class="py-name">ImportError</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]307<a name="L244"></a><tt class="py-lineno">244</tt> <tt class="py-line"> <tt id="link-11" class="py-name"><a title="oauth2client.crypt.PyCryptoVerifier" class="py-name" href="#" onclick="return doclink('link-11', 'PyCryptoVerifier', 'link-9');">PyCryptoVerifier</a></tt> <tt class="py-op">=</tt> <tt class="py-name">None</tt> </tt>
308<a name="L245"></a><tt class="py-lineno">245</tt> <tt class="py-line"> <tt id="link-12" class="py-name"><a title="oauth2client.crypt.PyCryptoSigner" class="py-name" href="#" onclick="return doclink('link-12', 'PyCryptoSigner', 'link-10');">PyCryptoSigner</a></tt> <tt class="py-op">=</tt> <tt class="py-name">None</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]309<a name="L246"></a><tt class="py-lineno">246</tt> <tt class="py-line"> </tt>
310<a name="L247"></a><tt class="py-lineno">247</tt> <tt class="py-line"> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]311<a name="L248"></a><tt class="py-lineno">248</tt> <tt class="py-line"><tt class="py-keyword">if</tt> <tt id="link-13" class="py-name"><a title="oauth2client.crypt.OpenSSLSigner" class="py-name" href="#" onclick="return doclink('link-13', 'OpenSSLSigner', 'link-6');">OpenSSLSigner</a></tt><tt class="py-op">:</tt> </tt>
312<a name="L249"></a><tt class="py-lineno">249</tt> <tt class="py-line"> <tt id="link-14" class="py-name" targets="Variable oauth2client.crypt.Signer=oauth2client.crypt-module.html#Signer"><a title="oauth2client.crypt.Signer" class="py-name" href="#" onclick="return doclink('link-14', 'Signer', 'link-14');">Signer</a></tt> <tt class="py-op">=</tt> <tt id="link-15" class="py-name"><a title="oauth2client.crypt.OpenSSLSigner" class="py-name" href="#" onclick="return doclink('link-15', 'OpenSSLSigner', 'link-6');">OpenSSLSigner</a></tt> </tt>
313<a name="L250"></a><tt class="py-lineno">250</tt> <tt class="py-line"> <tt id="link-16" class="py-name" targets="Variable oauth2client.crypt.Verifier=oauth2client.crypt-module.html#Verifier"><a title="oauth2client.crypt.Verifier" class="py-name" href="#" onclick="return doclink('link-16', 'Verifier', 'link-16');">Verifier</a></tt> <tt class="py-op">=</tt> <tt id="link-17" class="py-name"><a title="oauth2client.crypt.OpenSSLVerifier" class="py-name" href="#" onclick="return doclink('link-17', 'OpenSSLVerifier', 'link-5');">OpenSSLVerifier</a></tt> </tt>
314<a name="L251"></a><tt class="py-lineno">251</tt> <tt class="py-line"><tt class="py-keyword">elif</tt> <tt id="link-18" class="py-name"><a title="oauth2client.crypt.PyCryptoSigner" class="py-name" href="#" onclick="return doclink('link-18', 'PyCryptoSigner', 'link-10');">PyCryptoSigner</a></tt><tt class="py-op">:</tt> </tt>
315<a name="L252"></a><tt class="py-lineno">252</tt> <tt class="py-line"> <tt id="link-19" class="py-name"><a title="oauth2client.crypt.Signer" class="py-name" href="#" onclick="return doclink('link-19', 'Signer', 'link-14');">Signer</a></tt> <tt class="py-op">=</tt> <tt id="link-20" class="py-name"><a title="oauth2client.crypt.PyCryptoSigner" class="py-name" href="#" onclick="return doclink('link-20', 'PyCryptoSigner', 'link-10');">PyCryptoSigner</a></tt> </tt>
316<a name="L253"></a><tt class="py-lineno">253</tt> <tt class="py-line"> <tt id="link-21" class="py-name"><a title="oauth2client.crypt.Verifier" class="py-name" href="#" onclick="return doclink('link-21', 'Verifier', 'link-16');">Verifier</a></tt> <tt class="py-op">=</tt> <tt id="link-22" class="py-name"><a title="oauth2client.crypt.PyCryptoVerifier" class="py-name" href="#" onclick="return doclink('link-22', 'PyCryptoVerifier', 'link-9');">PyCryptoVerifier</a></tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]317<a name="L254"></a><tt class="py-lineno">254</tt> <tt class="py-line"><tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
318<a name="L255"></a><tt class="py-lineno">255</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt class="py-name">ImportError</tt><tt class="py-op">(</tt><tt class="py-string">'No encryption library found. Please install either '</tt> </tt>
319<a name="L256"></a><tt class="py-lineno">256</tt> <tt class="py-line"> <tt class="py-string">'PyOpenSSL, or PyCrypto 2.6 or later'</tt><tt class="py-op">)</tt> </tt>
320<a name="_urlsafe_b64encode"></a><div id="_urlsafe_b64encode-def"><a name="L257"></a><tt class="py-lineno">257</tt> <tt class="py-line"> </tt>
321<a name="L258"></a><tt class="py-lineno">258</tt> <tt class="py-line"> </tt>
