actions/pypi-publish
1
0
Fork 0
mirror of https://github.com/pypa/gh-action-pypi-publish.git synced 2024-09-12 23:57:15 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

oidc-exchange: fix padding

Browse source 
Signed-off-by: William Woodruff <william@trailofbits.com>
This commit is contained in:
William Woodruff 2023-08-10 16:04:43 -04:00
parent ade57f54dc
commit ba3ecc9355
No known key found for this signature in database
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
oidc-exchange.py
View file

@ -144,6 +144,9 @@ def assert_successful_audience_call(resp: requests.Response, domain: str):
def render_claims(token: str) -> str:
_, payload, _ = token.split(".", 2)
# urlsafe_b64decode needs padding; JWT payloads don't contain any.
payload += "=" * (4 - (len(payload) % 4))
claims = json.loads(base64.urlsafe_b64decode(payload))
def _get(name: str) -> str: # noqa: WPS430
@ -207,7 +210,8 @@ if not mint_token_resp.ok:
die(
_SERVER_REFUSED_TOKEN_EXCHANGE_MESSAGE.format(
reasons=reasons, rendered_claims=rendered_claims,
reasons=reasons,
rendered_claims=rendered_claims,
),
)