Client auth method is handled per endpoint.

rohe · rohe · commit 7eadfd46cfa7 · 2020-03-22T16:16:01.000+01:00
Central handling in endpoint.py .
diff --git a/src/oidcendpoint/__init__.py b/src/oidcendpoint/__init__.py
@@ -6,7 +6,7 @@
 except ImportError:
     import random as rnd
 
-__version__ = "0.13.0"
+__version__ = "0.13.1"
 
 
 DEF_SIGN_ALG = {
diff --git a/src/oidcendpoint/endpoint.py b/src/oidcendpoint/endpoint.py
@@ -178,8 +178,11 @@ def __init__(self, endpoint_context, **kwargs):
                 setattr(self, param, _val)
 
         _methods = kwargs.get("client_authn_method")
+        self.client_authn_method = []
         if _methods:
             self.client_authn_method = client_auth_setup(_methods, endpoint_context)
+        elif _methods is not None:  # [] or '' or something not None but regarded as nothing.
+            pass  # Ignore default value
         elif self.default_capabilities:
             _methods = self.default_capabilities.get("client_authn_method")
             if _methods:
diff --git a/src/oidcendpoint/endpoint_context.py b/src/oidcendpoint/endpoint_context.py
@@ -332,7 +332,6 @@ def do_endpoints(self):
         self.endpoint = build_endpoints(
             self.conf["endpoint"],
             endpoint_context=self,
-            client_authn_method=CLIENT_AUTHN_METHOD,
             issuer=self.conf["issuer"],
         )
 
diff --git a/src/oidcendpoint/oidc/userinfo.py b/src/oidcendpoint/oidc/userinfo.py
@@ -34,8 +34,6 @@ class UserInfo(Endpoint):
     def __init__(self, endpoint_context, **kwargs):
         Endpoint.__init__(self, endpoint_context, **kwargs)
         self.scope_to_claims = None
-        if "client_authn_method" not in kwargs:
-            self.client_authn_method = self.default_capabilities["client_authn_method"]
         # Add the issuer ID as an allowed JWT target
         self.allowed_targets.append("")
 
diff --git a/src/oidcendpoint/util.py b/src/oidcendpoint/util.py
@@ -28,7 +28,7 @@ def importer(name):
     return getattr(module, c2)
 
 
-def build_endpoints(conf, endpoint_context, client_authn_method, issuer):
+def build_endpoints(conf, endpoint_context, issuer):
     """
     conf typically contains::
 
@@ -40,7 +40,6 @@ def build_endpoints(conf, endpoint_context, client_authn_method, issuer):
 
     :param conf:
     :param endpoint_context:
-    :param client_authn_method:
     :param issuer:
     :return:
     """

Original file line number	Diff line number	Diff line change
`@@ -332,7 +332,6 @@ def do_endpoints(self):`
`332`	`332`	`self.endpoint = build_endpoints(`
`333`	`333`	`self.conf["endpoint"],`
`334`	`334`	`endpoint_context=self,`
`335`		`- client_authn_method=CLIENT_AUTHN_METHOD,`
`336`	`335`	`issuer=self.conf["issuer"],`
`337`	`336`	`)`
`338`	`337`