in authenticating-users/main.py [0:0]
def validate_assertion(assertion):
"""Checks that the JWT assertion is valid (properly signed, for the
correct audience) and if so, returns strings for the requesting user's
email and a persistent user ID. If not valid, returns None for each field.
"""
from jose import jwt
try:
info = jwt.decode(
assertion,
certs(),
algorithms=['ES256'],
audience=audience()
)
return info['email'], info['sub']
except Exception as e:
print('Failed to validate assertion: {}'.format(e), file=sys.stderr)
return None, None