Source code for assembl.lib.web_token

"""Web tokens for annotator interoperability.

Lifted with thanks from
https://github.com/okfn/annotator-store/blob/master/annotator/auth.py """
from builtins import str
import datetime

import isodate
import pytz
import jwt

DEFAULT_TTL = 86400


[docs]class TokenInvalid(Exception):
    pass


# Main auth routines

def encode_token(token, secret):
    token.update({'issuedAt': _now().isoformat()})
    return jwt.encode(token, secret, algorithm="HS256")


def decode_token(token, secret='', ttl=DEFAULT_TTL, verify=True):
    try:
        if not isinstance(token, bytes):
            token = token.encode('ascii')
        token = jwt.decode(
            token, secret, verify=verify, algorithms=["HS256"])
    except UnicodeEncodeError as e:
        raise TokenInvalid("token should be ascii", e)
    except jwt.DecodeError as e:
        raise TokenInvalid("error decoding JSON Web Token", e)

    if verify:
        issue_time = token.get('issuedAt')
        if issue_time is None:
            raise TokenInvalid("'issuedAt' is missing from token")

        issue_time = isodate.parse_datetime(issue_time)
        expiry_time = issue_time + datetime.timedelta(seconds=ttl)

        if issue_time > _now():
            raise TokenInvalid("token is not yet valid")
        if expiry_time < _now():
            raise TokenInvalid("token has expired")

    return token


def _now():
    return datetime.datetime.now(pytz.UTC).replace(microsecond=0)
Source code for assembl.lib.web_token

Idealoom

Navigation

Related Topics
