Skip to content
This repository was archived by the owner on Jun 1, 2023. It is now read-only.

Commit bc9f2d2

Browse files
roherohe
committed
Refactored
1 parent a7b0591 commit bc9f2d2

File tree

6 files changed

+673
-292
lines changed

6 files changed

+673
-292
lines changed

src/oidcmsg/message.py

Lines changed: 15 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -490,22 +490,17 @@ def from_jwt(self, txt, keyjar, verify=True, **kwargs):
490490
:return: A class instance
491491
"""
492492

493-
_decryptor = jwe_factory(txt)
493+
algarg = {}
494+
if 'encalg' in kwargs:
495+
algarg['alg'] = kwargs['encalg']
496+
if 'encenc' in kwargs:
497+
algarg['enc'] = kwargs['encenc']
498+
_decryptor = jwe_factory(txt, **algarg)
499+
494500
if _decryptor:
495501
logger.debug("JWE headers: {}".format(_decryptor.jwt.headers))
496502

497-
if "encalg" in kwargs:
498-
if not _decryptor.jwt.verify_header('alg', kwargs["encalg"]):
499-
raise WrongEncryptionAlgorithm("%s != %s" % (
500-
_decryptor.jwt.headers["alg"], ["encalg"]))
501-
502-
if not _decryptor.jwt.verify_header('enc', kwargs["encenc"]):
503-
raise WrongEncryptionAlgorithm("%s != %s" % (
504-
_decryptor.jwt.headers["enc"], kwargs["encenc"]))
505-
506503
dkeys = keyjar.get_decrypt_key(owner="")
507-
# if "sender" in kwargs:
508-
# dkeys.extend(keyjar.get_deccrypt_key(owner=kwargs["sender"]))
509504

510505
logger.debug('Decrypt class: {}'.format(_decryptor.__class__))
511506
_res = _decryptor.decrypt(txt, dkeys)
@@ -518,12 +513,12 @@ def from_jwt(self, txt, keyjar, verify=True, **kwargs):
518513
txt = as_unicode(_res)
519514
self.jwe_header = _decryptor.jwt.headers
520515

521-
_verifier = jws_factory(txt)
516+
try:
517+
_verifier = jws_factory(txt, alg=kwargs['sigalg'])
518+
except:
519+
_verifier = jws_factory(txt)
520+
522521
if _verifier:
523-
if "sigalg" in kwargs:
524-
if not _verifier.jwt.verify_header("alg", kwargs["sigalg"]):
525-
raise WrongSigningAlgorithm("%s != %s" % (
526-
_verifier.jwt.headers["alg"], kwargs["sigalg"]))
527522
try:
528523
_jwt = _verifier.jwt
529524
jso = _jwt.payload()
@@ -964,6 +959,9 @@ def msg_list_ser(val, sformat="urlencoded", lev=0):
964959
SINGLE_OPTIONAL_JSON = (dict, False, json_serializer, json_deserializer,
965960
False)
966961

962+
SINGLE_REQUIRED_JSON = (dict, True, json_serializer, json_deserializer,
963+
False)
964+
967965
REQUIRED = [SINGLE_REQUIRED_STRING, REQUIRED_LIST_OF_STRINGS,
968966
REQUIRED_LIST_OF_SP_SEP_STRINGS]
969967

0 commit comments

Comments
 (0)