how to sign request tokens?

1
votes

I am currently trying to write a script to send off a request token, I have the header, and the claimset, but I don't understand the signature! OAuth requires my private key to be encrypted with SHA256withRSA (also known as RSASSA-PKCS1-V1_5-SIGN with the SHA-256 hash function), but the closest I could find was RSAES-PKCS1-v1_5 (has RSA, and the SHA-256 hash). I followed the example, and tweaked it, so I could get it set, but heres my dillema: signature = "" h = SHA.new (signature)

key = RSA.importKey(open('C:\Users\Documents\Library\KEY\My Project 905320c6324f.json').read())
cipher = PKCS1_v1_5.new(key)
ciphertext = cipher.encrypt(message+h.digest())
print(ciphertext)

I'm a bit lost, the JSON file I was given has both public key, and private, do I copy and paste the private key into the signature variable (it gave me a invalid syntax)? Or do I past the directory again? I am so lost, and way over my head haha. I am currently running Python 3.4, with pyCrypto for the signature.

1
pythonpython-3.xbase64jwt

1 Answers

0
votes

Based on what you've said below about wanting to write a command system using gmail, I wrote a simple script to do this using IMAP. I think this is probably simpler than trying to use Google APIs for a single user, unless you were wanting to do that simply for the exercise.

import imaplib, logging
from time import sleep

USERNAME = 'YOUR_USERNAME_HERE' # For gmail, this is your full email address.
PASSWORD = 'YOUR_PASSWORD_HERE'
CHECK_DELAY = 60 # In seconds

LOGGING_FORMAT = '%(asctime)s %(message)s'
logging.basicConfig(filename='imapTest.log', format=LOGGING_FORMAT, level=logging.INFO)

logging.info("Connecting to IMAP server...")
imap = imaplib.IMAP4_SSL('imap.gmail.com')
imap.login(USERNAME, PASSWORD)
logging.info("Connected to IMAP server.")

def get_command_messages():
    logging.info("Checking for new commands.")
    imap.check()
    # Search the inbox (server-side) for messages containing the subject 'COMMAND' and which are from you.
    # Substitute USERNAME below for the sending email address if it differs.
    typ, data = imap.search(None, '(FROM "%s" SUBJECT "COMMAND")' %(USERNAME))
    return data[0]

def delete_messages(message_nums):
    logging.info("Deleting old commands.")
    for message in message_nums.split():
        imap.store(message, '+FLAGS', '\\DELETED')
    imap.expunge()

# Select the inbox
imap.select()

# Delete any messages left over that match commands, so we are starting 'clean'.
# This probably isn't the nicest way to do this, but saves checking the DATE header.
message_nums = get_command_messages()
delete_messages(message_nums)

try:
    while True:
        sleep(CHECK_DELAY)
        # Get the message body and sent time. Use BODY.PEEK instead of BODY if you don't want to mark the message as read, but we're deleting it anyway below.
        message_nums = get_command_messages()
        if message_nums:
            # search returns space-separated message IDs, but we need them comma-separated for fetch.
            typ, messages = imap.fetch(message_nums.replace(' ', ','), '(BODY[TEXT])')
            logging.info("Found %d commands" %(len(messages[0])))
            for message in messages[0]:
                # You now have the message body in the message variable.
                # From here, you can check against it to perform commands, e.g:
                if 'shutdown' in message:
                    print("I got a shutdown command!")
                    # Do stuff
            delete_messages(message_nums)
finally:
    try:
        imap.close()
    except:
        pass
    imap.logout()

If you're set on using the Gmail API, though, Google strongly encourage you to use their existing Python library rather than attempt to do full authentication etc. yourself as you appear to be. With that, it should - more or less - be a case of replacing the imap calls above with the relevant Gmail API ones.