Refactored key jar making.

Dealt with getting a jwks_uri in a static provider info configuration.
Response_types as list or space separated string should both work.

Author: rohe

src/idpyoidc/client/oauth2/__init__.py

@@ -82,6 +82,8 @@ def __init__(
             else:
                 httpc_params = {"verify": False}
 
+        jwks_uri = jwks_uri or config.get('jwks_uri', '')
+
         Entity.__init__(
             self,
             keyjar=keyjar,

src/idpyoidc/client/oauth2/stand_alone_client.py

@@ -463,7 +463,10 @@ def get_access_and_id_token(
             state = authorization_response["state"]
 
         _req_attr = _context.cstate.get_set(state, AuthorizationRequest)
-        _resp_type = set(_req_attr["response_type"].split(" "))
+        if isinstance(_req_attr["response_type"], list):
+            _resp_type = set(_req_attr["response_type"])
+        else:
+            _resp_type = set(_req_attr["response_type"].split(" "))
 
         access_token = None
         id_token = None

src/idpyoidc/client/service_context.py

@@ -171,6 +171,10 @@ def __init__(
 
         self.keyjar = self.claims.load_conf(config.conf, supports=self.supports(), keyjar=keyjar)
 
+        _jwks_uri = self.provider_info.get('jwks_uri')
+        if _jwks_uri:
+            self.keyjar.load_keys(self.provider_info.get('issuer'), jwks_uri=_jwks_uri)
+
         _response_types = self.get_preference(
             "response_types_supported", self.supports().get("response_types_supported", [])
         )

src/idpyoidc/message/oidc/__init__.py

@@ -240,6 +240,7 @@ def check_char_set(string, allowed):
     "encenc",
     "sigalg",
     "issuer",
+    "iss",
     "allow_missing_kid",
     "no_kid_issuer",
     "trusting",

src/idpyoidc/node.py

@@ -13,10 +13,10 @@
 
 
 def create_keyjar(
-    keyjar: Optional[KeyJar] = None,
-    conf: Optional[Union[dict, Configuration]] = None,
-    key_conf: Optional[dict] = None,
-    id: Optional[str] = "",
+        keyjar: Optional[KeyJar] = None,
+        conf: Optional[Union[dict, Configuration]] = None,
+        key_conf: Optional[dict] = None,
+        id: Optional[str] = "",
 ):
     if keyjar is None:
         if key_conf:
@@ -45,6 +45,49 @@ def create_keyjar(
         return keyjar
 
 
+def make_keyjar(
+        keyjar: Optional[Union[KeyJar, bool]] = None,
+        config: Optional[Union[Configuration, dict]] = None,
+        key_conf: Optional[dict] = None,
+        issuer_id: Optional[str] = "",
+        client_id: Optional[str] = "",
+    ):
+    if keyjar is False:
+        return None
+
+    keyjar = keyjar or config.get("keyjar")
+    key_conf = key_conf or config.get("key_conf", config.get("keys"))
+
+    if not keyjar and not key_conf:
+        keyjar = KeyJar()
+        _jwks = config.get("jwks")
+        if _jwks:
+            keyjar.import_jwks_as_json(_jwks, client_id)
+
+    if keyjar or key_conf:
+        # Should be either one
+        id = issuer_id or client_id
+        keyjar = create_keyjar(keyjar, conf=config, key_conf=key_conf, id=id)
+        if client_id:
+            _key = config.get("client_secret")
+            if _key:
+                keyjar.add_symmetric(client_id, _key)
+                keyjar.add_symmetric("", _key)
+    else:
+        if client_id:
+            _key = config.get("client_secret")
+            if _key:
+                keyjar = KeyJar()
+                keyjar.add_symmetric(client_id, _key)
+                keyjar.add_symmetric("", _key)
+        else:
+            keyjar = build_keyjar(DEFAULT_KEY_DEFS)
+            if issuer_id:
+                keyjar.import_jwks(keyjar.export_jwks(private=True), issuer_id)
+
+    return keyjar
+
+
 class Node:
     def __init__(self, upstream_get: Callable = None):
         self.upstream_get = upstream_get
@@ -82,15 +125,15 @@ class Unit(ImpExp):
     init_args = ["upstream_get"]
 
