diff options
| author | Aravinda VK <avishwan@redhat.com> | 2017-12-28 14:04:50 +0530 |
|---|---|---|
| committer | jiffin tony Thottan <jthottan@redhat.com> | 2018-01-02 09:49:15 +0000 |
| commit | 783720acc625cc40251f27685ac4caec38060ae9 (patch) | |
| tree | 7ed35f1aa641817501cfabf186c9b5d3c105789b | |
| parent | 2c1cc19992edfc4ac0402fe96ca0925933566b89 (diff) | |
eventsapi: JWT signing without external dependency
Added support for JWT signing without using python-jwt since it is not
available in all the distributions.
> Reviewed on: https://review.gluster.org/19102
BUG: 1529539
Change-Id: I95699055442fbf9da15249f5defe8a8b287010f1
Signed-off-by: Aravinda VK <avishwan@redhat.com>
(cherry picked from commit 33c39e5dce3bc941d8e26c98d91f8ddab9505b73)
| -rw-r--r-- | events/src/utils.py | 20 | ||||
| -rw-r--r-- | glusterfs.spec.in | 4 |
2 files changed, 19 insertions, 5 deletions
diff --git a/events/src/utils.py b/events/src/utils.py index 851543e8f3b..f405e44ac70 100644 --- a/events/src/utils.py +++ b/events/src/utils.py @@ -18,6 +18,10 @@ from threading import Thread import multiprocessing from Queue import Queue from datetime import datetime, timedelta +import base64 +import hmac +from hashlib import sha256 +from calendar import timegm from eventsapiconf import (LOG_FILE, WEBHOOKS_FILE, @@ -185,15 +189,25 @@ def autoload_webhooks(): load_webhooks() +def base64_urlencode(inp): + return base64.urlsafe_b64encode(inp).replace("=", "").strip() + + def get_jwt_token(secret, event_type, event_ts, jwt_expiry_time_seconds=60): - import jwt + exp = datetime.utcnow() + timedelta(seconds=jwt_expiry_time_seconds) payload = { - "exp": datetime.utcnow() + timedelta(seconds=jwt_expiry_time_seconds), + "exp": timegm(exp.utctimetuple()), "iss": "gluster", "sub": event_type, "iat": event_ts } - return jwt.encode(payload, secret, algorithm='HS256') + header = '{"alg":"HS256","typ":"JWT"}' + payload = json.dumps(payload, separators=(',', ':'), sort_keys=True) + msg = base64_urlencode(header) + "." + base64_urlencode(payload) + return "%s.%s" % ( + msg, + base64_urlencode(hmac.HMAC(secret, msg, sha256).digest()) + ) def save_https_cert(domain, port, cert_path): diff --git a/glusterfs.spec.in b/glusterfs.spec.in index 8b4fa349e76..f68e38fffe3 100644 --- a/glusterfs.spec.in +++ b/glusterfs.spec.in @@ -626,9 +626,9 @@ Requires: %{name}-server%{?_isa} = %{version}-%{release} Requires: python2 python-prettytable Requires: python2-gluster = %{version}-%{release} %if ( 0%{?rhel} ) -Requires: python-requests python-jwt +Requires: python-requests %else -Requires: python2-requests python2-jwt +Requires: python2-requests %endif %if ( 0%{?rhel} && 0%{?rhel} < 7 ) Requires: python-argparse |