MCPcopy Index your code
hub / github.com/pyfa-org/Pyfa / validate_eve_jwt

Method validate_eve_jwt

service/esiAccess.py:234–271  ·  view source on GitHub ↗

Validate a JWT token retrieved from the EVE SSO. Ignores the `aud` claim in token due to avoid unexpected breaking changes to ESI. Args: jwt_token: A JWT token originating from the EVE SSO Returns dict: The contents of the validated J

(self, jwt_token)

Source from the content-addressed store, hash-verified

232 return res
233
234 def validate_eve_jwt(self, jwt_token):
235 """Validate a JWT token retrieved from the EVE SSO.
236
237 Ignores the `aud` claim in token due to avoid unexpected breaking
238 changes to ESI.
239
240 Args:
241 jwt_token: A JWT token originating from the EVE SSO
242 Returns
243 dict: The contents of the validated JWT token if there are no
244 validation errors
245 """
246
247 try:
248 jwk_sets = self.jwks["keys"]
249 except KeyError as e:
250 raise GenericSsoError("Something went wrong when retrieving the JWK set. The returned "
251 "payload did not have the expected key {}. \nPayload returned "
252 "from the SSO looks like: {}".format(e, self.jwks))
253
254 jwk_set = next((item for item in jwk_sets if item["alg"] == "RS256"))
255
256 try:
257 return jwt.decode(
258 jwt_token,
259 jwk_set,
260 algorithms=jwk_set["alg"],
261 issuer=[self.server_base.sso, "https://%s" % self.server_base.sso],
262 # ignore "aud" claim: https://tweetfleet.slack.com/archives/C30KX8UUX/p1648495011905969
263 options={"verify_aud": False, "verify_exp": self.settings.get("enforceJwtExpiration")}
264 )
265 except ExpiredSignatureError as e:
266 raise GenericSsoError("The JWT token has expired: {}".format(str(e)))
267 except JWTError as e:
268 raise GenericSsoError("The JWT signature was invalid: {}".format(str(e)))
269 except JWTClaimsError as e:
270 raise GenericSsoError("The issuer claim was not from login.eveonline.com or "
271 "https://login.eveonline.com: {}".format(str(e)))
272
273 def _before_request(self, ssoChar):
274 if ssoChar:

Callers 1

authMethod · 0.95

Calls 2

GenericSsoErrorClass · 0.85
getMethod · 0.45

Tested by

no test coverage detected