322<a name="L259"></a><tt class="py-lineno">259</tt> <a class="py-toggle" href="#" id="_urlsafe_b64encode-toggle" onclick="return toggle('_urlsafe_b64encode');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt-module.html#_urlsafe_b64encode">_urlsafe_b64encode</a><tt class="py-op">(</tt><tt class="py-param">raw_bytes</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
323</div><div id="_urlsafe_b64encode-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="_urlsafe_b64encode-expanded"><a name="L260"></a><tt class="py-lineno">260</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">base64</tt><tt class="py-op">.</tt><tt class="py-name">urlsafe_b64encode</tt><tt class="py-op">(</tt><tt class="py-name">raw_bytes</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt class="py-name">rstrip</tt><tt class="py-op">(</tt><tt class="py-string">'='</tt><tt class="py-op">)</tt> </tt>
324</div><a name="L261"></a><tt class="py-lineno">261</tt> <tt class="py-line"> </tt>
325<a name="_urlsafe_b64decode"></a><div id="_urlsafe_b64decode-def"><a name="L262"></a><tt class="py-lineno">262</tt> <tt class="py-line"> </tt>
326<a name="L263"></a><tt class="py-lineno">263</tt> <a class="py-toggle" href="#" id="_urlsafe_b64decode-toggle" onclick="return toggle('_urlsafe_b64decode');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt-module.html#_urlsafe_b64decode">_urlsafe_b64decode</a><tt class="py-op">(</tt><tt class="py-param">b64string</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
327</div><div id="_urlsafe_b64decode-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="_urlsafe_b64decode-expanded"><a name="L264"></a><tt class="py-lineno">264</tt> <tt class="py-line"> <tt class="py-comment"># Guard against unicode strings, which base64 can't handle.</tt> </tt>
328<a name="L265"></a><tt class="py-lineno">265</tt> <tt class="py-line"> <tt class="py-name">b64string</tt> <tt class="py-op">=</tt> <tt class="py-name">b64string</tt><tt class="py-op">.</tt><tt class="py-name">encode</tt><tt class="py-op">(</tt><tt class="py-string">'ascii'</tt><tt class="py-op">)</tt> </tt>
329<a name="L266"></a><tt class="py-lineno">266</tt> <tt class="py-line"> <tt class="py-name">padded</tt> <tt class="py-op">=</tt> <tt class="py-name">b64string</tt> <tt class="py-op">+</tt> <tt class="py-string">'='</tt> <tt class="py-op">*</tt> <tt class="py-op">(</tt><tt class="py-number">4</tt> <tt class="py-op">-</tt> <tt class="py-name">len</tt><tt class="py-op">(</tt><tt class="py-name">b64string</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> <tt class="py-number">4</tt><tt class="py-op">)</tt> </tt>
330<a name="L267"></a><tt class="py-lineno">267</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">base64</tt><tt class="py-op">.</tt><tt class="py-name">urlsafe_b64decode</tt><tt class="py-op">(</tt><tt class="py-name">padded</tt><tt class="py-op">)</tt> </tt>
331</div><a name="L268"></a><tt class="py-lineno">268</tt> <tt class="py-line"> </tt>
332<a name="_json_encode"></a><div id="_json_encode-def"><a name="L269"></a><tt class="py-lineno">269</tt> <tt class="py-line"> </tt>
333<a name="L270"></a><tt class="py-lineno">270</tt> <a class="py-toggle" href="#" id="_json_encode-toggle" onclick="return toggle('_json_encode');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt-module.html#_json_encode">_json_encode</a><tt class="py-op">(</tt><tt class="py-param">data</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
334</div><div id="_json_encode-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="_json_encode-expanded"><a name="L271"></a><tt class="py-lineno">271</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">simplejson</tt><tt class="py-op">.</tt><tt class="py-name">dumps</tt><tt class="py-op">(</tt><tt class="py-name">data</tt><tt class="py-op">,</tt> <tt class="py-name">separators</tt> <tt class="py-op">=</tt> <tt class="py-op">(</tt><tt class="py-string">','</tt><tt class="py-op">,</tt> <tt class="py-string">':'</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
335</div><a name="L272"></a><tt class="py-lineno">272</tt> <tt class="py-line"> </tt>
336<a name="make_signed_jwt"></a><div id="make_signed_jwt-def"><a name="L273"></a><tt class="py-lineno">273</tt> <tt class="py-line"> </tt>
337<a name="L274"></a><tt class="py-lineno">274</tt> <a class="py-toggle" href="#" id="make_signed_jwt-toggle" onclick="return toggle('make_signed_jwt');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt-module.html#make_signed_jwt">make_signed_jwt</a><tt class="py-op">(</tt><tt class="py-param">signer</tt><tt class="py-op">,</tt> <tt class="py-param">payload</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
