使用HS256加密算法解码访问令牌时出错

2024-05-14 15:26:25 发布

您现在位置:Python中文网/ 问答频道 /正文
920 3

我想创建一个函数,使用Python中的Auth0检查访问令牌是否有效

现在,令牌可以用HS256RS256算法加密

下一个代码在RS256算法中工作正常,但返回一个异常:在其他加密算法中需要一个字符串值。为什么

def is_valid_token(access_token, audience, algorithms):
    AUTH0_DOMAIN = 'dev-47ysz721.auth0.com'

    jsonurl = req.urlopen('https://' + AUTH0_DOMAIN + '/.well-known/jwks.json')
    jwks = json.loads(jsonurl.read())
    cert = '-----BEGIN CERTIFICATE-----\n' + jwks['keys'][0]['x5c'][0] + '\n-----END CERTIFICATE-----'
    certificate = load_pem_x509_certificate(cert.encode('utf-8'), default_backend())
    public_key = certificate.public_key()

    try:
        decoded = jwt.decode(access_token, public_key, audience=audience, algorithms=algorithms)
    except Exception as e:
        print 'Excepcion', e
        return None
    return decoded

编辑:

  • 参数访问令牌观众算法都是字符串,因此不存在问题

  • 删除try except下一步是完全回溯:

    Traceback:
File "/home/vagrant/env/local/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
  111.                     response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/home/vagrant/env/local/lib/python2.7/site-packages/django/views/decorators/csrf.py" in wrapped_view
  57.         return view_func(*args, **kwargs)
File "/home/vagrant/env/local/lib/python2.7/site-packages/rest_framework/viewsets.py" in view
  87.             return self.dispatch(request, *args, **kwargs)
File "/home/vagrant/env/local/lib/python2.7/site-packages/rest_framework/views.py" in dispatch
  466.             response = self.handle_exception(exc)
File "/home/vagrant/env/local/lib/python2.7/site-packages/rest_framework/views.py" in dispatch
  463.             response = handler(request, *args, **kwargs)
File "./apim/viewsets.py" in list
  144.             decoded = is_valid_token(access_token, account, audience, algorithms)
File "./apim/viewsets.py" in is_valid_token
  50.     decoded = jwt.decode(access_token, public_key, audience=audience, algorithms=algorithms)
File "/home/vagrant/env/local/lib/python2.7/site-packages/jwt/api_jwt.py" in decode
  92.             jwt, key=key, algorithms=algorithms, options=options, **kwargs
File "/home/vagrant/env/local/lib/python2.7/site-packages/jwt/api_jws.py" in decode
  156.                                    key, algorithms)
File "/home/vagrant/env/local/lib/python2.7/site-packages/jwt/api_jws.py" in _verify_signature
  220.             key = alg_obj.prepare_key(key)
File "/home/vagrant/env/local/lib/python2.7/site-packages/jwt/algorithms.py" in prepare_key
  140.         key = force_bytes(key)
File "/home/vagrant/env/local/lib/python2.7/site-packages/jwt/utils.py" in force_bytes
  30.         raise TypeError('Expected a string value')

Exception Type: TypeError at /ventasapi/v1/HS.json/
Exception Value: Expected a string value
</textarea>
  <br><br>
  <input type="submit" value="Share this traceback on a public Web site">
  </div>
</form>
</div>

Tags: keyinpyenvtokenhomelibpackages
1条回答
网友
1楼 · 发布于 2024-05-14 15:26:25

我找到了一个解决方案,不太推荐,但工作很好。如果添加参数verify=False,则代码结果为:

if algorithms=='HS256':
        decoded = jwt.decode(access_token, public_key, audience=audience, algorithms=[algorithms], verify=False)
else:
        decoded = jwt.decode(access_token, public_key, audience=audience, algorithms=[algorithms])

见:verify

相关问题 更多 >

    编程相关推荐

    热门问题