oneid.session

SessionBase

class oneid.session.SessionBase(identity_credentials=None, project_credentials=None, oneid_credentials=None, peer_credentials=None, config=None)[source]

Abstract Session Class

Variables:
  • identity_credentials – oneID identity Credentials
  • project_credentials – unique project credentials Credentials
  • oneid_credentials – oneID project credentials Credentials
  • oneid_credentials – peer credentials Credentials
  • config – Dictionary or configuration keyword arguments

DeviceSession

class oneid.session.DeviceSession(identity_credentials=None, project_credentials=None, oneid_credentials=None, peer_credentials=None, config=None)[source]
verify_message(message, rekey_credentials=None)[source]

Verify a message received from the Project

Parameters:
  • message – JSON formatted JWS with at least two signatures
  • rekey_credentials – List of Credential
Returns:

verified message or False if not valid

prepare_message(encrypt_to_peers=True, other_recipients=None, *args, **kwargs)[source]

Prepare a message before sending

Parameters:
  • encrypt_to_peers (bool) – If True (default), and peer_credentials available, encrypt the message to them
  • other_recipients (list of Credential) – Additional recipients to encrypt to
Returns:

Signed JWS

ServerSession

class oneid.session.ServerSession(identity_credentials=None, project_credentials=None, oneid_credentials=None, peer_credentials=None, config=None)[source]

Enable Server to request two-factor Authentication from oneID

prepare_message(rekey_credentials=None, encrypt_to_peers=True, other_recipients=None, **kwargs)[source]

Build message that has two-factor signatures

Parameters:
  • rekey_credentials (list) – (optional) rekey credentials
  • encrypt_to_peers (bool) – If True (default), and peer_credentials available, encrypt the message to them
  • other_recipients (list of Credential) – Additional recipients to encrypt to
Returns:

Signed JWS to be sent to devices

verify_message(message, device_credentials, get_oneid_cosignature=True)[source]

Verify a message received from/through one or more Devices

Parameters:
  • message – JSON formatted JWS or JWT signed by the Device
  • device_credentialsCredential (or list of them) to verify Device signature(s) against
  • get_oneid_cosignature – (default: True) verify with oneID first
Returns:

verified message or False if not valid

AdminSession

class oneid.session.AdminSession(identity_credentials, project_credentials=None, oneid_credentials=None, config=None)[source]

Admin Users will only interface with oneID service, They only need an identity_credentials and oneid_credentials to verify responses