338</div><div id="make_signed_jwt-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="make_signed_jwt-expanded"><a name="L275"></a><tt class="py-lineno">275</tt> <tt class="py-line"> <tt class="py-docstring">"""Make a signed JWT.</tt> </tt>
339<a name="L276"></a><tt class="py-lineno">276</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
340<a name="L277"></a><tt class="py-lineno">277</tt> <tt class="py-line"><tt class="py-docstring"> See http://self-issued.info/docs/draft-jones-json-web-token.html.</tt> </tt>
341<a name="L278"></a><tt class="py-lineno">278</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
342<a name="L279"></a><tt class="py-lineno">279</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
343<a name="L280"></a><tt class="py-lineno">280</tt> <tt class="py-line"><tt class="py-docstring"> signer: crypt.Signer, Cryptographic signer.</tt> </tt>
344<a name="L281"></a><tt class="py-lineno">281</tt> <tt class="py-line"><tt class="py-docstring"> payload: dict, Dictionary of data to convert to JSON and then sign.</tt> </tt>
345<a name="L282"></a><tt class="py-lineno">282</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
346<a name="L283"></a><tt class="py-lineno">283</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
347<a name="L284"></a><tt class="py-lineno">284</tt> <tt class="py-line"><tt class="py-docstring"> string, The JWT for the payload.</tt> </tt>
348<a name="L285"></a><tt class="py-lineno">285</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
349<a name="L286"></a><tt class="py-lineno">286</tt> <tt class="py-line"> <tt class="py-name">header</tt> <tt class="py-op">=</tt> <tt class="py-op">{</tt><tt class="py-string">'typ'</tt><tt class="py-op">:</tt> <tt class="py-string">'JWT'</tt><tt class="py-op">,</tt> <tt class="py-string">'alg'</tt><tt class="py-op">:</tt> <tt class="py-string">'RS256'</tt><tt class="py-op">}</tt> </tt>
350<a name="L287"></a><tt class="py-lineno">287</tt> <tt class="py-line"> </tt>
351<a name="L288"></a><tt class="py-lineno">288</tt> <tt class="py-line"> <tt class="py-name">segments</tt> <tt class="py-op">=</tt> <tt class="py-op">[</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]352<a name="L289"></a><tt class="py-lineno">289</tt> <tt class="py-line"> <tt id="link-23" class="py-name" targets="Function oauth2client.crypt._urlsafe_b64encode()=oauth2client.crypt-module.html#_urlsafe_b64encode"><a title="oauth2client.crypt._urlsafe_b64encode" class="py-name" href="#" onclick="return doclink('link-23', '_urlsafe_b64encode', 'link-23');">_urlsafe_b64encode</a></tt><tt class="py-op">(</tt><tt id="link-24" class="py-name" targets="Function oauth2client.crypt._json_encode()=oauth2client.crypt-module.html#_json_encode"><a title="oauth2client.crypt._json_encode" class="py-name" href="#" onclick="return doclink('link-24', '_json_encode', 'link-24');">_json_encode</a></tt><tt class="py-op">(</tt><tt class="py-name">header</tt><tt class="py-op">)</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
353<a name="L290"></a><tt class="py-lineno">290</tt> <tt class="py-line"> <tt id="link-25" class="py-name"><a title="oauth2client.crypt._urlsafe_b64encode" class="py-name" href="#" onclick="return doclink('link-25', '_urlsafe_b64encode', 'link-23');">_urlsafe_b64encode</a></tt><tt class="py-op">(</tt><tt id="link-26" class="py-name"><a title="oauth2client.crypt._json_encode" class="py-name" href="#" onclick="return doclink('link-26', '_json_encode', 'link-24');">_json_encode</a></tt><tt class="py-op">(</tt><tt class="py-name">payload</tt><tt class="py-op">)</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]354<a name="L291"></a><tt class="py-lineno">291</tt> <tt class="py-line"> <tt class="py-op">]</tt> </tt>
355<a name="L292"></a><tt class="py-lineno">292</tt> <tt class="py-line"> <tt class="py-name">signing_input</tt> <tt class="py-op">=</tt> <tt class="py-string">'.'</tt><tt class="py-op">.</tt><tt class="py-name">join</tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">)</tt> </tt>
356<a name="L293"></a><tt class="py-lineno">293</tt> <tt class="py-line"> </tt>
357<a name="L294"></a><tt class="py-lineno">294</tt> <tt class="py-line"> <tt class="py-name">signature</tt> <tt class="py-op">=</tt> <tt class="py-name">signer</tt><tt class="py-op">.</tt><tt class="py-name">sign</tt><tt class="py-op">(</tt><tt class="py-name">signing_input</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]358<a name="L295"></a><tt class="py-lineno">295</tt> <tt class="py-line"> <tt class="py-name">segments</tt><tt class="py-op">.</tt><tt class="py-name">append</tt><tt class="py-op">(</tt><tt id="link-27" class="py-name"><a title="oauth2client.crypt._urlsafe_b64encode" class="py-name" href="#" onclick="return doclink('link-27', '_urlsafe_b64encode', 'link-23');">_urlsafe_b64encode</a></tt><tt class="py-op">(</tt><tt class="py-name">signature</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]359<a name="L296"></a><tt class="py-lineno">296</tt> <tt class="py-line"> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]360<a name="L297"></a><tt class="py-lineno">297</tt> <tt class="py-line"> <tt id="link-28" class="py-name"><a title="apiclient.discovery.logger
