标签:
Docker registry 认证使用的是JWT,Go实现的,研究了一整天,这段代码帮大忙了。
import jwt from cryptography.hazmat.backends import default_backend from itsdangerous import base64_decode from Crypto.PublicKey import RSA secret = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCIE6a1NyEFe7qCDFrvWFZiAlY1ttE5596w5dLjNSaHlKGv8AXbKg/f8yKY9fKAJ5BKoeWEkPPjpn1t9QQAZYzqH9KNOFigMU8pSaRUxjI2dDvwmu8ZH6EExY+RfrPjQGmeliK18iFzFgBtf0eH3NAW3Pf71OZZz+cuNnVtE9lrYQIDAQAB" secretDer = base64_decode(secret) sshrsaSecret = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCIE6a1NyEFe7qCDFrvWFZiAlY1ttE5596w5dLjNSaHlKGv8AXbKg/f8yKY9fKAJ5BKoeWEkPPjpn1t9QQAZYzqH9KNOFigMU8pSaRUxjI2dDvwmu8ZH6EExY+RfrPjQGmeliK18iFzFgBtf0eH3NAW3Pf71OZZz+cuNnVtE9lrYQ==" secretPEM = "-----BEGIN PUBLIC KEY-----\n" + secret + "\n-----END PUBLIC KEY-----" access_token = "eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiIzM2ZhZGYzMS04MzZmLTQzYWUtODM4MS01OGJhM2RhMDMwYTciLCJleHAiOjE0MjkwNzYyNTYsIm5iZiI6MCwiaWF0IjoxNDI5MDc2MTk2LCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODEvYXV0aC9yZWFsbXMvbWFzdGVyIiwiYXVkIjoic2VjdXJpdHktYWRtaW4tY29uc29sZSIsInN1YiI6ImMzNWJlODAyLTcyOGUtNGMyNC1iMjQ1LTQxMWIwMDRmZTc2NSIsImF6cCI6InNlY3VyaXR5LWFkbWluLWNvbnNvbGUiLCJzZXNzaW9uX3N0YXRlIjoiYmRjOGM0ZDgtYzUwNy00MDQ2LWE4NDctYmRlY2QxNDVmZTNiIiwiY2xpZW50X3Nlc3Npb24iOiI0OTI5YmRjNi0xOWFhLTQ3MDYtYTU1Mi1lOWI0MGFhMDg5ZTYiLCJhbGxvd2VkLW9yaWdpbnMiOltdLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsiYWRtaW4iLCJjcmVhdGUtcmVhbG0iXX0sInJlc291cmNlX2FjY2VzcyI6eyJtYXN0ZXItcmVhbG0iOnsicm9sZXMiOlsibWFuYWdlLWV2ZW50cyIsIm1hbmFnZS1jbGllbnRzIiwidmlldy1yZWFsbSIsInZpZXctZXZlbnRzIiwibWFuYWdlLWlkZW50aXR5LXByb3ZpZGVycyIsInZpZXctaWRlbnRpdHktcHJvdmlkZXJzIiwidmlldy11c2VycyIsInZpZXctY2xpZW50cyIsIm1hbmFnZS11c2VycyIsIm1hbmFnZS1yZWFsbSJdfX0sIm5hbWUiOiIiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJhZG1pbiJ9.O7e8dkv0k-2HCjMdZFXIxLhypVyRPwIdrQsYTMwC1996wbsjIw1L3OjDSzJKXcx0U9YrVeRM4yMVlFg40uJDC-9IsKZ8nr5dl_da8SzgpAkempxpas3girST2U9uvY56m2Spp6-EFInvMSb6k4t1L49_Q7R2g0DOlKzxgQd87LY" ############### Test using PEM key (with ----- lines) try: access_token_json = jwt.decode(access_token, key=secretPEM) except Exception as e: print "Not working using PEM key with ----: ", e else: print "It worked!" ############### Test using PEM key (without ----- lines) try: access_token_json = jwt.decode(access_token, key=secret) except Exception as e: print "Not working using PEM key without ----: ", e else: print "It worked!" ############### Test using DER key try: access_token_json = jwt.decode(access_token, key=secretDer) except Exception as e: print "Not working using DER key: ", e else: print "It worked!" ############### Test using DER key #2 try: public_key = default_backend().load_der_public_key(secretDer) access_token_json = jwt.decode(access_token, key=public_key) except Exception as e: print "Not working using DER key #2: ", e else: print "It worked!" ############### Test using SSH style key try: access_token_json = jwt.decode(access_token, key=sshrsaSecret) except Exception as e: print "Not working using SSH style key: ", e else: print "It worked!" ############### Test using RSA numbers class Numbers: pass numbers = Numbers() public_key = RSA.importKey(secretDer) numbers.e = public_key.key.e numbers.n = public_key.key.n # yet another way to generated valid key object public_key = default_backend().load_rsa_public_numbers(numbers) print public_key try: access_token_json = jwt.decode(access_token, key=public_key) except Exception as e: print "Not working using RSA numbers: ", e else: print "It worked!" ###############
原文地址:http://stackoverflow.com/questions/29650495/how-to-verify-a-jwt-using-python-pyjwt-with-public-key
其他有用的资源:
JWT的说明文档:http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#jtiDef
jwt-simple
:https://www.npmjs.com/package/jwt-simple
JSON Web Token (JWT) Python 的实现
标签:
原文地址:http://www.cnblogs.com/luckstone/p/5345801.html