peppelinux
commented
2 years ago metadata json schemes refactored, signed_jwks_uri included https://github.com/italia/spid-cie-oidc-django/commit/a888c7ed0d60040042825028c69bd9712390403b
Closed peppelinux closed 2 years ago
peppelinux
commented
2 years ago metadata json schemes refactored, signed_jwks_uri included https://github.com/italia/spid-cie-oidc-django/commit/a888c7ed0d60040042825028c69bd9712390403b
peppelinux
commented
2 years ago
We support jwks_uri and jwks but not signed_jwks_uri
I think that's very important get this feature asap in the project
these are the relevant parts of the code to be considered, these part of the code MUST be generalized with a method on the Provider/RP class, to resolve the jwks whatever it is if jwks, jwks_uri or signed_jwks_uri (with signature verification)
https://github.com/italia/spid-cie-oidc-django/blob/main/spid_cie_oidc/provider/views/__init__.py#L89 https://github.com/italia/spid-cie-oidc-django/blob/fd718769af5de6aaccc76c316a8f504b322f68b2/spid_cie_oidc/relying_party/oidc/__init__.py#L46 https://github.com/italia/spid-cie-oidc-django/blob/fd718769af5de6aaccc76c316a8f504b322f68b2/spid_cie_oidc/provider/views/__init__.py#L177 https://github.com/italia/spid-cie-oidc-django/blob/9ae04b5fb0fced4f4036e6d8a6cabe53483c0f0b/spid_cie_oidc/relying_party/tests/mocked_response.py#L150 https://github.com/italia/spid-cie-oidc-django/blob/c9c0167a19dbfb0ccc912878137bd6ba6c2b1827/spid_cie_oidc/relying_party/views/rp_callback.py#L193
with unit tests :)