def validateJWTToken(token):
is_valid = True
current_time = (datetime.utcnow() - datetime(1970, 1, 1)).total_seconds()
token_parts = token.split('.')
idTokenHeader = json.loads(base64.b64decode(token_parts[0]).decode('ascii'))
idTokenPayload = json.loads(base64.b64decode(incorrect_padding(token_parts[1])).decode('ascii'))
if idTokenPayload['iss'] != settings.ID_TOKEN_ISSUER:
return False
elif idTokenPayload['aud'][0] != settings.CLIENT_ID:
return False
elif idTokenPayload['exp'] < current_time:
return False
token=token.encode()
token_to_verify = token.decode("ascii").split('.')
message=token_to_verify[0]+'.'+token_to_verify[1]
idTokenSignature = base64.urlsafe_b64decode(incorrect_padding(token_to_verify[2]))
keys = getKeyFromJWKUrl(idTokenHeader['kid'])
publicKey = jwk.construct(keys)
return publicKey.verify(message.encode('utf-8'), idTokenSignature)
评论列表
文章目录
