Skip to main content

Security

Authentication

Policy Papers

Security in Practice

Health Care

OWASP

Secret Zero

JWT

import requests,jwt
jwks_data = requests.get("https://apigw-stg.cdc.gov:8443/openid/connect/jwks.json").json()
public_key = jwt.algorithms.RSAAlgorithm.from_jwk(jwks_data["keys"][0])
decoded_token = jwt.decode(token, public_key, algorithms=['RS256'])

openssl for creating shared keys

openssl rsa -in jwtRSA256-private.pem -outform PEM -out jwtRSA256-priv.pem
openssl rsa -in jwtRSA256-private.pem -pubout -outform PEM -out jwtRSA256-public.pem
openssl x509 -text -noout -in SLS_PUBLIC_KEY_A
openssl x509 -text -in prod.cer -pubout -out prod.key
openssl x509 -text -in prod.cer -pubkey -out prod.key
openssl x509 -pubkey -noout -in prod.cer > prod.key