def claims(self, **kwargs):
if cherrypy.request.method == "OPTIONS":
cherrypy_cors.preflight(
allowed_methods=["GET"], origins='*',
allowed_headers='Authorization')
else:
try:
authz = cherrypy.request.headers['Authorization']
except KeyError:
authz = None
try:
assert authz.startswith("Bearer")
except AssertionError:
logger.error("Bad authorization token")
cherrypy.HTTPError(400, "Bad authorization token")
tok = authz[7:]
try:
_claims = self.op.claim_access_token[tok]
except KeyError:
logger.error("Bad authorization token")
cherrypy.HTTPError(400, "Bad authorization token")
else:
# one time token
del self.op.claim_access_token[tok]
_info = Message(**_claims)
jwt_key = self.op.keyjar.get_signing_key()
logger.error(_info.to_dict())
cherrypy.response.headers["content-type"] = 'application/jwt'
return as_bytes(_info.to_jwt(key=jwt_key, algorithm="RS256"))
评论列表
文章目录
