## Disclaimer

**English:**

This explanation was translated by ChatGPT.

**中文翻译:**

本说明由 ChatGPT 翻译成中文。

In [49]:
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import serialization
from jose import jwt
import datetime, uuid
import hashlib
import base64
from jose.exceptions import JWTError, ExpiredSignatureError, JWTClaimsError
from pprint import pprint

## 1. Generate RSA Key Pair

**English:**

OIDC relies on signed JWTs to ensure integrity and authenticity. RSA is commonly used for asymmetric signing (RS256), allowing the identity provider to sign tokens and clients to verify them using a public key.

**中文翻译:**

OIDC 依赖签名的 JWT 来确保完整性和真实性。RSA 通常用于非对称签名（RS256），允许身份提供者签署令牌，客户端使用公钥进行验证。



In [50]:
key = rsa.generate_private_key(public_exponent=65537, key_size=2048)
private_key_pem = key.private_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PrivateFormat.PKCS8,
    encryption_algorithm=serialization.NoEncryption(),
).decode("utf-8")
public_key_pem = key.public_key().public_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PublicFormat.SubjectPublicKeyInfo
).decode("utf-8")

print("Private Key:")
print(private_key_pem)
print("Public Key:")
print(public_key_pem)

Private Key:
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCewu7BmFXMT97q
5S8FIeA94xrCkjXP3YKchyOZWx6s6U3A3WNayRt/aWVV/YSmXLpV0f2JzHgukb2n
z3CTo6X8+rH2IkH5aX4H9DibGJEv2mrjkhAOqjFdImksJH/mum4HP2/8XN1yyxZm
w0aPgKWt+9PLzeukgLAsE30GtWETYktP1WumlShzLfm7JDLNDDfsiFAabIuXhOIh
RPLl1Zp0Y+nzRSDcp3iCu9sfXYU3J2NhZpqeHe11+oCHC5gf3z+7hv3LC1MPANf9
78m9/x+f5OI2DEiAwISDHC30mgtqii48lf/g0iMOx0xcfqMmhSDMh4JfUxG2QVjC
B1GKEJSDAgMBAAECggEACtbE1YN1+sX1Mn+aed+PNLUdmEJtLsIxGZ4BqIWtDsxl
hOZYfdPpxFrIvVnamupib7DaKMnvO+wH+737h0jj8I/uYx8sS+qPh9wnmockhRTa
DqwOhpceBFLGGr+/L7HIs0akeaFJc9M5C05dBzfBl/hFGc6hk5CUS94PaiGAqCxb
0Sdc6JRO6N8Tg/kVAVoBuSnufKC9mxVXZ+NdjoCw83iLUGONruNR7S3Uj9NHL1oZ
i1L5c/Gt8aOtVlknkdmZ5cEZLWrPVqtX+C3+60nEMuCccL9dnqo8MRwRLJiHnlZ0
a0bj/NN7UJ+oDu6Fk9i9g5m8CPM3yCE0zG3/og1QcQKBgQC3jmcqPVFDfokgSTay
BTgj0eDOPcrQhV5ieoY5OMaiEP7ulCFdecPVCb3jSui70Ko0g5fsfIAQerKaMkoF
WtZidSo3/tX3BggvGEvLUhDBmJzj4th8Q8QgDF5Z5+hxUGxLN5qTY0A/LoEKQgDq
RmTEHLdqpdQajXbYXBfd84AVOQKBgQDda2NEQZVl6JKEtNq82

## 2. Define Base Claims

**English:**

Claims such as `sub`, `iss`, `aud`, `iat`, `exp`, and `nbf` are standard in OIDC tokens. `sub` identifies the user, `iss` is the issuer (provider), and `aud` defines the intended audience (client ID or API). The `exp`, `iat`, and `nbf` claims help enforce token validity periods.

