From 93080b75ee5377980665708f49a538e57e810156 Mon Sep 17 00:00:00 2001
From: peppelinux <giuseppe.demarco@unical.it>
Date: Sat, 15 May 2021 16:24:44 +0200
Subject: [PATCH] JWKs Factory

- fix: factory creates two different folder even If a private_path was defined in the general configuration
- chore: small code refactor with linting
---
 src/oidcop/token/handler.py | 42 ++++++++++++++++++++++++++++++-------
 1 file changed, 34 insertions(+), 8 deletions(-)

diff --git a/src/oidcop/token/handler.py b/src/oidcop/token/handler.py
index 8cd20b36..ddc1fb86 100755
--- a/src/oidcop/token/handler.py
+++ b/src/oidcop/token/handler.py
@@ -139,27 +139,53 @@ def factory(server_get,
     TTYPE = {"code": "A", "token": "T", "refresh": "R"}
 
     key_defs = []
+    read_only = False
+    if kwargs.get('jwks_def'):
+        defs = kwargs['jwks_def']
+        jwks_file = defs.get('private_path', jwks_file)
+        read_only = defs.get('read_only', read_only)
+        key_defs = defs.get('key_defs', [])
+
+    for _keyd in key_defs:
+        if _keyd['kid'] == 'code':
+            code = _keyd
+        elif _keyd['kid'] == 'refresh':
+            refresh = _keyd
+        elif _keyd['kid'] == 'token':
+            token = _keyd
+
     if code is not None:
-        key_defs.append({"type": "oct", "bytes": 24, "use": ["enc"], "kid": "code"})
+        key_defs.append(
+            {"type": "oct", "bytes": 24, "use": ["enc"], "kid": "code"}
+        )
     if refresh is not None:
-        key_defs.append({"type": "oct", "bytes": 24, "use": ["enc"], "kid": "refresh"})
+        key_defs.append(
+            {"type": "oct", "bytes": 24, "use": ["enc"], "kid": "refresh"}
+        )
     if token is not None:
-        key_defs.append({"type": "oct", "bytes": 24, "use": ["enc"], "kid": "token"})
+        key_defs.append(
+            {"type": "oct", "bytes": 24, "use": ["enc"], "kid": "token"}
+        )
 
-    kj = init_key_jar(key_defs=key_defs, private_path=jwks_file, read_only=False)
+    kj = init_key_jar(key_defs=key_defs, private_path=jwks_file, read_only=read_only)
 
     args = {}
-
     if code:
         _add_passwd(kj, code, "code")
-        args["code_handler"] = init_token_handler(server_get, code, TTYPE["code"])
+        args["code_handler"] = init_token_handler(
+            server_get, code, TTYPE["code"]
+        )
 
     if token:
         _add_passwd(kj, token, "token")
-        args["access_token_handler"] = init_token_handler(server_get, token, TTYPE["token"])
+        args["access_token_handler"] = init_token_handler(
+            server_get, token, TTYPE["token"]
+        )
 
     if refresh is not None:
         _add_passwd(kj, refresh, "refresh")
-        args["refresh_token_handler"] = init_token_handler(server_get, refresh, TTYPE["refresh"])
+        args["refresh_token_handler"] = init_token_handler(
+            server_get, refresh, TTYPE["refresh"]
+        )
 
     return TokenHandler(**args)