Joe Gregorioe7a0c472012-07-12 11:46:04 -0400[diff] [blame]361oauth2client.appengine.logger
362oauth2client.client.logger
363oauth2client.crypt.logger
Joe Gregorio1b425aa2012-08-24 12:04:34 -0400[diff] [blame]364oauth2client.gce.logger
Joe Gregorioe7a0c472012-07-12 11:46:04 -0400[diff] [blame]365oauth2client.locked_file.logger
Joe Gregorioad8013f2012-08-03 08:44:02 -0400[diff] [blame]366oauth2client.multistore_file.logger
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]367oauth2client.util.logger" class="py-name" href="#" onclick="return doclink('link-28', 'logger', 'link-4');">logger</a></tt><tt class="py-op">.</tt><tt class="py-name">debug</tt><tt class="py-op">(</tt><tt class="py-name">str</tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]368<a name="L298"></a><tt class="py-lineno">298</tt> <tt class="py-line"> </tt>
369<a name="L299"></a><tt class="py-lineno">299</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-string">'.'</tt><tt class="py-op">.</tt><tt class="py-name">join</tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">)</tt> </tt>
370</div><a name="L300"></a><tt class="py-lineno">300</tt> <tt class="py-line"> </tt>
371<a name="verify_signed_jwt_with_certs"></a><div id="verify_signed_jwt_with_certs-def"><a name="L301"></a><tt class="py-lineno">301</tt> <tt class="py-line"> </tt>
372<a name="L302"></a><tt class="py-lineno">302</tt> <a class="py-toggle" href="#" id="verify_signed_jwt_with_certs-toggle" onclick="return toggle('verify_signed_jwt_with_certs');">-</a><tt class="py-line"><tt class="py-keyword">def</tt> <a class="py-def-name" href="oauth2client.crypt-module.html#verify_signed_jwt_with_certs">verify_signed_jwt_with_certs</a><tt class="py-op">(</tt><tt class="py-param">jwt</tt><tt class="py-op">,</tt> <tt class="py-param">certs</tt><tt class="py-op">,</tt> <tt class="py-param">audience</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
373</div><div id="verify_signed_jwt_with_certs-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="verify_signed_jwt_with_certs-expanded"><a name="L303"></a><tt class="py-lineno">303</tt> <tt class="py-line"> <tt class="py-docstring">"""Verify a JWT against public certs.</tt> </tt>
374<a name="L304"></a><tt class="py-lineno">304</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
375<a name="L305"></a><tt class="py-lineno">305</tt> <tt class="py-line"><tt class="py-docstring"> See http://self-issued.info/docs/draft-jones-json-web-token.html.</tt> </tt>
376<a name="L306"></a><tt class="py-lineno">306</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
377<a name="L307"></a><tt class="py-lineno">307</tt> <tt class="py-line"><tt class="py-docstring"> Args:</tt> </tt>
378<a name="L308"></a><tt class="py-lineno">308</tt> <tt class="py-line"><tt class="py-docstring"> jwt: string, A JWT.</tt> </tt>
379<a name="L309"></a><tt class="py-lineno">309</tt> <tt class="py-line"><tt class="py-docstring"> certs: dict, Dictionary where values of public keys in PEM format.</tt> </tt>
380<a name="L310"></a><tt class="py-lineno">310</tt> <tt class="py-line"><tt class="py-docstring"> audience: string, The audience, 'aud', that this JWT should contain. If</tt> </tt>
381<a name="L311"></a><tt class="py-lineno">311</tt> <tt class="py-line"><tt class="py-docstring"> None then the JWT's 'aud' parameter is not verified.</tt> </tt>
382<a name="L312"></a><tt class="py-lineno">312</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
383<a name="L313"></a><tt class="py-lineno">313</tt> <tt class="py-line"><tt class="py-docstring"> Returns:</tt> </tt>
384<a name="L314"></a><tt class="py-lineno">314</tt> <tt class="py-line"><tt class="py-docstring"> dict, The deserialized JSON payload in the JWT.</tt> </tt>
385<a name="L315"></a><tt class="py-lineno">315</tt> <tt class="py-line"><tt class="py-docstring"></tt> </tt>
386<a name="L316"></a><tt class="py-lineno">316</tt> <tt class="py-line"><tt class="py-docstring"> Raises:</tt> </tt>
387<a name="L317"></a><tt class="py-lineno">317</tt> <tt class="py-line"><tt class="py-docstring"> AppIdentityError if any checks are failed.</tt> </tt>