**中文翻译:**

如 `sub`、`iss`、`aud`、`iat`、`exp` 和 `nbf` 等声明是 OIDC 令牌中的标准字段。`sub` 表示用户身份，`iss` 表示发行者（身份提供方），`aud` 表示令牌的预期接收方（客户端 ID 或 API）。`exp`、`iat` 和 `nbf` 用于控制令牌的有效期。



In [51]:
def make_claims(aud, extra=None):
    now = datetime.datetime.now(datetime.timezone.utc)
    claims = {
        "sub": "user123",
        "iss": "https://provider.example.com",
        "aud": aud,
        "iat": int((now - datetime.timedelta(seconds=30)).timestamp()),
        "exp": int((now + datetime.timedelta(minutes=5)).timestamp()),
        "nbf": int((now - datetime.timedelta(seconds=30)).timestamp()),
        "jti": str(uuid.uuid4()),
    }
    if extra:
        claims.update(extra)
    return claims

## 3. Generate Access Token

**English:**

The access token is issued for an API or resource server and should include `aud`, `scope`, and lifetime claims. It is used for authorization, not for conveying identity information.

**中文翻译:**

访问令牌（Access Token）是颁发给 API 或资源服务器的，通常包含 `aud`、`scope` 和有效期相关的声明。它用于授权，而不是传递用户身份信息。



In [52]:
access_token = jwt.encode(
    make_claims("api-resource-id", {"scope": "read write"}),
    private_key_pem,
    algorithm="RS256"
)

## 4. Compute `at_hash`

**English:**

`at_hash` is part of the OIDC specification to bind the access token to the ID token. This prevents token substitution attacks. It is computed by hashing the access token, taking the left-most half, and base64url-encoding it.

**中文翻译:**

`at_hash` 是 OIDC 规范的一部分，用于将访问令牌绑定到 ID 令牌，从而防止令牌替换攻击。其计算方式是对访问令牌进行哈希，取前一半，并进行 base64url 编码。



In [53]:
def generate_at_hash(access_token: str) -> str:
    digest = hashlib.sha256(access_token.encode("utf-8")).digest()
    left_half = digest[:len(digest) // 2]
    return base64.urlsafe_b64encode(left_half).rstrip(b"=").decode("utf-8")

at_hash = generate_at_hash(access_token)
print("at_hash:")
print(at_hash)

at_hash:
-I9kUNqJDAXJIWDSjJOMwQ


## 5. Generate ID Token (with `at_hash`)

**English:**

The ID token provides authentication information and is consumed by the client. Including `at_hash` improves security by allowing the client to verify the access token matches the ID token session.

**中文翻译:**

ID 令牌提供身份认证信息，由客户端使用。包含 `at_hash` 可以提升安全性，允许客户端验证访问令牌是否与该 ID 令牌会话匹配。



In [54]:
id_token = jwt.encode(
    make_claims("client-app-id", {"email": "user@example.com", "at_hash": at_hash}),
    private_key_pem,
    algorithm="RS256"
)

## 6. Output Tokens

**English:**

Tokens are printed or returned to simulate how they would be delivered in a real OIDC flow. The client would typically store these tokens temporarily and use them accordingly.

**中文翻译:**

输出令牌是为了模拟在实际 OIDC 流程中它们如何被传递。客户端通常会暂时存储这些令牌，并根据需要使用它们。



In [55]:
print("ID Token:", id_token)
print("Access Token:", access_token)

