Commits on Nov 1, 2022

1. Add compute_hash_digest to Algorithm objects …

   `Algorithm.compute_hash_digest` is defined as a method which inspects
   the object to see that it has the requisite attributes, `hash_alg`.
   
   If `hash_alg` is not set, then the method raises a
   NotImplementedError. This applies to classes like NoneAlgorithm.
   
   If `hash_alg` is set, then it is checked for
   ```
   has_crypto  # is cryptography available?
   and isinstance(hash_alg, type)
   and issubclass(hash_alg, hashes.HashAlgorithm)
   ```
   to see which API for computing a digest is appropriate --
   `hashlib` vs `cryptography.hazmat.primitives.hashes`.
   
   These checks could be avoided at runtime if it were necessary to
   optimize further (e.g. attach compute_hash_digest methods to classes
   with a class decorator) but this is not clearly a worthwhile
   optimization. Such perf tuning is intentionally omitted for now.

   

   sirosen committed Nov 1, 2022
   Configuration menu

   • View commit details
   • Copy full SHA for d6870f1
   • Browse repository at this point

   Copy the full SHA

   d6870f1 View commit details

   Browse the repository at this point in the history

2. Add doc example of OIDC login flow …

   The goal of this doc example is to demonstrate usage of
   `get_algorithm_by_name` and `compute_hash_digest` for the purpose of
   `at_hash` validation. It is not meant to be a "guaranteed correct" and
   spec-compliant example.
   
   closes jpadilla#314

   

   sirosen committed Nov 1, 2022
   Configuration menu

   • View commit details
   • Copy full SHA for dc39200
   • Browse repository at this point

   Copy the full SHA

   dc39200 View commit details

   Browse the repository at this point in the history