Skip to content

Commit 52fd08a

Browse files
nkiryanovnkiryanov
committed
Drop AsyncJWK to use static JWK public key
1 parent 2574939 commit 52fd08a

23 files changed

+204
-529
lines changed

env.example

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,5 +9,4 @@ WEBSOCKETS_HOST=localhost
99
WEBSOCKETS_PORT=6789
1010
WEBSOCKETS_PATH=/v1/test-subscription-websocket
1111

12-
AUTH_JWKS_URL=https://auth-test.contoso.com/auth/realms/test-realm/protocol/openid-connect/certs
13-
AUTH_SUPPORTED_SIGNING_ALGORITHMS=["RS256"]
12+
JWT_PUBLIC_KEY=-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqdnObC47NUAqOOCvOzOg\n4i0KxZaTe2m7rfQe9a+rWbtkJ2TNuakN7eRshvv2UVGP4uSKEKe356v4GwP/yGAi\n92XEGr0Y6ieypnhu1wi0wuK4Z62abRkvsEZdDwKQpcde1rvyuvt0YeDMh9dCi/3P\nBLhcOlgvAu+6M79iWlRTZxzFe3KVzQabU8CIfgG7MXokutHUxT2dsRNfX4VwxMsW\no9o0o1QqSPJ6OOx2DwLEKat5n1w5ysIYYvkgHs36B3nPnZYc2b66uEp9AP9JlRjc\npWuH8vn3/OsvxHMErhyn+h9/H+aXRRIk/JuokqpVbPlOY8l+5z+JG6zn9onWpjcM\njQ19NP8C/CTwvcB8O+s3qEHKECkggyywCOe7EQqrB0uMU7IQ1srH8ENspuY16UQV\nqQPBlYVQOywVW6+25z+ILNyPjEdzukn6Oyh9ChU+m08Tw9SsBAV2vnrkUCT1wJhC\nc2X/i2WqBM4lExJu18tau0X26iKdbRZwx50OKUVn9w8AbW/iglCExYkpDs3VKH80\nallIBcfAOXJ00X6jhWETT2T9U1c1KiTqNHMgBflvG17CbkKkyaFIILdYIfMkW2EA\nngpOxaBC1cLJTvXGuTx4R54wpQNyt8k/7P/r8UY+FxBlA/3Upb9LidmItvd7yvVr\nzUMftEW5MYWWWnm6ZUS3Q6sCAwEAAQ==\n-----END PUBLIC KEY-----\n

secrets/.gitkeep

Whitespace-only changes.