ID Token: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ1c2VyMTIzIiwiaXNzIjoiaHR0cHM6Ly9wcm92aWRlci5leGFtcGxlLmNvbSIsImF1ZCI6ImNsaWVudC1hcHAtaWQiLCJpYXQiOjE3NDcwMjQyMDgsImV4cCI6MTc0NzAyNDUzOCwibmJmIjoxNzQ3MDI0MjA4LCJqdGkiOiIzYzczYjdlZS1kN2E0LTQ5YTAtYTZmMi0wY2YwMmRiZGM4NDAiLCJlbWFpbCI6InVzZXJAZXhhbXBsZS5jb20iLCJhdF9oYXNoIjoiLUk5a1VOcUpEQVhKSVdEU2pKT013USJ9.FVlgNoXpySjAQLIHDubyRsIHpTOlRWvlKkTDizYX02_zUX3yhZSyiN3Jvu1At3q4j4WibZx0EkQMHEA1MWUFhP56_nlYHPBZpzhvySiCZ5wApLKlZeK-Dds2VsA8AbGYmwbZGTDIU4eCMXtYvfiVqnF0ZAcZfy_ma7CaIwBPyDfqjk50vngFcbLiTErt8bLYJtqeD1yrg4O3x8XAX-eG22uUs1gcIe_dHuiFdnpmkEmeK4MWL2v7-8J48qX3ETnJAQzAoWVuavLVx4H1uWC3EemQpLG5hUKLCbvso64LRko_1Wd8yDzofWrOd9rvlhC9dq8Z-eB9H1l_0mATCYr26g
Access Token: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ1c2VyMTIzIiwiaXNzIjoiaHR0cHM6Ly9wcm92aWRlci5leGFtcGxlLmNvbSIsImF1ZCI6ImFwaS1yZXNvdXJjZS1pZCIsImlhdCI6MTc0NzAyNDIwOCwiZXhwIjoxNzQ3MDI0NTM4LCJuYmYiOjE3NDcwMjQyMDgsImp0aSI6ImJmMTU0YTM4LWU0MWYtNDdlMC04OTI2LTg5MWE5NzBjNThmNyIsInNjb3BlIjoicm

## 7. Verify ID Token and Access Token

**English:**

This step ensures both the ID token and the Access token are authentic, valid, and were issued for the correct audience.  
- The **ID token** is verified with the client’s audience, issuer, and `at_hash` binding to ensure it matches the associated access token.  
- The **Access token** is verified with the API audience to confirm it's intended for the resource server.  

This validation helps prevent token tampering, misuse, and impersonation attacks.

**中文翻译：**

此步骤用于确保 ID 令牌和访问令牌的真实性、有效性，并且其颁发对象正确。  
- **ID 令牌** 会验证其受众（aud）、发行者（iss）以及 `at_hash`，确保其与相关联的访问令牌匹配。  
- **访问令牌** 会验证其是否颁发给当前的 API（资源服务器）。  

这些验证可防止令牌被篡改、误用或冒用，从而保障系统安全。


In [56]:
# Decode and verify ID token
try:
    id_claims = jwt.decode(
        id_token,
        public_key_pem,
        algorithms=['RS256'],
        audience='client-app-id',
        issuer='https://provider.example.com',
        access_token=access_token,
    )
    print('✅ ID Token is valid:')
    pprint(id_claims)
except (ExpiredSignatureError, JWTClaimsError, JWTError) as e:
    print(f'❌ ID Token invalid: {e}')

# Decode and verify Access token
try:
    access_claims = jwt.decode(
        access_token,
        public_key_pem,
        algorithms=['RS256'],
        audience='api-resource-id',
        issuer='https://provider.example.com'
    )
    print('\n✅ Access Token is valid:')
    pprint(access_claims)
except (ExpiredSignatureError, JWTClaimsError, JWTError) as e:
    print(f'❌ Access Token invalid: {e}')

✅ ID Token is valid:
{'at_hash': '-I9kUNqJDAXJIWDSjJOMwQ',
 'aud': 'client-app-id',
 'email': 'user@example.com',
 'exp': 1747024538,
 'iat': 1747024208,
 'iss': 'https://provider.example.com',
 'jti': '3c73b7ee-d7a4-49a0-a6f2-0cf02dbdc840',
 'nbf': 1747024208,
 'sub': 'user123'}

✅ Access Token is valid:
{'aud': 'api-resource-id',
 'exp': 1747024538,
 'iat': 1747024208,
 'iss': 'https://provider.example.com',
 'jti': 'bf154a38-e41f-47e0-8926-891a970c58f7',
 'nbf': 1747024208,
 'scope': 'read write',
 'sub': 'user123'}
