[SDK-3714] Async token verifier

Open adamjmcgrath opened this issue 3 years ago • 0 comments

Changes

Asyncify the last blocking http calls (JWKS fetching)

from auth0.v3.authentication.async_token_verifier import import (
    AsyncAsymmetricSignatureVerifier,
    AsyncJwksFetcher,
    AsyncTokenVerifier,
)
domain = 'myaccount.auth0.com'
client_id = 'exampleid'

# After authenticating
id_token = auth_result['id_token']

jwks_url = 'https://{}/.well-known/jwks.json'.format(domain)
issuer = 'https://{}/'.format(domain)

sv = AsyncAsymmetricSignatureVerifier(jwks_url)  # Reusable instance
tv = AsyncTokenVerifier(signature_verifier=sv, issuer=issuer, audience=client_id)
tv.set_session(some_client_session) # to share an http session
await tv.verify(id_token)

# low level
fetcher = AsyncJwksFetcher(jwks_url)
fetcher.set_session(some_client_session) # to share an http session
public_key = await fetcher.get_key("id1")

References

resolves #432

Testing

[x] This change adds unit test coverage
[x] This change adds integration test coverage
[x] This change has been tested on the latest version of the platform/language or why not

Checklist

[x] I have read the Auth0 general contribution guidelines
[x] I have read the Auth0 Code of Conduct
[x] All existing and new tests complete without errors

Oct 13 '22 10:10 adamjmcgrath