CwtPoPSigner(
*,
private_key,
public_key,
algorithm,
include_query=False,
)
Bases: PopSigningBase
Signer that emits COSE Sign1 PoP proofs.
Source code in swarmauri_pop_cwt/cwt.py
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209 | def __init__(
self,
*,
private_key,
public_key,
algorithm: SignatureAlg,
include_query: bool = False,
) -> None:
super().__init__(
kind=PoPKind.CWT, header_name="CWP", include_query=include_query
)
self._private_key = _ensure_cose_key(private_key)
self._public_key = _ensure_cose_key(public_key)
self._algorithm = algorithm
self._thumbprint = _compute_cose_thumbprint(self._public_key)
|
Source code in swarmauri_pop_cwt/cwt.py
| def cnf_binding(self) -> CnfBinding:
return CnfBinding(BindType.COSE_THUMB, self._thumbprint)
|
sign_request(
method,
url,
*,
kid=None,
jti=None,
ath_b64u=None,
extra_claims=None,
)
Source code in swarmauri_pop_cwt/cwt.py
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235 | def sign_request(
self,
method: str,
url: str,
*,
kid: Optional[bytes] = None,
jti: Optional[str] = None,
ath_b64u: Optional[str] = None,
extra_claims: Mapping[str, object] | None = None,
) -> str:
claims = self._base_claims(method, url, jti=jti, ath_b64u=ath_b64u)
payload_map = self._merge_claims(claims, extra_claims)
payload_bytes = cbor2.dumps(payload_map, canonical=True)
headers = {Algorithm: self._algorithm}
if kid is not None:
headers[KID] = kid
msg = Sign1Message(phdr=headers, uhdr={}, payload=payload_bytes)
msg.key = self._private_key
encoded = msg.encode()
return base64.urlsafe_b64encode(encoded).rstrip(b"=").decode("ascii")
|