in kinto-remote-settings/src/kinto_remote_settings/signer/backends/autograph.py [0:0]
def sign(self, payload):
if isinstance(payload, str): # pragma: no cover
payload = payload.encode("utf-8")
b64_payload = base64.b64encode(payload)
url = urljoin(self.server_url, "/sign/data")
logger.info(
"Sign %s bytes using Autograph %s with key %r",
len(b64_payload),
url,
self.key_id,
)
resp = requests.post(
url,
auth=self.auth,
json=[
{
"input": b64_payload.decode("utf-8"),
"keyid": self.key_id,
}
],
)
resp.raise_for_status()
signature_bundle = resp.json()[0]
# Critical fields must be present, will raise if missing.
infos = {field: signature_bundle[field] for field in SIGNATURE_FIELDS}
# Other fields are returned and will be stored as part of the signature.
# but client won't break if they are missing, so don't raise.
infos.update(
**{
field: signature_bundle[field]
for field in EXTRA_SIGNATURE_FIELDS
if field in signature_bundle
}
)
logger.info(
"Obtained %s response from Autograph %s",
resp.status_code,
signature_bundle["ref"],
)
return infos