388<a name="L318"></a><tt class="py-lineno">318</tt> <tt class="py-line"><tt class="py-docstring"> """</tt> </tt>
389<a name="L319"></a><tt class="py-lineno">319</tt> <tt class="py-line"> <tt class="py-name">segments</tt> <tt class="py-op">=</tt> <tt class="py-name">jwt</tt><tt class="py-op">.</tt><tt class="py-name">split</tt><tt class="py-op">(</tt><tt class="py-string">'.'</tt><tt class="py-op">)</tt> </tt>
390<a name="L320"></a><tt class="py-lineno">320</tt> <tt class="py-line"> </tt>
391<a name="L321"></a><tt class="py-lineno">321</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-op">(</tt><tt class="py-name">len</tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">)</tt> <tt class="py-op">!=</tt> <tt class="py-number">3</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]392<a name="L322"></a><tt class="py-lineno">322</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-29" class="py-name" targets="Class oauth2client.crypt.AppIdentityError=oauth2client.crypt.AppIdentityError-class.html"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-29', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]393<a name="L323"></a><tt class="py-lineno">323</tt> <tt class="py-line"> <tt class="py-string">'Wrong number of segments in token: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">jwt</tt><tt class="py-op">)</tt> </tt>
394<a name="L324"></a><tt class="py-lineno">324</tt> <tt class="py-line"> <tt class="py-name">signed</tt> <tt class="py-op">=</tt> <tt class="py-string">'%s.%s'</tt> <tt class="py-op">%</tt> <tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">[</tt><tt class="py-number">0</tt><tt class="py-op">]</tt><tt class="py-op">,</tt> <tt class="py-name">segments</tt><tt class="py-op">[</tt><tt class="py-number">1</tt><tt class="py-op">]</tt><tt class="py-op">)</tt> </tt>
395<a name="L325"></a><tt class="py-lineno">325</tt> <tt class="py-line"> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]396<a name="L326"></a><tt class="py-lineno">326</tt> <tt class="py-line"> <tt class="py-name">signature</tt> <tt class="py-op">=</tt> <tt id="link-30" class="py-name" targets="Function oauth2client.client._urlsafe_b64decode()=oauth2client.client-module.html#_urlsafe_b64decode,Function oauth2client.crypt._urlsafe_b64decode()=oauth2client.crypt-module.html#_urlsafe_b64decode"><a title="oauth2client.client._urlsafe_b64decode
397oauth2client.crypt._urlsafe_b64decode" class="py-name" href="#" onclick="return doclink('link-30', '_urlsafe_b64decode', 'link-30');">_urlsafe_b64decode</a></tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">[</tt><tt class="py-number">2</tt><tt class="py-op">]</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]398<a name="L327"></a><tt class="py-lineno">327</tt> <tt class="py-line"> </tt>
399<a name="L328"></a><tt class="py-lineno">328</tt> <tt class="py-line"> <tt class="py-comment"># Parse token.</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]400<a name="L329"></a><tt class="py-lineno">329</tt> <tt class="py-line"> <tt class="py-name">json_body</tt> <tt class="py-op">=</tt> <tt id="link-31" class="py-name"><a title="oauth2client.client._urlsafe_b64decode
401oauth2client.crypt._urlsafe_b64decode" class="py-name" href="#" onclick="return doclink('link-31', '_urlsafe_b64decode', 'link-30');">_urlsafe_b64decode</a></tt><tt class="py-op">(</tt><tt class="py-name">segments</tt><tt class="py-op">[</tt><tt class="py-number">1</tt><tt class="py-op">]</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]402<a name="L330"></a><tt class="py-lineno">330</tt> <tt class="py-line"> <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]403<a name="L331"></a><tt class="py-lineno">331</tt> <tt class="py-line"> <tt class="py-name">parsed</tt> <tt class="py-op">=</tt> <tt class="py-name">simplejson</tt><tt class="py-op">.</tt><tt id="link-32" class="py-name" targets="Function oauth2client.clientsecrets.loads()=oauth2client.clientsecrets-module.html#loads"><a title="oauth2client.clientsecrets.loads" class="py-name" href="#" onclick="return doclink('link-32', 'loads', 'link-32');">loads</a></tt><tt class="py-op">(</tt><tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]404<a name="L332"></a><tt class="py-lineno">332</tt> <tt class="py-line"> <tt class="py-keyword">except</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]405<a name="L333"></a><tt class="py-lineno">333</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-33" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-33', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'Can\'t parse token: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]406<a name="L334"></a><tt class="py-lineno">334</tt> <tt class="py-line"> </tt>
