Mercurial > p > roundup > code
annotate roundup/anypy/ssl_.py @ 7809:be6cb2e0d471
feat: add support for rotating jwt keys
This allows jwt_secret to have multiple ',' separated secrets. The
first/leftmost should be used to sign new JWTs. All of them are used
(starting from left/newest) to try to verify a JWT.
If the first secret is < 32 chars in length JWTs are disabled. If any
of the other secrets are < 32 chars, the configuration code causes the
software to exit. This prevents insecure (too short) secrets from
being used.
Updated doc examples and tests.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Thu, 14 Mar 2024 19:04:19 -0400 |
| parents | d5d7ecd31864 |
| children |
| rev | line source |
|---|---|
|
6582
3e8f2104753b
issue2551186 - replace socket.sslerror in mailgw.py.
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
1 try: |
|
3e8f2104753b
issue2551186 - replace socket.sslerror in mailgw.py.
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
2 # Python 3+ |
|
3e8f2104753b
issue2551186 - replace socket.sslerror in mailgw.py.
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
3 from ssl import SSLError |
|
3e8f2104753b
issue2551186 - replace socket.sslerror in mailgw.py.
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
4 except (ImportError, AttributeError): |
|
3e8f2104753b
issue2551186 - replace socket.sslerror in mailgw.py.
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
5 # Python 2.5-2.7 |
|
7767
d5d7ecd31864
chore: sort imports w/ ruff.
John Rouillard <rouilj@ieee.org>
parents:
7228
diff
changeset
|
6 from socket import sslerror as SSLError # noqa: F401 |