|
|
|
|
@ -5,6 +5,7 @@ from .models import ASSNotification |
|
|
|
|
from django.conf import settings |
|
|
|
|
import json, jwt |
|
|
|
|
import base64 |
|
|
|
|
import os |
|
|
|
|
|
|
|
|
|
from OpenSSL.crypto import ( |
|
|
|
|
X509Store, |
|
|
|
|
@ -78,5 +79,21 @@ def _decode_jws(token, root_cert_path, algorithms): |
|
|
|
|
except (ValueError, KeyError, jwt.exceptions.PyJWTError, X509StoreContextError) as err: |
|
|
|
|
raise InvalidTokenError from err |
|
|
|
|
|
|
|
|
|
def _get_root_cert(root_cert_path): |
|
|
|
|
|
|
|
|
|
fn = os.environ.get("APPLE_ROOT_CA") |
|
|
|
|
if fn is None: |
|
|
|
|
fn = root_cert_path or "AppleRootCA-G3.cer" |
|
|
|
|
|
|
|
|
|
fn = os.path.expanduser(fn) |
|
|
|
|
with open(fn, "rb") as f: |
|
|
|
|
data = f.read() |
|
|
|
|
root_cert = load_certificate(FILETYPE_ASN1, data) |
|
|
|
|
|
|
|
|
|
return root_cert |
|
|
|
|
|
|
|
|
|
class InvalidTokenError(Exception): |
|
|
|
|
pass |
|
|
|
|
|
|
|
|
|
def add_labels(key: str) -> bytes: |
|
|
|
|
return ("-----BEGIN CERTIFICATE-----\n" + key + "\n-----END CERTIFICATE-----").encode() |
|
|
|
|
|
