OIDCTokenVerifier

class gafaelfawr.providers.oidc.OIDCTokenVerifier(config, http_client, logger)

Bases: object

Verify a JWT issued by an OpenID Connect provider.

Parameters:

• config (OIDCConfig) – OpenID Connect authentication provider configuration.

• http_client (AsyncClient) – Session to use to make HTTP requests.

• logger (BoundLogger) – Logger for any log messages.

Methods Summary

verify_token(token)

Verify the provided JWT from an OpenID Connect provider.

Methods Documentation

async verify_token(token)

Verify the provided JWT from an OpenID Connect provider.

Parameters:

token (OIDCToken) – JWT to verify.

Returns:

The verified token contents.

Return type:

OIDCVerifiedToken

Raises:

• jwt.exceptions.InvalidTokenError – Raised if the token is invalid.

• OIDCWebError – Raised if unable to retrieve signing keys from the provider.

• VerifyTokenError – Raised if the token failed to verify or was invalid in some way.