Skip to content

Commit 336ebaa

Browse files
lnagellnagel
committed
Fix PEM data loading with cryptography >= 42
1 parent a3b95e2 commit 336ebaa

File tree

3 files changed

+21
-14
lines changed

3 files changed

+21
-14
lines changed

requirements.txt

+5-3
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,6 @@
1-
Django>=1.8
2-
djangorestframework>=3.2,<4.0
1+
cryptography
2+
Django
3+
djangorestframework
4+
pem
35
PyJWT
4-
cryptography>=2.1.0,<4.0
6+
setuptools

rest_framework_sso/keys.py

+12-4
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
# coding: utf-8
22
import os
33

4+
import pem
45
from cryptography.hazmat.backends import default_backend
56
from cryptography.hazmat.primitives.serialization import load_pem_private_key, load_pem_public_key
67
from jwt.exceptions import InvalidKeyError
@@ -17,8 +18,7 @@ def read_key_file(file_name):
1718
file_path = os.path.abspath(os.path.join(api_settings.KEY_STORE_ROOT, file_name))
1819
else:
1920
file_path = os.path.abspath(file_name)
20-
with open(file_path, "rb") as file_obj:
21-
return file_obj.read()
21+
return pem.parse_file(file_path)
2222

2323

2424
def get_key_id(file_name):
@@ -45,12 +45,20 @@ def get_key_file_name(keys, issuer, key_id=None):
4545
def get_private_key_and_key_id(issuer, key_id=None):
4646
file_name = get_key_file_name(keys=api_settings.PRIVATE_KEYS, issuer=issuer, key_id=key_id)
4747
file_data = read_key_file(file_name=file_name)
48-
key = load_pem_private_key(file_data, password=None, backend=default_backend())
48+
try:
49+
key_data = next(o.as_bytes() for o in file_data if isinstance(o, pem.PrivateKey))
50+
except StopIteration:
51+
raise InvalidKeyError(f"No private key found for {issuer=} {key_id=}")
52+
key = load_pem_private_key(key_data, password=None, backend=default_backend())
4953
return key, get_key_id(file_name=file_name)
5054

5155

5256
def get_public_key_and_key_id(issuer, key_id=None):
5357
file_name = get_key_file_name(keys=api_settings.PUBLIC_KEYS, issuer=issuer, key_id=key_id)
5458
file_data = read_key_file(file_name=file_name)
55-
key = load_pem_public_key(file_data, backend=default_backend())
59+
try:
60+
key_data = next(o.as_bytes() for o in file_data if isinstance(o, pem.PublicKey))
61+
except StopIteration:
62+
raise InvalidKeyError(f"No public key found for {issuer=} {key_id=}")
63+
key = load_pem_public_key(key_data, backend=default_backend())
5664
return key, get_key_id(file_name=file_name)

setup.py

+4-7
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
from setuptools import find_packages, setup
44

55

6-
INSTALL_REQUIRES = ["PyJWT>=1.5.2,<2.0.0"]
6+
INSTALL_REQUIRES = ["djangorestframework", "cryptography", "pem", "PyJWT"]
77

88

99
with open(os.path.join(os.path.dirname(__file__), "README.rst")) as readme:
@@ -32,12 +32,9 @@
3232
"License :: OSI Approved :: MIT License",
3333
"Operating System :: OS Independent",
3434
"Programming Language :: Python",
35-
"Programming Language :: Python :: 2",
36-
"Programming Language :: Python :: 2.7",
37-
"Programming Language :: Python :: 3",
38-
"Programming Language :: Python :: 3.4",
39-
"Programming Language :: Python :: 3.5",
40-
"Programming Language :: Python :: 3.6",
35+
"Programming Language :: Python :: 3.10",
36+
"Programming Language :: Python :: 3.11",
37+
"Programming Language :: Python :: 3.12",
4138
"Topic :: Internet :: WWW/HTTP",
4239
"Topic :: Internet :: WWW/HTTP :: Session",
4340
"Topic :: Software Development :: Libraries :: Python Modules",

0 commit comments

Comments
 (0)