Added an argument to the dump method. Useful when dumping part of tree of objects.

rohe · rohe · commit 8714a9925e89 · 2021-03-20T09:03:39.000+01:00
diff --git a/src/cryptojwt/key_bundle.py b/src/cryptojwt/key_bundle.py
@@ -6,6 +6,7 @@
 import time
 from datetime import datetime
 from functools import cmp_to_key
+from typing import Optional
 
 import requests
 
@@ -24,7 +25,6 @@
 from .jwk.jwk import dump_jwk
 from .jwk.jwk import import_jwk
 from .jwk.rsa import RSAKey
-from .jwk.rsa import import_private_rsa_key_from_file
 from .jwk.rsa import new_rsa_key
 from .utils import as_unicode
 
@@ -153,18 +153,18 @@ class KeyBundle:
     """The Key Bundle"""
 
     def __init__(
-        self,
-        keys=None,
-        source="",
-        cache_time=300,
-        ignore_errors_period=0,
-        fileformat="jwks",
-        keytype="RSA",
-        keyusage=None,
-        kid="",
-        ignore_invalid_keys=True,
-        httpc=None,
-        httpc_params=None,
+            self,
+            keys=None,
+            source="",
+            cache_time=300,
+            ignore_errors_period=0,
+            fileformat="jwks",
+            keytype="RSA",
+            keyusage=None,
+            kid="",
+            ignore_invalid_keys=True,
+            httpc=None,
+            httpc_params=None,
     ):
         """
         Contains a set of keys that have a common origin.
@@ -751,7 +751,7 @@ def difference(self, bundle):
 
         return [k for k in self._keys if k not in bundle]
 
-    def dump(self):
+    def dump(self, cutoff: Optional[list] = None):
         _keys = []
         for _k in self._keys:
             _ser = _k.to_dict()
@@ -1246,3 +1246,19 @@ def init_key(filename, type, kid="", **kwargs):
     _new_key = key_gen(type, kid=kid, **kwargs)
     dump_jwk(filename, _new_key)
     return _new_key
+
+
+def key_by_alg(alg: str):
+    if alg.startswith("RS"):
+        return key_gen("RSA", alg="RS256")
+    elif alg.startswith("ES"):
+        if alg == "ES256":
+            return key_gen("EC", crv="P-256")
+        elif alg == "ES384":
+            return key_gen("EC", crv="P-384")
+        elif alg == "ES512":
+            return key_gen("EC", crv="P-521")
+    elif alg.startswith("HS"):
+        return key_gen("sym")
+
+    raise ValueError("Don't know who to create a key to use with '{}'".format(alg))
diff --git a/src/cryptojwt/key_issuer.py b/src/cryptojwt/key_issuer.py
@@ -1,6 +1,7 @@
 import json
 import logging
 import os
+from typing import Optional
 
 from requests import request
 
@@ -350,16 +351,18 @@ def __len__(self):
             nr += len(kb)
         return nr
 
-    def dump(self, exclude=None):
+    def dump(self, exclude=None, cutoff: Optional[list]=None) -> dict:
         """
         Returns the content as a dictionary.
 
+        :param exclude: Issuer that should not be include in the dump
+        :param cutoff: List of attribute name for objects that should be ignored.
         :return: A dictionary
         """
 
         _bundles = []
         for kb in self._bundles:
-            _bundles.append(kb.dump())
+            _bundles.append(kb.dump(cutoff=cutoff))
 
         info = {
             "name": self.name,
diff --git a/src/cryptojwt/key_jar.py b/src/cryptojwt/key_jar.py
@@ -25,14 +25,13 @@ class KeyJar(object):
     """ A keyjar contains a number of KeyBundles sorted by owner/issuer """
 
     def __init__(
-        self,
-        ca_certs=None,
-        verify_ssl=True,
-        keybundle_cls=KeyBundle,
-        remove_after=3600,
-        httpc=None,
-        httpc_params=None,
-        storage=None,
+            self,
+            ca_certs=None,
+            verify_ssl=True,
+            keybundle_cls=KeyBundle,
+            remove_after=3600,
+            httpc=None,
+            httpc_params=None,
     ):
         """
         KeyJar init function
@@ -43,15 +42,9 @@ def __init__(
         :param remove_after: How long keys marked as inactive will remain in the key Jar.
         :param httpc: A HTTP client to use. Default is Requests request.
         :param httpc_params: HTTP request parameters
-        :param storage: An instance that can store information. It basically look like dictionary.
         :return: Keyjar instance
         """
-
-        if storage is None:
-            self._issuers = {}
-        else:
-            self._issuers = storage
-
+        self._issuers = {}
         self.spec2key = {}
         self.ca_certs = ca_certs
         self.keybundle_cls = keybundle_cls
@@ -386,7 +379,7 @@ def export_jwks(self, private=False, issuer_id="", usage=None):
                     k.serialize(private)
                     for k in kb.keys()
                     if k.inactive_since == 0
-                    and (usage is None or (hasattr(k, "use") and k.use == usage))
+                       and (usage is None or (hasattr(k, "use") and k.use == usage))
                 ]
             )
         return {"keys": keys}
@@ -472,14 +465,14 @@ def remove_outdated(self, when=0):
 