407<a name="L335"></a><tt class="py-lineno">335</tt> <tt class="py-line"> <tt class="py-comment"># Check signature.</tt> </tt>
408<a name="L336"></a><tt class="py-lineno">336</tt> <tt class="py-line"> <tt class="py-name">verified</tt> <tt class="py-op">=</tt> <tt class="py-name">False</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]409<a name="L337"></a><tt class="py-lineno">337</tt> <tt class="py-line"> <tt class="py-keyword">for</tt> <tt class="py-op">(</tt><tt class="py-name">keyname</tt><tt class="py-op">,</tt> <tt class="py-name">pem</tt><tt class="py-op">)</tt> <tt class="py-keyword">in</tt> <tt class="py-name">certs</tt><tt class="py-op">.</tt><tt class="py-name">items</tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
410<a name="L338"></a><tt class="py-lineno">338</tt> <tt class="py-line"> <tt class="py-name">verifier</tt> <tt class="py-op">=</tt> <tt id="link-34" class="py-name"><a title="oauth2client.crypt.Verifier" class="py-name" href="#" onclick="return doclink('link-34', 'Verifier', 'link-16');">Verifier</a></tt><tt class="py-op">.</tt><tt class="py-name">from_string</tt><tt class="py-op">(</tt><tt class="py-name">pem</tt><tt class="py-op">,</tt> <tt class="py-name">True</tt><tt class="py-op">)</tt> </tt>
411<a name="L339"></a><tt class="py-lineno">339</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-op">(</tt><tt class="py-name">verifier</tt><tt class="py-op">.</tt><tt class="py-name">verify</tt><tt class="py-op">(</tt><tt class="py-name">signed</tt><tt class="py-op">,</tt> <tt class="py-name">signature</tt><tt class="py-op">)</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]412<a name="L340"></a><tt class="py-lineno">340</tt> <tt class="py-line"> <tt class="py-name">verified</tt> <tt class="py-op">=</tt> <tt class="py-name">True</tt> </tt>
413<a name="L341"></a><tt class="py-lineno">341</tt> <tt class="py-line"> <tt class="py-keyword">break</tt> </tt>
414<a name="L342"></a><tt class="py-lineno">342</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-keyword">not</tt> <tt class="py-name">verified</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]415<a name="L343"></a><tt class="py-lineno">343</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-35" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-35', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'Invalid token signature: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">jwt</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]416<a name="L344"></a><tt class="py-lineno">344</tt> <tt class="py-line"> </tt>
417<a name="L345"></a><tt class="py-lineno">345</tt> <tt class="py-line"> <tt class="py-comment"># Check creation timestamp.</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]418<a name="L346"></a><tt class="py-lineno">346</tt> <tt class="py-line"> <tt class="py-name">iat</tt> <tt class="py-op">=</tt> <tt class="py-name">parsed</tt><tt class="py-op">.</tt><tt id="link-36" class="py-name" targets="Method apiclient.schema.Schemas.get()=apiclient.schema.Schemas-class.html#get,Method oauth2client.client.MemoryCache.get()=oauth2client.client.MemoryCache-class.html#get,Method oauth2client.client.Storage.get()=oauth2client.client.Storage-class.html#get"><a title="apiclient.schema.Schemas.get
Joe Gregorio5dc0f5c2012-06-05 13:34:31 -0400[diff] [blame]419oauth2client.client.MemoryCache.get
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]420oauth2client.client.Storage.get" class="py-name" href="#" onclick="return doclink('link-36', 'get', 'link-36');">get</a></tt><tt class="py-op">(</tt><tt class="py-string">'iat'</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]421<a name="L347"></a><tt class="py-lineno">347</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">iat</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]422<a name="L348"></a><tt class="py-lineno">348</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-37" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-37', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'No iat field in token: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
423<a name="L349"></a><tt class="py-lineno">349</tt> <tt class="py-line"> <tt class="py-name">earliest</tt> <tt class="py-op">=</tt> <tt class="py-name">iat</tt> <tt class="py-op">-</tt> <tt id="link-38" class="py-name"><a title="oauth2client.crypt.CLOCK_SKEW_SECS" class="py-name" href="#" onclick="return doclink('link-38', 'CLOCK_SKEW_SECS', 'link-1');">CLOCK_SKEW_SECS</a></tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]424<a name="L350"></a><tt class="py-lineno">350</tt> <tt class="py-line"> </tt>
