diff --git a/hobo/multitenant/settings_loaders.py b/hobo/multitenant/settings_loaders.py index f74acad..fdd0e94 100644 --- a/hobo/multitenant/settings_loaders.py +++ b/hobo/multitenant/settings_loaders.py @@ -214,6 +214,13 @@ class Authentic(FileBaseSettingsLoader): tenant_settings.A2_IDP_SAML2_ENABLE = True tenant_settings.A2_IDP_SAML2_SIGNATURE_PUBLIC_KEY = open(saml_crt).read() tenant_settings.A2_IDP_SAML2_SIGNATURE_PRIVATE_KEY = open(saml_key).read() + if not getattr(tenant_settings, 'A2_IDP_OIDC_JWKSET', None): + from jwcrypto import jwk + jwkkey = jwk.JWK.from_pem( + tenant_settings.A2_IDP_SAML2_SIGNATURE_PRIVATE_KEY) + jwkset = jwk.JWKSet() + jwkset['keys'].add(jwkkey) + tenant_settings.A2_IDP_OIDC_JWKSET = jwkset.export() else: tenant_settings.A2_IDP_SAML2_ENABLE = False diff --git a/tests_authentic/test_hobo_deploy.py b/tests_authentic/test_hobo_deploy.py index 4b2f96b..47bb535 100644 --- a/tests_authentic/test_hobo_deploy.py +++ b/tests_authentic/test_hobo_deploy.py @@ -19,8 +19,9 @@ def skeleton_dir(request, settings): return settings.HOBO_SKELETONS_DIR -def test_hobo_deploy(tenant_base, settings, mocker, skeleton_dir): +def test_hobo_deploy(tenant_base, mocker, skeleton_dir): from django.core.management import call_command + from django.conf import settings # Create skeleton roles.json os.makedirs(os.path.join(skeleton_dir, 'commune', 'wcs')) @@ -341,6 +342,12 @@ def test_hobo_deploy(tenant_base, settings, mocker, skeleton_dir): for at in Attribute.all_objects.all(): assert [field for field in env['profile']['fields'] if field['name'] == at.name] + + # OIDC checks + from authentic2_idp_oidc.utils import get_jwkset + assert get_jwkset() + + # SAML checks from authentic2.saml.models import (SPOptionsIdPPolicy, LibertyProvider, LibertyServiceProvider)