Test refresh_token
unknown
plain_text
2 years ago
5.5 kB
8
Indexable
# Test from urllib.parse import urlencode, quote import http.cookies as cookies from jose import jwt from jose.exceptions import * import http.client import base64 import boto3 import json import hmac import hashlib cognito_user_pool_id = "us-east-1_u5c3GmmKE" cognito_client_id = "2vm2fhicgfrdksjr4ka87enso1" cognito_client_secret = "k79ggnf9uhu9ls1f3vkhiritrc2prm5ns0bmd3ti777gvktp4e8" cognito_user_pool_url = "https://stylcoggoogle.auth.us-east-1.amazoncognito.com" cloudfront_domain_name = "https://d2z2rc8j78yv4c.cloudfront.net" cognito_idp_domain = "cognito-idp.us-east-1.amazonaws.com" def generate_secret_hash(A, B) : credentials = A + B secret_hash = hmac.new( cognito_client_secret.encode('utf-8'), credentials.encode('utf-8'), hashlib.sha256 ).digest() secret_hash_base64 = base64.b64encode(secret_hash).decode() return secret_hash_base64 def get_key(access_token) : jwks_url = f"/{cognito_user_pool_id}/.well-known/jwks.json" conn = http.client.HTTPSConnection(cognito_idp_domain) conn.request("GET", jwks_url) response = conn.getresponse().read().decode('utf-8') jwks_data = eval(response) header = jwt.get_unverified_header(access_token) header_kid = header['kid'] for item in jwks_data['keys']: if (item['kid'] == header_kid) : return item def refresh_access_token(refresh_token) : cognito_client = boto3.client("cognito-idp") response = cognito_client.initiate_auth( AuthFlow = 'REFRESH_TOKEN_AUTH', AuthParameters = { 'REFRESH_TOKEN' : refresh_token, 'SECRET_HASH' : generate_secret_hash("Google_117727834150775985850", cognito_client_id) }, ClientId = cognito_client_id ) return response['AuthenticationResult']['AccessToken'] access_token = "eyJraWQiOiJtVkhPeGJYek0rdjlCV056WmlvdmRncVkwK3FISlVMVmdrdXM2Zm9XWmhJPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiIyYTExZGU3Ny03ZjY5LTRhMTAtYmRjZC0wYzA1MzIwNWNmYTYiLCJjb2duaXRvOmdyb3VwcyI6WyJ1cy1lYXN0LTFfdTVjM0dtbUtFX0dvb2dsZSJdLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV91NWMzR21tS0UiLCJ2ZXJzaW9uIjoyLCJjbGllbnRfaWQiOiIydm0yZmhpY2dmcmRrc2pyNGthODdlbnNvMSIsIm9yaWdpbl9qdGkiOiI2OGY3M2JlMy1iZWUxLTQ0NDUtOTRmOS02YTU2MGQ3NmU0Y2MiLCJ0b2tlbl91c2UiOiJhY2Nlc3MiLCJzY29wZSI6ImF3cy5jb2duaXRvLnNpZ25pbi51c2VyLmFkbWluIG9wZW5pZCBwcm9maWxlIGVtYWlsIiwiYXV0aF90aW1lIjoxNjk2MzkyNDY3LCJleHAiOjE2OTYzOTI3NjcsImlhdCI6MTY5NjM5MjQ2OCwianRpIjoiYTg5Zjg4ZDAtMTliZS00ZjgxLTlmZjQtZDQxZTI5YWI1NzQ4IiwidXNlcm5hbWUiOiJHb29nbGVfMTE3NzI3ODM0MTUwNzc1OTg1ODUwIn0.pJmoqcj-H0WxZ6cLFHJLjaXkmt0zR_B__jUIAsIP4dFvA72BpVsQOqerrB4y_U1iKKtboQQOAKVO5fdTpWIwp39mW90aOLnMH_rqUT6fGlA7P85SbuAR2OV9nSIBMWFSwXKw7CyqCJjjBz9l_e03rz0bgauFxeIG0Vk1Ipo-pef-24dZNt5hviRKpu3jMiXUahEgCOyIihJItB2KNmIJ0HJdTf1yhsS53Wr_HqThInQR_b_J4LpAvbZSXQS2Sw7SGrXrEU7cl_VRZWMRxchd6F5s-5fkfqZ1X-JYZMjo13IxUvbPJYJkzuCvddtBiZl5mXWENj8MvopOdasKutYIlA" refresh_token = "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.HYOuGb6MEOpPlGiGDSx0KnH0iLJhcracQM6UY9DL_u0VMMAZjPDAEc9P7KYv2L-ztX84BQhWMMvYKv2XSwj_87F3mKFmotsiUJ8A0troCY-3TW1AEiXM2cs2UrPUqqwEODtUF93w4TlmXcaWB0KCnewitGlXc95yALiy1ZCNJijrYCVF-tG-9LcPf-PRPnJvIqphoDx7TRoXi4SEHPjih1qs4E3gRF4Kwy571k_uk3HYAiIwJnJaWvk70N0PEaJKCnsgNN8Od1c-l5E4wIY_iWw4GoO-9pmkN-QdF1525PTmYVymACnapsRPBe0nIS66E4FIWHOIYcZNVhHwf1nkkQ.xpaD1CYQNJatGNDe.f2FZT1dNd9pq26eNCqR3MfzRN4nPWB6JT26OAA7XnOvPQttU6jLLo-7SGdR2A9HkHBO8TmYrAe4YZAUqULrjMW3zk_iXm4dXmJVACnkqW7XWPfse-RHJoKbKI4Cl5FKtIBX36GwAUFDe8-EOUEOFutzk0CGx5DPzz8PecF6CzRs3oX8owlI5OA0KqeTFitANw4B54jGK4n4zi4kCJwJi8l0g0XLzNSFfD1LMW-zyjEkndhivNxzl5r8pD3bU0YXVQC5MgW5oZhylulqakzNeRhIJPcsLm7SWovI3iFbtxyxl2hZl6yhYLmjwts8tJtdM9N5aK1Y8Oi92NdsFxO-tSnVgThbPEkO08SRzmNYu8VZlyeFPxvKw2j88t36wyp1aZQ87okiyF_Qv9RCxlr1CrZD_s--Xb8jGC4zsS2Wq2mxpjnWSC4n1nk36zIXynnzSzuvvoC5C51lRZDs7MgZq85bKa4RjzbFs0uUSA_uJ6B4rh1iIpohhpSEjTHiaSSo_TsiQ2FcqHjdlL6_xLkCYvD4mog6dYSDngD70UdS4yhwpbkYFfzJScXOnK9ZElC_WiS4l3flDgIhMr1PQWrfUMeEePIeEqhw5op-RoM5RXnGH1A8ZTpOwh3PT7EWc9wIaRkr6e4o9aa2H4c4KM-C7Ajjn5UBxGj6rYUH0_ay_bzKbvp_mJ-DUb1v70vCfXpYQNlo9lem_7yCmSIPb8NOV4tYvD9f9opUYFCUn5FrVwSn4IW7dCQ1WG2PpeAdhRtdFQq8KcZJlCBE120siC6pKFrYxyeZAoUsvUCKB3KksbgrXJUULzbzqAGDhKYVa07eOwR8Dsu6Wo7yJOxFQVDh1vFobHN-O8eFFTthSVgpRHy7AFFoARdNBouiMw0R-QZxcnO3w_YIXFtbM591Xzjs1i_XQyUEPmhG7DgH1ddC4X-_9wV309xO4wA9OYQWStX9rs2nsKnaZCfbPcbg_IomAfiux46zybvH1jHk57SIHiGUUv_tWZs5x8EFYKgnw73X6WCokBK-KoZWVfXPBXD-PdnKGPjr_iuuuoOFxl6QHOXWr0cyR21UoZWLB4Dy-uFEeGliUstY3Kdl0bfo4xv1Eyt3P9osIogts_utjw8ttAlGMqBew38YeDrrn2Q3lODz7OYZq0gZP2KIaPugaJ119RMJ5J9aqJjDEMHu1-1g6m6yCn-dyGK70MPWzPBHVHMxG0G2jP1A_gvE_zTqxC2kjNTNB6ceqAJBWYY6hP8mT2iefypMneOQL5jeXB5mOhWLpNxOmSCG0-P_bq0I.4N3KX0tINDJfAEnR58PGCQ" while (True) : try : print("ACCESS_TOKEN : ", access_token) key = get_key(access_token) response = jwt.decode( access_token, key, options = { "verify_iss": True, "iss" : f"https://{cognito_idp_domain}/{cognito_user_pool_id}", "verify_signature": True, "verify_exp": True } ) print("Token verification status : ", response) break except ExpiredSignatureError as e : print("Access token - ", e) access_token = refresh_access_token(refresh_token) except : print("No access_token found")
Editor is loading...