425<a name="L351"></a><tt class="py-lineno">351</tt> <tt class="py-line"> <tt class="py-comment"># Check expiration timestamp.</tt> </tt>
426<a name="L352"></a><tt class="py-lineno">352</tt> <tt class="py-line"> <tt class="py-name">now</tt> <tt class="py-op">=</tt> <tt class="py-name">long</tt><tt class="py-op">(</tt><tt class="py-name">time</tt><tt class="py-op">.</tt><tt class="py-name">time</tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]427<a name="L353"></a><tt class="py-lineno">353</tt> <tt class="py-line"> <tt class="py-name">exp</tt> <tt class="py-op">=</tt> <tt class="py-name">parsed</tt><tt class="py-op">.</tt><tt id="link-39" class="py-name"><a title="apiclient.schema.Schemas.get
Joe Gregorio5dc0f5c2012-06-05 13:34:31 -0400[diff] [blame]428oauth2client.client.MemoryCache.get
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]429oauth2client.client.Storage.get" class="py-name" href="#" onclick="return doclink('link-39', 'get', 'link-36');">get</a></tt><tt class="py-op">(</tt><tt class="py-string">'exp'</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]430<a name="L354"></a><tt class="py-lineno">354</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">exp</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]431<a name="L355"></a><tt class="py-lineno">355</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-40" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-40', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'No exp field in token: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
432<a name="L356"></a><tt class="py-lineno">356</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">exp</tt> <tt class="py-op">&gt;=</tt> <tt class="py-name">now</tt> <tt class="py-op">+</tt> <tt id="link-41" class="py-name"><a title="oauth2client.client.SignedJwtAssertionCredentials.MAX_TOKEN_LIFETIME_SECS
433oauth2client.crypt.MAX_TOKEN_LIFETIME_SECS" class="py-name" href="#" onclick="return doclink('link-41', 'MAX_TOKEN_LIFETIME_SECS', 'link-3');">MAX_TOKEN_LIFETIME_SECS</a></tt><tt class="py-op">:</tt> </tt>
434<a name="L357"></a><tt class="py-lineno">357</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-42" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-42', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]435<a name="L358"></a><tt class="py-lineno">358</tt> <tt class="py-line"> <tt class="py-string">'exp field too far in future: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]436<a name="L359"></a><tt class="py-lineno">359</tt> <tt class="py-line"> <tt class="py-name">latest</tt> <tt class="py-op">=</tt> <tt class="py-name">exp</tt> <tt class="py-op">+</tt> <tt id="link-43" class="py-name"><a title="oauth2client.crypt.CLOCK_SKEW_SECS" class="py-name" href="#" onclick="return doclink('link-43', 'CLOCK_SKEW_SECS', 'link-1');">CLOCK_SKEW_SECS</a></tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]437<a name="L360"></a><tt class="py-lineno">360</tt> <tt class="py-line"> </tt>
438<a name="L361"></a><tt class="py-lineno">361</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">now</tt> <tt class="py-op">&lt;</tt> <tt class="py-name">earliest</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]439<a name="L362"></a><tt class="py-lineno">362</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-44" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-44', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'Token used too early, %d &lt; %d: %s'</tt> <tt class="py-op">%</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]440<a name="L363"></a><tt class="py-lineno">363</tt> <tt class="py-line"> <tt class="py-op">(</tt><tt class="py-name">now</tt><tt class="py-op">,</tt> <tt class="py-name">earliest</tt><tt class="py-op">,</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
441<a name="L364"></a><tt class="py-lineno">364</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">now</tt> <tt class="py-op">&gt;</tt> <tt class="py-name">latest</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]442<a name="L365"></a><tt class="py-lineno">365</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-45" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-45', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'Token used too late, %d &gt; %d: %s'</tt> <tt class="py-op">%</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]443<a name="L366"></a><tt class="py-lineno">366</tt> <tt class="py-line"> <tt class="py-op">(</tt><tt class="py-name">now</tt><tt class="py-op">,</tt> <tt class="py-name">latest</tt><tt class="py-op">,</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