     @deprecated_alias(issuer="issuer_id", owner="issuer_id")
     def _add_key(
-        self,
-        keys,
-        issuer_id,
-        use,
-        key_type="",
-        kid="",
-        no_kid_issuer=None,
-        allow_missing_kid=False,
+            self,
+            keys,
+            issuer_id,
+            use,
+            key_type="",
+            kid="",
+            no_kid_issuer=None,
+            allow_missing_kid=False,
     ):
 
         _issuer = self._get_issuer(issuer_id)
@@ -617,8 +610,6 @@ def copy(self):
         """
         Make deep copy of the content of this key jar.
 
-        Note that if this key jar uses an external storage module the copy will not.
-
         :return: A :py:class:`oidcmsg.key_jar.KeyJar` instance
         """
 
@@ -635,10 +626,12 @@ def copy(self):
     def __len__(self):
         return len(self._issuers)
 
-    def dump(self, exclude=None):
+    def dump(self, exclude: Optional[bool] = None, cutoff: Optional[list] = None) -> dict:
         """
         Returns the key jar content as dictionary
 
+        :param cutoff: list of attribute names that should be ignored when dumping.
+        :type cutoff: list
         :return: A dictionary
         """
 
@@ -654,11 +647,21 @@ def dump(self, exclude=None):
         for _id, _issuer in self._issuers.items():
             if exclude and _issuer.name in exclude:
                 continue
-            _issuers[_id] = _issuer.dump()
+            _issuers[_id] = _issuer.dump(cutoff=cutoff)
         info["issuers"] = _issuers
 
         return info
 
+    def dumps(self, exclude=None):
+        """
+        Returns a JSON representation of the key jar
+
+        :param exclude: Exclude these issuers
+        :return: A string
+        """
+        _dict = self.dump(exclude=exclude)
+        return json.dumps(_dict)
+
     def load(self, info):
         """
 
@@ -675,6 +678,9 @@ def load(self, info):
             self._issuers[_issuer_id] = KeyIssuer().load(_issuer_desc)
         return self
 
+    def loads(self, string):
+        return self.load(json.loads(string))
+
     @deprecated_alias(issuer="issuer_id", owner="issuer_id")
     def key_summary(self, issuer_id):
         _issuer = self._get_issuer(issuer_id)
@@ -705,7 +711,7 @@ def rotate_keys(self, key_conf, kid_template="", issuer_id=""):
 # =============================================================================
 
 
-def build_keyjar(key_conf, kid_template="", keyjar=None, issuer_id="", storage=None):
+def build_keyjar(key_conf, kid_template="", keyjar=None, issuer_id=""):
     """
     Builds a :py:class:`oidcmsg.key_jar.KeyJar` instance or adds keys to
     an existing KeyJar based on a key specification.
@@ -744,7 +750,6 @@ def build_keyjar(key_conf, kid_template="", keyjar=None, issuer_id="", storage=N
         kid_template is given then the built-in function add_kid() will be used.
     :param keyjar: If an KeyJar instance the new keys are added to this key jar.
     :param issuer_id: The default owner of the keys in the key jar.
-    :param storage: A Storage instance.
     :return: A KeyJar instance
     """
 
@@ -753,7 +758,7 @@ def build_keyjar(key_conf, kid_template="", keyjar=None, issuer_id="", storage=N
         return None
 
     if keyjar is None:
-        keyjar = KeyJar(storage=storage)
+        keyjar = KeyJar()
 
     keyjar[issuer_id] = _issuer
 
@@ -762,12 +767,11 @@ def build_keyjar(key_conf, kid_template="", keyjar=None, issuer_id="", storage=N
 
 @deprecated_alias(issuer="issuer_id", owner="issuer_id")
 def init_key_jar(
-    public_path="",
-    private_path="",
-    key_defs="",
-    issuer_id="",
-    read_only=True,
-    storage=None,
+        public_path="",
+        private_path="",
+        key_defs="",
+        issuer_id="",
+        read_only=True,
 ):
     """
     A number of cases here:
@@ -805,7 +809,6 @@ def init_key_jar(
     :param key_defs: A definition of what keys should be created if they are not already available
     :param issuer_id: The owner of the keys
     :param read_only: This function should not attempt to write anything to a file system.
-    :param storage: A Storage instance.
     :return: An instantiated :py:class;`oidcmsg.key_jar.KeyJar` instance
     """
 
@@ -819,7 +822,7 @@ def init_key_jar(
     if _issuer is None:
         raise ValueError("Could not find any keys")
 
-    keyjar = KeyJar(storage=storage)
+    keyjar = KeyJar()
     keyjar[issuer_id] = _issuer
     return keyjar
 
