settings loaders: provide A2_IDP_OIDC_JWKSET to authentic (#25686)
This commit is contained in:
parent
0b6b9e313b
commit
01da77f564
|
@ -214,6 +214,13 @@ class Authentic(FileBaseSettingsLoader):
|
||||||
tenant_settings.A2_IDP_SAML2_ENABLE = True
|
tenant_settings.A2_IDP_SAML2_ENABLE = True
|
||||||
tenant_settings.A2_IDP_SAML2_SIGNATURE_PUBLIC_KEY = open(saml_crt).read()
|
tenant_settings.A2_IDP_SAML2_SIGNATURE_PUBLIC_KEY = open(saml_crt).read()
|
||||||
tenant_settings.A2_IDP_SAML2_SIGNATURE_PRIVATE_KEY = open(saml_key).read()
|
tenant_settings.A2_IDP_SAML2_SIGNATURE_PRIVATE_KEY = open(saml_key).read()
|
||||||
|
if not getattr(tenant_settings, 'A2_IDP_OIDC_JWKSET', None):
|
||||||
|
from jwcrypto import jwk
|
||||||
|
jwkkey = jwk.JWK.from_pem(
|
||||||
|
tenant_settings.A2_IDP_SAML2_SIGNATURE_PRIVATE_KEY)
|
||||||
|
jwkset = jwk.JWKSet()
|
||||||
|
jwkset['keys'].add(jwkkey)
|
||||||
|
tenant_settings.A2_IDP_OIDC_JWKSET = jwkset.export()
|
||||||
else:
|
else:
|
||||||
tenant_settings.A2_IDP_SAML2_ENABLE = False
|
tenant_settings.A2_IDP_SAML2_ENABLE = False
|
||||||
|
|
||||||
|
|
|
@ -19,8 +19,9 @@ def skeleton_dir(request, settings):
|
||||||
return settings.HOBO_SKELETONS_DIR
|
return settings.HOBO_SKELETONS_DIR
|
||||||
|
|
||||||
|
|
||||||
def test_hobo_deploy(tenant_base, settings, mocker, skeleton_dir):
|
def test_hobo_deploy(tenant_base, mocker, skeleton_dir):
|
||||||
from django.core.management import call_command
|
from django.core.management import call_command
|
||||||
|
from django.conf import settings
|
||||||
|
|
||||||
# Create skeleton roles.json
|
# Create skeleton roles.json
|
||||||
os.makedirs(os.path.join(skeleton_dir, 'commune', 'wcs'))
|
os.makedirs(os.path.join(skeleton_dir, 'commune', 'wcs'))
|
||||||
|
@ -341,6 +342,12 @@ def test_hobo_deploy(tenant_base, settings, mocker, skeleton_dir):
|
||||||
for at in Attribute.all_objects.all():
|
for at in Attribute.all_objects.all():
|
||||||
assert [field for field in env['profile']['fields']
|
assert [field for field in env['profile']['fields']
|
||||||
if field['name'] == at.name]
|
if field['name'] == at.name]
|
||||||
|
|
||||||
|
# OIDC checks
|
||||||
|
from authentic2_idp_oidc.utils import get_jwkset
|
||||||
|
assert get_jwkset()
|
||||||
|
|
||||||
|
# SAML checks
|
||||||
from authentic2.saml.models import (SPOptionsIdPPolicy,
|
from authentic2.saml.models import (SPOptionsIdPPolicy,
|
||||||
LibertyProvider,
|
LibertyProvider,
|
||||||
LibertyServiceProvider)
|
LibertyServiceProvider)
|
||||||
|
|
Loading…
Reference in New Issue