google.auth.crypt.base module

Base classes for cryptographic signers and verifiers.

class Verifier[source]

Bases: object

Abstract base class for crytographic signature verifiers.

abstract verify(message, signature)[source]

Verifies a message against a cryptographic signature.

Parameters:
  • message (Union [ str, bytes ]) – The message to verify.

  • signature (Union [ str, bytes ]) – The cryptography signature to check.

Returns:

True if message was signed by the private key associated with the public key that this object was constructed with.

Return type:

bool

class Signer[source]

Bases: object

Abstract base class for cryptographic signers.

abstract property key_id

The key ID used to identify this private key.

Type:

Optional [ str ]

abstract sign(message)[source]

Signs a message.

Parameters:

message (Union [ str, bytes ]) – The message to be signed.

Returns:

The signature of the message.

Return type:

bytes

class FromServiceAccountMixin[source]

Bases: object

Mix-in to enable factory constructors for a Signer.

abstract from_string(key, key_id=None)[source]

Construct an Signer instance from a private key string.

Parameters:
  • key (str) – Private key as a string.

  • key_id (str) – An optional key id used to identify the private key.

Returns:

The constructed signer.

Return type:

google.auth.crypt.Signer

Raises:

ValueError – If the key cannot be parsed.

classmethod from_service_account_info(info)[source]

Creates a Signer instance instance from a dictionary containing service account info in Google format.

Parameters:

info (Mapping [ str, str ]) – The service account info in Google format.

Returns:

The constructed signer.

Return type:

google.auth.crypt.Signer

Raises:

ValueError – If the info is not in the expected format.

classmethod from_service_account_file(filename)[source]

Creates a Signer instance from a service account .json file in Google format.

Parameters:

filename (str) – The path to the service account .json file.

Returns:

The constructed signer.

Return type:

google.auth.crypt.Signer