MCPcopy
hub / github.com/authlib/authlib / generate_id_token

Function generate_id_token

authlib/oidc/core/grants/util.py:65–121  ·  view source on GitHub ↗
(
    token,
    user_info,
    key,
    iss,
    aud,
    alg="RS256",
    exp=3600,
    nonce=None,
    auth_time=None,
    acr=None,
    amr=None,
    code=None,
    kid=None,
)

Source from the content-addressed store, hash-verified

63
64
65def generate_id_token(
66 token,
67 user_info,
68 key,
69 iss,
70 aud,
71 alg="RS256",
72 exp=3600,
73 nonce=None,
74 auth_time=None,
75 acr=None,
76 amr=None,
77 code=None,
78 kid=None,
79):
80 now = int(time.time())
81 if auth_time is None:
82 auth_time = now
83
84 header = {"alg": alg}
85 if kid:
86 header["kid"] = kid
87
88 payload = {
89 "iss": iss,
90 "aud": aud,
91 "iat": now,
92 "exp": now + exp,
93 "auth_time": auth_time,
94 }
95 if nonce:
96 payload["nonce"] = nonce
97
98 if acr:
99 payload["acr"] = acr
100
101 if amr:
102 payload["amr"] = amr
103
104 if code:
105 c_hash = create_half_hash(code, alg)
106 if c_hash is not None:
107 payload["c_hash"] = to_native(c_hash)
108
109 access_token = token.get("access_token")
110 if access_token:
111 at_hash = create_half_hash(access_token, alg)
112 if at_hash is not None:
113 payload["at_hash"] = to_native(at_hash)
114
115 payload.update(user_info)
116 if alg == "none":
117 private_key = None
118 else:
119 private_key = import_any_key(key)
120
121 return jwt.encode(header, payload, private_key, [alg])
122

Callers 1

test_generate_id_tokenFunction · 0.90

Calls 5

to_nativeFunction · 0.90
import_any_keyFunction · 0.90
create_half_hashFunction · 0.85
encodeMethod · 0.80
getMethod · 0.45

Tested by 1

test_generate_id_tokenFunction · 0.72

Used in the wild real call sites across dependent graphs

searching dependent graphs…