else:
raise Exception("Unsupported userinfo source")
try:
OAS.cookie_ttl = config.COOKIETTL
except AttributeError:
pass
try:
OAS.cookie_name = config.COOKIENAME
except AttributeError:
pass
#print URLS
if args.debug:
OAS.debug = True
# All endpoints the OpenID Connect Provider should answer on
add_endpoints(ENDPOINTS)
OAS.endpoints = ENDPOINTS
if args.port == 80:
OAS.baseurl = config.baseurl
else:
if config.baseurl.endswith("/"):
config.baseurl = config.baseurl[:-1]
OAS.baseurl = "%s:%d" % (config.baseurl, args.port)
if not OAS.baseurl.endswith("/"):
OAS.baseurl += "/"
# provider.keyjar is an interesting parameter,
# currently it uses default values, but
# if you have time, it worth investigating.
for authnIndexedEndPointWrapper in authnBroker:
authnIndexedEndPointWrapper.srv = provider
# TODO: this is a point to consider: what if user data in a database?
if config.USERINFO == "SIMPLE":
provider.userinfo = UserInfo(config.USERDB)
provider.cookie_ttl = config.COOKIETTL
provider.cookie_name = config.COOKIENAME
if args.debug:
provider.debug = True
try:
# JWK: JSON Web Key
# JWKS: is a dictionary of JWK
# __________ NOTE __________
# JWKS contains private key information.
#
# keyjar_init configures cryptographic key
# based on the provided configuration "keys".
jwks = keyjar_init(
provider, # server/client instance
config.keys, # key configuration
kid_template="op%d"
) # template by which to build the kids (key ID parameter)
except Exception as err:
else:
raise Exception("Unsupported userinfo source")
try:
OAS.cookie_ttl = config.COOKIETTL
except AttributeError:
pass
try:
OAS.cookie_name = config.COOKIENAME
except AttributeError:
pass
#print URLS
if args.debug:
OAS.debug = True
# All endpoints the OpenID Connect Provider should answer on
add_endpoints(ENDPOINTS)
OAS.endpoints = ENDPOINTS
if args.port == 80:
OAS.baseurl = config.baseurl
else:
if config.baseurl.endswith("/"):
config.baseurl = config.baseurl[:-1]
OAS.baseurl = "%s:%d" % (config.baseurl, args.port)
if not OAS.baseurl.endswith("/"):
OAS.baseurl += "/"
# provider.keyjar is an interesting parameter,
# currently it uses default values, but
# if you have time, it worth investigating.
for authnIndexedEndPointWrapper in authnBroker:
authnIndexedEndPointWrapper.srv = provider
# TODO: this is a point to consider: what if user data in a database?
if config.USERINFO == "SIMPLE":
provider.userinfo = UserInfo(config.USERDB)
provider.cookie_ttl = config.COOKIETTL
provider.cookie_name = config.COOKIENAME
if args.debug:
provider.debug = True
try:
# JWK: JSON Web Key
# JWKS: is a dictionary of JWK
# __________ NOTE __________
# JWKS contains private key information.
#
# keyjar_init configures cryptographic key
# based on the provided configuration "keys".
jwks = keyjar_init(
provider, # server/client instance
config.keys, # key configuration
kid_template="op%d") # template by which to build the kids (key ID parameter)
except Exception as err:
# LOGGER.error("Key setup failed: %s" % err)
