Skip to content

Class swarmauri_pop_cwt.cwt.CwtPoPSigner

swarmauri_pop_cwt.cwt.CwtPoPSigner

CwtPoPSigner(
    *,
    private_key,
    public_key,
    algorithm,
    include_query=False,
)

Bases: PopSigningBase

Signer that emits COSE Sign1 PoP proofs.

Source code in swarmauri_pop_cwt/cwt.py
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
def __init__(
    self,
    *,
    private_key,
    public_key,
    algorithm: SignatureAlg,
    include_query: bool = False,
) -> None:
    super().__init__(
        kind=PoPKind.CWT, header_name="CWP", include_query=include_query
    )
    self._private_key = _ensure_cose_key(private_key)
    self._public_key = _ensure_cose_key(public_key)
    self._algorithm = algorithm
    self._thumbprint = _compute_cose_thumbprint(self._public_key)

cnf_binding

cnf_binding()
Source code in swarmauri_pop_cwt/cwt.py
211
212
def cnf_binding(self) -> CnfBinding:
    return CnfBinding(BindType.COSE_THUMB, self._thumbprint)

sign_request

sign_request(
    method,
    url,
    *,
    kid=None,
    jti=None,
    ath_b64u=None,
    extra_claims=None,
)
Source code in swarmauri_pop_cwt/cwt.py
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
def sign_request(
    self,
    method: str,
    url: str,
    *,
    kid: Optional[bytes] = None,
    jti: Optional[str] = None,
    ath_b64u: Optional[str] = None,
    extra_claims: Mapping[str, object] | None = None,
) -> str:
    claims = self._base_claims(method, url, jti=jti, ath_b64u=ath_b64u)
    payload_map = self._merge_claims(claims, extra_claims)
    payload_bytes = cbor2.dumps(payload_map, canonical=True)

    headers = {Algorithm: self._algorithm}
    if kid is not None:
        headers[KID] = kid

    msg = Sign1Message(phdr=headers, uhdr={}, payload=payload_bytes)
    msg.key = self._private_key
    encoded = msg.encode()
    return base64.urlsafe_b64encode(encoded).rstrip(b"=").decode("ascii")