Merge pull request #427 from italia/fix/issue_resolution

Issue resolution

Author: peppelinux

example/satosa/pyeudiw_backend.yaml

@@ -249,19 +249,19 @@ config:
         # client_id: *client_id
         client_id_scheme: x509_san_dns # this will be prepended in the client id scheme used in the request. 
         certificate_authorities:
-          - ca.example.com: |
-                -----BEGIN CERTIFICATE-----
-                MIIB2DCCAX2gAwIBAgIULx2ECoVuwx8Hjz9KT8LU2UnO5fcwCgYIKoZIzj0EAwIw
-                UjEuMCwGA1UEAwwlQ049Y2EuZXhhbXBsZS5jb20sIE89RXhhbXBsZSBDQSwgQz1J
-                VDETMBEGA1UECgwKRXhhbXBsZSBDQTELMAkGA1UEBhMCSVQwHhcNMjUwNDA5MTIw
-                ODUwWhcNMjYwNDEwMTIwODUwWjBSMS4wLAYDVQQDDCVDTj1jYS5leGFtcGxlLmNv
-                bSwgTz1FeGFtcGxlIENBLCBDPUlUMRMwEQYDVQQKDApFeGFtcGxlIENBMQswCQYD
-                VQQGEwJJVDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFnk7w/2CELwYAo1HYjh
-                v07QS3Xo3HL1Qt/SD2s5pcBmENuFzPUS8E1JFZ047hfaGIb+6NQdUcNt7RGBQgvJ
-                cNqjMTAvMBIGA1UdEwEB/wQIMAYBAf8CAQEwGQYDVR0RBBIwEIIOY2EuZXhhbXBs
-                ZS5jb20wCgYIKoZIzj0EAwIDSQAwRgIhAJLASYXdk77YGrVeuj2bdy48fFeGcHwY
-                hEt3dD1GqdqkAiEAqekBRTF9wzJ/lPmRJyPdLoxzGBbIkd53NCtGUfNvaL0=
-                -----END CERTIFICATE-----
+          ca.example.com: |
+            -----BEGIN CERTIFICATE-----
+            MIIB2DCCAX2gAwIBAgIULx2ECoVuwx8Hjz9KT8LU2UnO5fcwCgYIKoZIzj0EAwIw
+            UjEuMCwGA1UEAwwlQ049Y2EuZXhhbXBsZS5jb20sIE89RXhhbXBsZSBDQSwgQz1J
+            VDETMBEGA1UECgwKRXhhbXBsZSBDQTELMAkGA1UEBhMCSVQwHhcNMjUwNDA5MTIw
+            ODUwWhcNMjYwNDEwMTIwODUwWjBSMS4wLAYDVQQDDCVDTj1jYS5leGFtcGxlLmNv
+            bSwgTz1FeGFtcGxlIENBLCBDPUlUMRMwEQYDVQQKDApFeGFtcGxlIENBMQswCQYD
+            VQQGEwJJVDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFnk7w/2CELwYAo1HYjh
+            v07QS3Xo3HL1Qt/SD2s5pcBmENuFzPUS8E1JFZ047hfaGIb+6NQdUcNt7RGBQgvJ
+            cNqjMTAvMBIGA1UdEwEB/wQIMAYBAf8CAQEwGQYDVR0RBBIwEIIOY2EuZXhhbXBs
+            ZS5jb20wCgYIKoZIzj0EAwIDSQAwRgIhAJLASYXdk77YGrVeuj2bdy48fFeGcHwY
+            hEt3dD1GqdqkAiEAqekBRTF9wzJ/lPmRJyPdLoxzGBbIkd53NCtGUfNvaL0=
+            -----END CERTIFICATE-----
         relying_party_certificate_chains_by_ca: # X.509 chains in PEM format. Please note: Leaf's certificate MUST be related to metadata_jwks[0]
             ca.example.com:
               - |

pyeudiw/satosa/schemas/config.py

@@ -7,7 +7,6 @@
 from pyeudiw.jwt.schemas.jwt import JWTConfig
 from pyeudiw.satosa.schemas.autorization import AuthorizationConfig
 from pyeudiw.satosa.schemas.endpoint import EndpointsConfig
-from pyeudiw.satosa.schemas.qrcode import QRCode
 from pyeudiw.satosa.schemas.response import ResponseConfig
 from pyeudiw.satosa.schemas.ui import UiConfig
 from pyeudiw.satosa.schemas.user_attributes import UserAttributesConfig
@@ -18,7 +17,6 @@
 class PyeudiwBackendConfig(BaseModel):
     ui: UiConfig
     endpoints: EndpointsConfig
-    qrcode: QRCode
     response_code: ResponseConfig
     jwt: JWTConfig
     authorization: AuthorizationConfig

pyeudiw/satosa/schemas/qrcode.py

@@ -310,7 +310,7 @@ def base64url_to_int(val):
             "class": "X509Handler",
             "config": {
                 "client_id": f"{BASE_URL}/OpenID4VP",
-                "relying_party_certificate_chains_by_ca":{
+                "relying_party_certificate_chains_by_ca": {
                     "ca.example.com": DEFAULT_X509_CHAIN,
                 },
                 "certificate_authorities": {

pyeudiw/tests/settings.py

@@ -115,7 +115,7 @@ def _cache_upsert_source_trust_materials(
         return trust_source
 
     def _upsert_source_trust_materials(
-        self, trust_source: Optional[TrustSourceData], issuer: Optional[str] = None, force_update: bool = False
+        self, trust_source: Optional[TrustSourceData], entity_id: Optional[str], force_update: bool = False
     ) -> TrustSourceData:
         """
         Extract the trust material of a certain issuer from all the trust handlers.
@@ -128,20 +128,15 @@ def _upsert_source_trust_materials(
         :rtype: Optional[TrustSourceData]
         """
 
-        entity_id = issuer or "__internal__"
-
         if not trust_source:
             trust_source = TrustSourceData.empty(entity_id)
-
-        if entity_id == "__internal__":
-            return self._cache_upsert_source_trust_materials(trust_source, issuer)
 
         if self.mode == "update_first" or force_update:
-            return self._update_upsert_source_trust_materials(trust_source, issuer)
+            return self._update_upsert_source_trust_materials(trust_source, entity_id)
         else:
-            return self._cache_upsert_source_trust_materials(trust_source, issuer)
+            return self._cache_upsert_source_trust_materials(trust_source, entity_id)
 
-    def _get_trust_source(self, issuer: Optional[str] = None, force_update: bool = False) -> TrustSourceData:
+    def _get_trust_source(self, entity_id: Optional[str], force_update: bool = False) -> TrustSourceData:
         """
         Retrieve the trust source from the database or extract it from the trust handlers.
 
@@ -151,9 +146,9 @@ def _get_trust_source(self, issuer: Optional[str] = None, force_update: bool = F
         :returns: The trust source
         :rtype: TrustSourceData
         """
-        trust_source = self._retrieve_trust_source(issuer or "__internal__")            
+        trust_source = self._retrieve_trust_source(entity_id)            
 
-        return self._upsert_source_trust_materials(trust_source, issuer, force_update)
+        return self._upsert_source_trust_materials(trust_source, entity_id, force_update)
 
     def get_public_keys(
             self,