Commit 7f258569 authored by CAMPION Sebastien's avatar CAMPION Sebastien

bugfix

parent 67437318
......@@ -4,7 +4,6 @@ import hashlib
import base64
import subprocess
import binascii
from Crypto.PublicKey import RSA
from jose import jwt
......@@ -29,11 +28,10 @@ def key_id_encode(the_bytes):
for i in range(0, len(source), 4):
start = i
end = start+4
result.append(source[start:end])
return ":".join(map(str, result))
result.append(str(source[start:end], 'utf-8'))
return ":".join(result)
def kid_from_crypto_key(private_key_path, key_type='EC'):
def kid_from_crypto_key(private_key_path, key_type):
"""
python implementation of
https://github.com/jlhawn/libtrust/blob/master/util.go#L192
......@@ -43,6 +41,7 @@ def kid_from_crypto_key(private_key_path, key_type='EC'):
hash of the public key data divided into 12 groups like so:
ABCD:EFGH:IJKL:MNOP:QRST:UVWX:YZ23:4567:ABCD:EFGH:IJKL:MNOP
"""
assert key_type == 'RSA', "Only RSA key type supported"
algorithm = hashlib.sha256()
key = RSA.importKey(open(private_key_path).read())
der = key.publickey().exportKey("DER")
......@@ -66,8 +65,7 @@ class Token(object):
self.header = {
'typ': self.token_type,
'alg': self.signing_key_alg,
'kid': kid_from_crypto_key(self.signing_key_path,
self.signing_key_type)
'kid': kid_from_crypto_key(self.signing_key_path, self.signing_key_type)
}
self.claim = {
'iss': self.issuer,
......
......@@ -11,7 +11,7 @@ from django.views.generic import (
UpdateView,
)
from allgo.django.allgo.main.tokens import Token
from .tokens import Token
from .models import Webapp, Job, AllgoUser
......@@ -39,7 +39,7 @@ def tokens(request):
return HttpResponse(status=401)
service = request.GET['service']
scope = request.GET['scope']
scope = request.GET['scope'] if 'scope' in request.GET.keys() else None
if not scope:
typ = ''
name = ''
......
......@@ -61,7 +61,7 @@ services:
REGISTRY_HTTP_TLS_CERTIFICATE: "/certs/server.crt"
REGISTRY_HTTP_TLS_KEY: "/certs/server.key"
REGISTRY_AUTH: "token"
REGISTRY_AUTH_TOKEN_REALM: "http://django:8000/tokens"
REGISTRY_AUTH_TOKEN_REALM: "http://0.0.0.0:8008/tokens"
REGISTRY_AUTH_TOKEN_SERVICE: "allgo_registry"
REGISTRY_AUTH_TOKEN_ISSUER: "allgo_oauth"
REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE: "/certs/server.crt"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment