Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
if args.aud:
if "," in args.aud:
payload["aud"] = args.aud.split(",")
else:
payload["aud"] = args.aud
if args.claims:
for item in args.claims.split("|"):
# strip out all the doublequotes
item = item.replace('"','')
s = item.split(':')
k = s[0]
v = ':'.join(s[1:])
payload[k] = v
token = jwt.JWT(header={"alg": "RS256", "typ": "JWT", "kid": key.key_id},
claims=payload)
token.make_signed_token(key)
return token.serialize()
v = item[1:]
payload[k] = v
if args.nestedclaim:
nested = {}
for item in args.nestedclaim:
if (len(item) > 1):
k = item[0]
v = item[1:]
if len(v) == 1:
v = v[0]
nested[k] = v
nested["nested-2"] = copy.copy(nested)
payload["nested"] = nested
token = jwt.JWT(header={"alg": "RS256", "typ": "JWT", "kid": key.key_id},
claims=payload)
token.make_signed_token(key)
return token.serialize()
key_data = key_file.read()
except Exception as e:
print("Error loading key file: %s" % str(e), file=sys.stderr)
return None
try:
key.import_from_pem(key_data)
except:
try:
key.import_key(k=key_data.decode('utf-8'),kty='oct')
except:
print('Failed to correctly parse key data!', file=sys.stderr)
return None
try:
token = jwt.JWT(key=key, jwt=token)
parsed_header = json.loads(token.header)
if 'enc' in parsed_header:
# Token is encrypted, so we need to decrypt by passing the claims to a new instance
token = jwt.JWT(key=key, jwt=token.claims)
parsed = json.loads(token.claims)
return (parsed['host'], parsed['port'])
except Exception as e:
print("Failed to parse token: %s" % str(e), file=sys.stderr)
return None
except ImportError as e:
print("package jwcrypto not found, are you sure you've installed it correctly?", file=sys.stderr)
return None
try:
key.import_from_pem(key_data)
except:
try:
key.import_key(k=key_data.decode('utf-8'),kty='oct')
except:
print('Failed to correctly parse key data!', file=sys.stderr)
return None
try:
token = jwt.JWT(key=key, jwt=token)
parsed_header = json.loads(token.header)
if 'enc' in parsed_header:
# Token is encrypted, so we need to decrypt by passing the claims to a new instance
token = jwt.JWT(key=key, jwt=token.claims)
parsed = json.loads(token.claims)
return (parsed['host'], parsed['port'])
except Exception as e:
print("Failed to parse token: %s" % str(e), file=sys.stderr)
return None
except ImportError as e:
print("package jwcrypto not found, are you sure you've installed it correctly?", file=sys.stderr)
return None
The bytes of the private key for this GitHub Application.
:param int app_id:
The integer identifier for this GitHub Application.
:param int expire_in:
The length in seconds for this token to be valid for.
Default: 600 seconds (10 minutes)
:returns:
Serialized encrypted token.
:rtype:
text
"""
if not isinstance(private_key_pem, bytes):
raise ValueError('"private_key_pem" parameter must be byte-string')
key = _load_private_key(private_key_pem)
now = int(time.time())
token = jwt.JWT(
header={"alg": "RS256"},
claims={"iat": now, "exp": now + expire_in, "iss": app_id},
algs=["RS256"],
)
token.make_signed_token(key)
return token.serialize()
header = dict(alg='RS256', kid=kid, typ='JWT')
claims = dict(
iss=iss,
iat=jwt_iat,
exp=jwt_exp,
aud=aud,
sub=sub,
scope=scope,
token_endpoint_auth_method='private_key_jwt',
grant_types=['authorization_code', 'refresh_token', 'client_credentials'],
response_types=['code', 'id_token'],
client_id=client_id,
software_statement=ssa
)
token = jwt.JWT(header=header, claims=claims)
key_obj = jwk.JWK.from_pem(cache.get('private_key_pem').encode('latin-1'))
token.make_signed_token(key_obj)
signed_token = token.serialize()
return signed_token