src/a12n/fixtures.py

Lines changed: 108 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,108 @@
1+
import pytest
2+
3+
import jwt
4+
5+
from app.types import UserId
6+
7+
8+
@pytest.fixture
9+
def jwt_private_key():
10+
return """-----BEGIN PRIVATE KEY-----
11+
MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQCp2c5sLjs1QCo4
12+
4K87M6DiLQrFlpN7abut9B71r6tZu2QnZM25qQ3t5GyG+/ZRUY/i5IoQp7fnq/gb
13+
A//IYCL3ZcQavRjqJ7KmeG7XCLTC4rhnrZptGS+wRl0PApClx17Wu/K6+3Rh4MyH
14+
10KL/c8EuFw6WC8C77ozv2JaVFNnHMV7cpXNBptTwIh+AbsxeiS60dTFPZ2xE19f
15+
hXDEyxaj2jSjVCpI8no47HYPAsQpq3mfXDnKwhhi+SAezfoHec+dlhzZvrq4Sn0A
16+
/0mVGNyla4fy+ff86y/EcwSuHKf6H38f5pdFEiT8m6iSqlVs+U5jyX7nP4kbrOf2
17+
idamNwyNDX00/wL8JPC9wHw76zeoQcoQKSCDLLAI57sRCqsHS4xTshDWysfwQ2ym
18+
5jXpRBWpA8GVhVA7LBVbr7bnP4gs3I+MR3O6Sfo7KH0KFT6bTxPD1KwEBXa+euRQ
19+
JPXAmEJzZf+LZaoEziUTEm7Xy1q7RfbqIp1tFnDHnQ4pRWf3DwBtb+KCUITFiSkO
20+
zdUofzRqWUgFx8A5cnTRfqOFYRNPZP1TVzUqJOo0cyAF+W8bXsJuQqTJoUggt1gh
21+
8yRbYQCeCk7FoELVwslO9ca5PHhHnjClA3K3yT/s/+vxRj4XEGUD/dSlv0uJ2Yi2
22+
93vK9WvNQx+0RbkxhZZaebplRLdDqwIDAQABAoICAETiW7BOE58mFbmZjhexeZcg
23+
81RtHAUaPY5wCjpT82dh811yqWiZolePo2AfQad7L6KyUzgr/Q7NFMNIHO1T5/pz
24+
4FODy13zmaWgBDvbgQvkzSrnIlEKvOd9sfILdUR2lgT6lpe0sV+cvvZ8m7WQyuu8
25+
JVNYPkCvntGr1aSSvHx+E61cLFrJSiduVyzbYOLRCaJmxSb1NUYCeFSSFskJIHZ1
26+
YZG36apKBL2fUMYHtiy8KYgy7BFKJH/HT3qOyM9NXKEppyu8CZgCRa4o2tvICHxi
27+
HvGw5R1C+M1wZD6Eyq9LJNB4QXM2x59XNce9owWeGmen6Xq5rs51kmHPRymD++dz
28+
eorzF1YhYrJ72l9dVUWtaZAlxna99u4u3++WRGOczkibpROa9A3PvO1ipMOCjZOa
29+
SeeZ787Pl9ttgZb2z0Fmx4S5eSpAyrsmopEzZO6FRp/mfzHcV62ztx7ol0b7esPD
30+
a5sU/Vq/lVv65LkhzTo2ZWK1Z5pB9w7N4UYR7c/lFCeaEmEtJOjB2X6+2yWEpkWX
31+
t5pn+oOrQ61qssxR1I/eU/4x/on7rjmtlR4xqaliLkfDrk4Dd6YKiYmpQV7IhtV2
32+
KCYdE239U+C2DDa5PA5OqyyUQWTS+oBKL1nB4Y+co55+W+0VBTc68Gd9Gv4Wf9Mj
33+
5GJsw0Qk6OUr23WetpURAoIBAQDZ6q4jt6vCDtm7AT7W1Ms+m2CVrcA3wiq3+dHn
34+
zlRCqxLyq0hPVbUFWmFVL4/FVdBWbLES9uyLZDoOcxZ5Ffa+AC5t80vGgqKpRNES
35+
BAxkOlFHvjW4yFIk7TxGEgbbfxZLIEyHdnJU1gZeY7hucMlVyu77iXyP/biF3DaC
36+
WjC40t2oOxJVFI2f52NS5TU01mHv8qLVhTAppv2N3BOPfC4G88qB13rIXFCEWcpN
37+
C6A2Agk9rfPl6cKh8cfzJMOd/ZzCM+Jp8ohd6Z9Cd4XC3t8fD9RjDWmlKib3wHpz
38+
ZyaUk1eFKur4+3oqdqHeqc6GoFb2dp62LIwFuVYXF8FWTj4jAoIBAQDHiLe2Qfga
39+
6BhCHPZSL7qNqgOPkgpLW3SgGPK3czR0F0hWjKihw6ZvbTGG8tqHCCPh5Xb3D0Lm
40+
8FgBvr/jFDbGJGICtP6Lva0dZL3pIqJQRPlB/mDl3iXMoQM/yrxITyLU5Pswrs1c
41+
ydQiVDAlWGaeqbPBUP0AmtSPQMgSi4l+lROCjoIfiXk8RPe//1QZrmghi/8x8eCm
42+
iTmAuOQXpICCjV4gdPv1xdPec11KPkr0SA6frUzR62sYHEDVnmixXE9WNaRG1h1J
43+
RUzNn7HxreimBp1LltSa43SFrIAHe7QZ0IuoDm8b27pEztlqDJBhSsH1eq95KxuG
44+
MOONp2TQNojZAoIBAB+Af4AGUzwQbYVNHsprpJ3+VC4PGhR1azuBT8jU2PVySaDv
45+
BdsCJtMJR7zKzVvXlfCIceit7XARIxtno74JYMwCtrOKUk/2HpGdsyOJlkj+7TUT
46+
2CxIOSfBa88tV/RvIMfneWizxL9i2TTX8Zd1koVmerm+HFWsdfpT5UVeyGBPi1+A
47+
epv2BqsxBfi7zb8/ppTLXKLFSDsdOtZBFErPxs+WepXeko9YWQNo/4e3wIdOMAvM
48+
k8+OxWYnz6HklKrIONsSKQ7r0q7Q0QcIxDtxgIu6/Bb9n2IS/+Mc3hbEuJ0N178W
49+
fzVTFUwCLlBD9+kaULf8WeE3+13wdvOLqZVSZkUCggEAcsELPvOjt/3BbcxwUYYH
50+
mU+s6pYH+5zmbujKNn04LofxX21X0mjOQIkhEcZ7rWseD93DVIVfaafSRXaprvRC
51+
KCRmhb4IIt/8PspgekMj7FwuqiidG7ZuMMhtMPPs4v04QA5M9IujqfidWvzmD6RO
52+
qHNa4RQt3XouQxDzv86mTbl41f4VkgOjSOk1PyOd/4MRejGkm9nK5JxJCOHMtFg0
