This repository was archived by the owner on Dec 20, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 5
SSO Example Python
Jessica Castrogiovanni edited this page Dec 21, 2016
·
2 revisions
The example below uses the pyjwt library to create and encrypt the token. It is returned as encodedToken. It also builds the login URI to which the user needs to be redirected as loginUri. This example was written for ease of understanding, not security. It is not recommended to use the example code without reviewing it against your development security practices.
import time
import jwt
def create_token(email, role, issuer, audience, expires, pk):
token = {'email': email, 'role': role, 'iss': issuer, 'aud': audience, 'exp': expires}
return jwt.encode(token, pk, algorithm='RS256')
# user_type = 'customer' or 'clinician'
def build_login_uri(domain, user_type, token):
return 'https://' + domain + '/' + user_type + '.access?jwt=' + token
# generate patient login URI
email = 'jdoe@example.com'
role = 'patient'
expires = int(time.time()) + 60 #Expire 60 seconds after issuing
domain = 'example.connectedcare.md'
with open('private.key', 'rb') as pkFile:
privateKey = pkFile.read()
encodedToken = create_token(email, role, 'examplehealth', 'snapmd', expires, privateKey)
patientLoginUri = build_login_uri(domain, 'customer', encodedToken)
# generate clinician login URI
email = 'jdoe@example.com'
role = 'clinician'
expires = int(time.time()) + 60 #Expire 60 seconds after issuing
domain = 'example.connectedcare.md'
with open('private.key', 'rb') as pkFile:
privateKey = pkFile.read()
encodedToken = create_token(email, role, 'examplehealth', 'snapmd', expires, privateKey)
clinicianLoginUri = build_login_uri(domain, 'clinician', encodedToken)