Closed mattebit closed 5 months ago
If the docker-compose.yml is set to build all the images locally instead of pulling them from the github registry, an exception occours at the entity configuration request to the trust-anchor from the RP.
Commit used: 1faa95e70fe57293d70167300f7489114f761a7c
The changes made to the compose file are just uncommenting the build tags and commenting the image, for example:
trust-anchor.org: #image: ghcr.io/italia/spid-cie-oidc-django:latest build: context: . dockerfile: ./Dockerfile
This is the log of the exception.
relying-party.org-1 | 2024-02-07 11:17:48,167 spid_cie_oidc.entity.statements INFO Starting Entity Configuration Request for http://trust-anchor.org:8000/.well-known/openid-federation trust-anchor.org-1 | 2024-02-07 11:17:48,208 django.request ERROR Internal Server Error: /.well-known/openid-federation trust-anchor.org-1 | Traceback (most recent call last): trust-anchor.org-1 | File "/usr/local/lib/python3.10/site-packages/django/core/handlers/exception.py", line 55, in inner trust-anchor.org-1 | response = get_response(request) trust-anchor.org-1 | File "/usr/local/lib/python3.10/site-packages/django/core/handlers/base.py", line 197, in _get_response trust-anchor.org-1 | response = wrapped_callback(request, *callback_args, **callback_kwargs) trust-anchor.org-1 | File "/opt/spid_cie_oidc/entity/views.py", line 59, in entity_configuration trust-anchor.org-1 | conf.entity_configuration_as_jws, content_type="application/entity-statement+jwt" trust-anchor.org-1 | File "/opt/spid_cie_oidc/entity/models.py", line 246, in entity_configuration_as_jws trust-anchor.org-1 | self.entity_configuration_as_dict, trust-anchor.org-1 | File "/opt/spid_cie_oidc/entity/models.py", line 218, in entity_configuration_as_dict trust-anchor.org-1 | "jwks": {"keys": self.public_jwks}, trust-anchor.org-1 | File "/opt/spid_cie_oidc/entity/models.py", line 180, in public_jwks trust-anchor.org-1 | skey = serialize_rsa_key(key_from_jwk_dict(i).public_key()) trust-anchor.org-1 | File "/opt/spid_cie_oidc/entity/jwks.py", line 67, in serialize_rsa_key trust-anchor.org-1 | if isinstance(rsa_key, cryptography.hazmat.backends.openssl.rsa._RSAPublicKey): trust-anchor.org-1 | AttributeError: module 'cryptography.hazmat.backends.openssl' has no attribute 'rsa' trust-anchor.org-1 | 2024-02-07 11:17:48,209 django.server ERROR "GET /.well-known/openid-federation HTTP/1.1" 500 79744 relying-party.org-1 | 2024-02-07 11:17:48,210 spid_cie_oidc.relying_party.views.rp_landing WARNING Failed trust chain for http://trust-anchor.org:8000/oidc/op to {'sub': 'http://trust-anchor.org:8000'}: Expecting value: line 1 column 1 (char 0)
With the last release we have corrected this issue, by upgrading to cryptography 42.0.2, please try with v1.3.1 https://github.com/italia/spid-cie-oidc-django/releases/tag/v1.3.1
With 1.3.1 it works, thank you
If the docker-compose.yml is set to build all the images locally instead of pulling them from the github registry, an exception occours at the entity configuration request to the trust-anchor from the RP.
Commit used: 1faa95e70fe57293d70167300f7489114f761a7c
The changes made to the compose file are just uncommenting the build tags and commenting the image, for example:
This is the log of the exception.