53+
XGDnQG1nNssGdYoNnhRDUUhbuLOXWac2GVCubOzEszQuoJsLFn4vq6MCb8OnOCJX
54+
iZyGPCHLtiSYMASsQSGAy9PnbciXWAM/ljEMUvRU2M+Ayyg64MnM85kMVbxuu1yR
55+
yQKCAQB7AkFj7k2gldP7BqMgemTQ2HgnxX3+DrFkvscY5rNHoYYyQ9iCOBh4CcVN
56+
HLpYkvN6omfmIGaeIlrFChk0xPoq2rC8Es0NO++p6Ufa/RlPe/qInmQsVe0dl0ou
57+
44fxYKe6UunrLa/MAEy9H1Ev4GeiN4KmB14dqSvV2MKHv79W4J+knEqPcj9VGNGM
58+
KwU5VgPsz/bDn9LJYWggdIsQUZB5OsHl54gTmVPXGjoYRMCDk9jn/BTkEZUkXkHs
59+
tFb7jcKo9XUoe0PG6Bx634wrlLx8clCwHWFfPbji4NdSGm8UTMKDAXKtMVwQyPzk
60+
8qn2Iv/fqfJHIYs6DvxWgLy8ZoWL
61+
-----END PRIVATE KEY-----
62+
"""
63+
64+
65+
@pytest.fixture
66+
def jwt_public_key():
67+
return """-----BEGIN PUBLIC KEY-----
68+
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqdnObC47NUAqOOCvOzOg
69+
4i0KxZaTe2m7rfQe9a+rWbtkJ2TNuakN7eRshvv2UVGP4uSKEKe356v4GwP/yGAi
70+
92XEGr0Y6ieypnhu1wi0wuK4Z62abRkvsEZdDwKQpcde1rvyuvt0YeDMh9dCi/3P
71+
BLhcOlgvAu+6M79iWlRTZxzFe3KVzQabU8CIfgG7MXokutHUxT2dsRNfX4VwxMsW
72+
o9o0o1QqSPJ6OOx2DwLEKat5n1w5ysIYYvkgHs36B3nPnZYc2b66uEp9AP9JlRjc
73+
pWuH8vn3/OsvxHMErhyn+h9/H+aXRRIk/JuokqpVbPlOY8l+5z+JG6zn9onWpjcM
74+
jQ19NP8C/CTwvcB8O+s3qEHKECkggyywCOe7EQqrB0uMU7IQ1srH8ENspuY16UQV
75+
qQPBlYVQOywVW6+25z+ILNyPjEdzukn6Oyh9ChU+m08Tw9SsBAV2vnrkUCT1wJhC
76+
c2X/i2WqBM4lExJu18tau0X26iKdbRZwx50OKUVn9w8AbW/iglCExYkpDs3VKH80
77+
allIBcfAOXJ00X6jhWETT2T9U1c1KiTqNHMgBflvG17CbkKkyaFIILdYIfMkW2EA
78+
ngpOxaBC1cLJTvXGuTx4R54wpQNyt8k/7P/r8UY+FxBlA/3Upb9LidmItvd7yvVr
79+
zUMftEW5MYWWWnm6ZUS3Q6sCAwEAAQ==
80+
-----END PUBLIC KEY-----
81+
"""
82+
83+
84+
@pytest.fixture
85+
def set_jwt_public_key(settings, jwt_public_key):
86+
settings.JWT_PUBLIC_KEY = jwt_public_key
87+
return settings
88+
89+
90+
@pytest.fixture
91+
def create_jwt_for_user(jwt_private_key):
92+
def create_jwt(user_id: UserId, timestamp_expired_at: int) -> str:
93+
payload = {
94+
"sub": user_id,
95+
"exp": timestamp_expired_at,
96+
}
97+
98+
return jwt.encode(payload=payload, key=jwt_private_key, algorithm="RS256")
99+
100+
return create_jwt
101+
102+
103+
@pytest.fixture
104+
def jwt_user_valid_token(create_jwt_for_user):
105+
return create_jwt_for_user(
106+
user_id="user",
107+
timestamp_expired_at=4700000000, # year of expiration 2118
108+
)

src/a12n/jwk_client.py

Lines changed: 0 additions & 157 deletions
This file was deleted.

src/a12n/jwt_decode.py

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
from typing import Any
2+
3+
import jwt
4+
5+
from app.conf import get_app_settings
6+
from app.types import DecodedValidToken
7+
8+
9+
def decode(jwt_token: str, **kwargs: Any) -> DecodedValidToken:
10+
"""Validate and decode a JWT token with public key.
11+
12+
Adjust validation parameters to project requirements (like algorithms, required claims, etc).
13+
"""
14+
decoded = jwt.decode(jwt=jwt_token, key=get_app_settings().JWT_PUBLIC_KEY, algorithms=["RS256"], **kwargs)
15+
return DecodedValidToken(**decoded)

src/a12n/tests/async_jwk_client/conftest.py

Lines changed: 0 additions & 73 deletions
This file was deleted.

src/a12n/tests/async_jwk_client/tests_async_jwk_common.py

Lines changed: 0 additions & 9 deletions
This file was deleted.

0 commit comments

Comments
 (0)