     def __init__(
-        self,
-        upstream_get: Callable = None,
-        keyjar: Optional[KeyJar] = None,
-        httpc: Optional[object] = None,
-        httpc_params: Optional[dict] = None,
-        config: Optional[Union[Configuration, dict]] = None,
-        key_conf: Optional[dict] = None,
-        issuer_id: Optional[str] = "",
-        client_id: Optional[str] = "",
+            self,
+            upstream_get: Callable = None,
+            keyjar: Optional[Union[KeyJar, bool]] = None,
+            httpc: Optional[object] = None,
+            httpc_params: Optional[dict] = None,
+            config: Optional[Union[Configuration, dict]] = None,
+            key_conf: Optional[dict] = None,
+            issuer_id: Optional[str] = "",
+            client_id: Optional[str] = "",
     ):
         ImpExp.__init__(self)
         self.upstream_get = upstream_get
@@ -99,35 +142,7 @@ def __init__(
         if config is None:
             config = {}
 
-        keyjar = keyjar or config.get("keyjar")
-        key_conf = key_conf or config.get("key_conf", config.get("keys"))
-
-        if not keyjar and not key_conf:
-            keyjar = KeyJar()
-            _jwks = config.get("jwks")
-            if _jwks:
-                keyjar.import_jwks_as_json(_jwks, client_id)
-
-        if keyjar or key_conf:
-            # Should be either one
-            id = issuer_id or client_id
-            self.keyjar = create_keyjar(keyjar, conf=config, key_conf=key_conf, id=id)
-            if client_id:
-                _key = config.get("client_secret")
-                if _key:
-                    self.keyjar.add_symmetric(client_id, _key)
-                    self.keyjar.add_symmetric("", _key)
-        else:
-            if client_id:
-                _key = config.get("client_secret")
-                if _key:
-                    self.keyjar = KeyJar()
-                    self.keyjar.add_symmetric(client_id, _key)
-                    self.keyjar.add_symmetric("", _key)
-            else:
-                self.keyjar = build_keyjar(DEFAULT_KEY_DEFS)
-                if issuer_id:
-                    self.keyjar.import_jwks(self.keyjar.export_jwks(private=True), issuer_id)
+        self.keyjar = make_keyjar(keyjar, config, key_conf, issuer_id, client_id)
 
         self.httpc_params = httpc_params or config.get("httpc_params", {})
 
@@ -176,16 +191,16 @@ class ClientUnit(Unit):
     name = ""
 
     def __init__(
-        self,
-        upstream_get: Callable = None,
-        httpc: Optional[object] = None,
-        httpc_params: Optional[dict] = None,
-        keyjar: Optional[KeyJar] = None,
-        context: Optional[ImpExp] = None,
-        config: Optional[Union[Configuration, dict]] = None,
-        # jwks_uri: Optional[str] = "",
-        entity_id: Optional[str] = "",
-        key_conf: Optional[dict] = None,
+            self,
+            upstream_get: Callable = None,
+            httpc: Optional[object] = None,
+            httpc_params: Optional[dict] = None,
+            keyjar: Optional[KeyJar] = None,
+            context: Optional[ImpExp] = None,
+            config: Optional[Union[Configuration, dict]] = None,
+            # jwks_uri: Optional[str] = "",
+            entity_id: Optional[str] = "",
+            key_conf: Optional[dict] = None,
     ):
         if config is None:
             config = {}
@@ -217,16 +232,16 @@ def get_context_attribute(self, attr, *args):
 # Neither client nor Server
 class Collection(Unit):
     def __init__(
-        self,
-        upstream_get: Callable = None,
-        keyjar: Optional[KeyJar] = None,
-        httpc: Optional[object] = None,
-        httpc_params: Optional[dict] = None,
-        config: Optional[Union[Configuration, dict]] = None,
-        entity_id: Optional[str] = "",
-        key_conf: Optional[dict] = None,
-        functions: Optional[dict] = None,
-        claims: Optional[dict] = None,
+            self,
+            upstream_get: Callable = None,
+            keyjar: Optional[KeyJar] = None,
+            httpc: Optional[object] = None,
+            httpc_params: Optional[dict] = None,
+            config: Optional[Union[Configuration, dict]] = None,
+            entity_id: Optional[str] = "",
+            key_conf: Optional[dict] = None,
+            functions: Optional[dict] = None,
+            claims: Optional[dict] = None,
     ):
         if config is None:
             config = {}