我想创建一个函数,使用Python中的Auth0检查访问令牌是否有效
现在,令牌可以用HS256或RS256算法加密
下一个代码在RS256算法中工作正常,但返回一个异常:在其他加密算法中需要一个字符串值。为什么
def is_valid_token(access_token, audience, algorithms):
AUTH0_DOMAIN = 'dev-47ysz721.auth0.com'
jsonurl = req.urlopen('https://' + AUTH0_DOMAIN + '/.well-known/jwks.json')
jwks = json.loads(jsonurl.read())
cert = '-----BEGIN CERTIFICATE-----\n' + jwks['keys'][0]['x5c'][0] + '\n-----END CERTIFICATE-----'
certificate = load_pem_x509_certificate(cert.encode('utf-8'), default_backend())
public_key = certificate.public_key()
try:
decoded = jwt.decode(access_token, public_key, audience=audience, algorithms=algorithms)
except Exception as e:
print 'Excepcion', e
return None
return decoded
编辑:
删除try except下一步是完全回溯:
Traceback:
File "/home/vagrant/env/local/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
111. response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/home/vagrant/env/local/lib/python2.7/site-packages/django/views/decorators/csrf.py" in wrapped_view
57. return view_func(*args, **kwargs)
File "/home/vagrant/env/local/lib/python2.7/site-packages/rest_framework/viewsets.py" in view
87. return self.dispatch(request, *args, **kwargs)
File "/home/vagrant/env/local/lib/python2.7/site-packages/rest_framework/views.py" in dispatch
466. response = self.handle_exception(exc)
File "/home/vagrant/env/local/lib/python2.7/site-packages/rest_framework/views.py" in dispatch
463. response = handler(request, *args, **kwargs)
File "./apim/viewsets.py" in list
144. decoded = is_valid_token(access_token, account, audience, algorithms)
File "./apim/viewsets.py" in is_valid_token
50. decoded = jwt.decode(access_token, public_key, audience=audience, algorithms=algorithms)
File "/home/vagrant/env/local/lib/python2.7/site-packages/jwt/api_jwt.py" in decode
92. jwt, key=key, algorithms=algorithms, options=options, **kwargs
File "/home/vagrant/env/local/lib/python2.7/site-packages/jwt/api_jws.py" in decode
156. key, algorithms)
File "/home/vagrant/env/local/lib/python2.7/site-packages/jwt/api_jws.py" in _verify_signature
220. key = alg_obj.prepare_key(key)
File "/home/vagrant/env/local/lib/python2.7/site-packages/jwt/algorithms.py" in prepare_key
140. key = force_bytes(key)
File "/home/vagrant/env/local/lib/python2.7/site-packages/jwt/utils.py" in force_bytes
30. raise TypeError('Expected a string value')
Exception Type: TypeError at /ventasapi/v1/HS.json/
Exception Value: Expected a string value
</textarea>
<br><br>
<input type="submit" value="Share this traceback on a public Web site">
</div>
</form>
</div>
我找到了一个解决方案,不太推荐,但工作很好。如果添加参数verify=False,则代码结果为:
见:verify
相关问题 更多 >
编程相关推荐