I'm attempting to add the JWT_PUBLIC
and JWT_PRIVATE
key functionality to djangorestframework-jwt
. This is the section in the documentation which gives details as to how to use it:
To start, I have the following:
from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicKey, RSAPrivateKey
JWT_SECRET_KEY = 'supercrazysecretjwtstringwowamazing'
JWT_PUBLIC_KEY = RSAPublicKey().encrypt(JWT_SECRET_KEY)
JWT_PRIVAT_KEY = RSAPrivateKey().encrypt(JWT_SECRET_KEY)
However, I am receiving the following error:
TypeError: Can't instantiate abstract class RSAPublicKey with abstract methods encrypt, key_size, public_bytes, public_numbers, verifier, verify
Having looked through the documentation, I am none the wiser as to what the is specifically asking me to do/change.
So, my question/(s) is/are:
1.) How do we use the JWT_PUBLIC_KEY
and JWT_PRIVATE_KEY
functionality of this package?
2.) What does the " Can't instantiate abstract class X with abstract methods " actually mean in a Python context?
asymmetric crypto (ie having public and private keys) is different from symmetric crypto (ie just having a single secret key). you can't (generally) derive an asymmetric (public/private) key pair from a passphrase, you have to generate them with something like openssl
those docs also look incorrect, the code just passes the private and public keys to PyJWT which in turn expects strings
to solve your problem:
JWT_ALGORITHM = 'RS256'
JWT_PUBLIC_KEY = open('public.pem').read()
JWT_PRIVATE_KEY = open('private.pem').read()
and things will hopefully work!
looks like I misread the code, you can load keys with something like:
def load_rsa_private_key(path):
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
with open(path, 'rb') as priv:
private_key = serialization.load_pem_private_key(
priv.read(), password=None, backend=default_backend())
return private_key
JWT_PRIVATE_KEY = load_rsa_private_key('keypair.pem')
JWT_PUBLIC_KEY = JWT_PRIVATE_KEY.public_key()
I'm doing it in a function so that it doesn't pollute your config namespace too much
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.