using-jwt/requests.py at main · jiankaiwang/using-jwt · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# -*- coding: utf-8 -*-

import logging
import datetime
import base64
import hmac
import hashlib
import json

logging.basicConfig(level=logging.INFO,
                    format='%(asctime)s-%(levelname)s: %(message)s')

# In[]

def ToBytes(string):
  return bytes(string, 'utf-8')

def EncodeBase64(message):
  return base64.urlsafe_b64encode(message).replace(b'=', b'')

def CreateSHA256Sign(key, unsignedMessage):
  signaturedMessage = hmac.new(\
    ToBytes(key), unsignedMessage, digestmod=hashlib.sha256).digest()
  return EncodeBase64(signaturedMessage)

# In[]

if __name__ == '__main__':

  priKey = """-----BEGIN PRIVATE KEY----------END PRIVATE KEY-----"""

  currentTime = int(datetime.datetime.now().strftime("%s"))

  headers = json.dumps({"alg": "HS256", "typ": "JWT"})
  payload = json.dumps({"iss": "jiankaiwang",
                        "sub": "updating-db",
                        # "aud": "db-server",
                        "exp": currentTime + 60*10,
                        "timestamp": currentTime})

  unsignedToken = EncodeBase64(ToBytes(headers)) + ToBytes('.') + EncodeBase64(ToBytes(payload))
  signature = CreateSHA256Sign(priKey, unsignedToken)

  JWTTOKEN = unsignedToken.decode("utf-8") + '.' + signature.decode("utf-8")

  print("Secret:")
  print(priKey)

  print("\nHeaders:")
  print(headers)

  print("\nPayload:")
  print(payload)

  print("\nJWT:")
  print(JWTTOKEN)