444<a name="L367"></a><tt class="py-lineno">367</tt> <tt class="py-line"> </tt>
445<a name="L368"></a><tt class="py-lineno">368</tt> <tt class="py-line"> <tt class="py-comment"># Check audience.</tt> </tt>
446<a name="L369"></a><tt class="py-lineno">369</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">audience</tt> <tt class="py-keyword">is</tt> <tt class="py-keyword">not</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]447<a name="L370"></a><tt class="py-lineno">370</tt> <tt class="py-line"> <tt class="py-name">aud</tt> <tt class="py-op">=</tt> <tt class="py-name">parsed</tt><tt class="py-op">.</tt><tt id="link-46" class="py-name"><a title="apiclient.schema.Schemas.get
Joe Gregorio5dc0f5c2012-06-05 13:34:31 -0400[diff] [blame]448oauth2client.client.MemoryCache.get
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]449oauth2client.client.Storage.get" class="py-name" href="#" onclick="return doclink('link-46', 'get', 'link-36');">get</a></tt><tt class="py-op">(</tt><tt class="py-string">'aud'</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]450<a name="L371"></a><tt class="py-lineno">371</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">aud</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]451<a name="L372"></a><tt class="py-lineno">372</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-47" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-47', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'No aud field in token: %s'</tt> <tt class="py-op">%</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]452<a name="L373"></a><tt class="py-lineno">373</tt> <tt class="py-line"> <tt class="py-keyword">if</tt> <tt class="py-name">aud</tt> <tt class="py-op">!=</tt> <tt class="py-name">audience</tt><tt class="py-op">:</tt> </tt>
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]453<a name="L374"></a><tt class="py-lineno">374</tt> <tt class="py-line"> <tt class="py-keyword">raise</tt> <tt id="link-48" class="py-name"><a title="oauth2client.crypt.AppIdentityError" class="py-name" href="#" onclick="return doclink('link-48', 'AppIdentityError', 'link-29');">AppIdentityError</a></tt><tt class="py-op">(</tt><tt class="py-string">'Wrong recipient, %s != %s: %s'</tt> <tt class="py-op">%</tt> </tt>
Joe Gregorio52a5c532013-01-24 16:19:07 -0500[diff] [blame]454<a name="L375"></a><tt class="py-lineno">375</tt> <tt class="py-line"> <tt class="py-op">(</tt><tt class="py-name">aud</tt><tt class="py-op">,</tt> <tt class="py-name">audience</tt><tt class="py-op">,</tt> <tt class="py-name">json_body</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
455<a name="L376"></a><tt class="py-lineno">376</tt> <tt class="py-line"> </tt>
456<a name="L377"></a><tt class="py-lineno">377</tt> <tt class="py-line"> <tt class="py-keyword">return</tt> <tt class="py-name">parsed</tt> </tt>
457</div><a name="L378"></a><tt class="py-lineno">378</tt> <tt class="py-line"> </tt><script type="text/javascript">
Joe Gregorio5dc0f5c2012-06-05 13:34:31 -0400[diff] [blame]458<!--
459expandto(location.href);
460// -->
461</script>
462</pre>
463<br />
464<!-- ==================== NAVIGATION BAR ==================== -->
465<table class="navbar" border="0" width="100%" cellpadding="0"
466 bgcolor="#a0c0ff" cellspacing="0">
467 <tr valign="middle">
468
469 <!-- Tree link -->
470 <th>&nbsp;&nbsp;&nbsp;<a
471 href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>
472
473 <!-- Index link -->
474 <th>&nbsp;&nbsp;&nbsp;<a
475 href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>
476
477 <!-- Help link -->
478 <th>&nbsp;&nbsp;&nbsp;<a
479 href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>
480
481 <th class="navbar" width="100%"></th>
482 </tr>
483</table>
484<table border="0" cellpadding="0" cellspacing="0" width="100%%">
485 <tr>
486 <td align="left" class="footer">
Joe Gregorio37802c32013-08-06 12:24:05 -0400[diff] [blame]487 Generated by Epydoc 3.0.1 on Tue Aug 6 12:16:46 2013
Joe Gregorio5dc0f5c2012-06-05 13:34:31 -0400[diff] [blame]488 </td>
489 <td align="right" class="footer">
490 <a target="mainFrame" href="http://epydoc.sourceforge.net"
491 >http://epydoc.sourceforge.net</a>
492 </td>
493 </tr>
494</table>
495
496<script type="text/javascript">
497 <!--
498 // Private objects are initially displayed (because if
499 // javascript is turned off then we want them to be
500 // visible); but by default, we want to hide them. So hide
501 // them unless we have a cookie that says to show them.
502 checkCookie();
503 // -->
504</script>
505</body>
506</html>