Skip to content
This repository was archived by the owner on Jun 12, 2021. It is now read-only.

cookie dealer#24

Merged
rohe merged 3 commits intoIdentityPython:masterfrom
peppelinux:master
Dec 7, 2019
Merged

cookie dealer#24
rohe merged 3 commits intoIdentityPython:masterfrom
peppelinux:master

Conversation

@peppelinux
Copy link
Copy Markdown
Member

@peppelinux peppelinux commented Dec 6, 2019

just implemented a way to handle properly an old kind of configuration with static cookie definitions

It works with this:

    cookie_dealer:
      class: oidcendpoint.cookie.CookieDealer
      kwargs:
        sign_jwk:
          filename: data/oidc_op/private/cookie_sign_jwk.json
          sign_alg: 'SHA256'
          type: OCT
          kid: cookie_sign_key_id
        enc_jwk:
          ## otherwise do it yourself: jwkgen --kty SYM > data/oidc_op/private/cookie_enc_jwk.json
          filename: 'data/oidc_op/private/cookie_enc_jwk.json'
          type: OCT
          kid: cookie_enc_key_id

ans also with this

    cookie_dealer:
      class: oidcendpoint.cookie.CookieDealer
      kwargs:
        ## the manual one here...
        sign_jwk: data/oidc_op/private/cookie_sign_jwk.json
        sign_alg: 'SHA256'

        # ## jwkgen --kty SYM > data/oidc_op/private/cookie_enc_jwk.json
        enc_jwk: 'data/oidc_op/private/cookie_enc_jwk.json'

@peppelinux
cookie dealer auto builder
4b2ad89 
in oidc-op conf.yaml get to work this configuration

````
    cookie_dealer:
      class: oidcendpoint.cookie.CookieDealer
      kwargs:
        # these should be updated...
        sign_jwk:
          filename: data/oidc_op/private/cookie_sign_jwk.json
          sign_alg: 'SHA256'
          type: OCT
          kid: cookie_sign_key_id
        enc_jwk:
          ## otherwise do it yourself: jwkgen --kty SYM > data/oidc_op/private/cookie_enc_jwk.json
          filename: 'data/oidc_op/private/cookie_enc_jwk.json'
          type: OCT
          kid: cookie_enc_key_id

        default_values:
            name: oidc_op
            domain: *base_url
            path: /
            max_age: 3600
````
@peppelinux
endpoint cookie backcompatibile with static definitions
6eb6342
@peppelinux
Merge branch 'IdentityPython-master'
0ae8b88
@rohe rohe merged commit 7b3849f into IdentityPython:master Dec 7, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@peppelinux @rohe