diff options
author | Frederick Muriuki Muriithi | 2024-04-22 11:37:36 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2024-04-22 12:23:08 +0300 |
commit | 23de967334a5f7f2f2daa60884d550e5bd27767e (patch) | |
tree | 68f4b0724f581e56738524623777c5ce497e2ea3 /gn_auth/auth/authentication/oauth2 | |
parent | 115d98a1022dc57fee5895ac335c4aca9f7acdf5 (diff) | |
download | gn-auth-23de967334a5f7f2f2daa60884d550e5bd27767e.tar.gz |
Separate clients' keys from authorisation server's key
The authorisation server uses its key to sign any token it generates.
It uses the clients' public keys to validate any assertions it
receives from a client using the client's public key.
Diffstat (limited to 'gn_auth/auth/authentication/oauth2')
-rw-r--r-- | gn_auth/auth/authentication/oauth2/server.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/gn_auth/auth/authentication/oauth2/server.py b/gn_auth/auth/authentication/oauth2/server.py index db2a0d5..0669139 100644 --- a/gn_auth/auth/authentication/oauth2/server.py +++ b/gn_auth/auth/authentication/oauth2/server.py @@ -66,7 +66,7 @@ def setup_oauth2_server(app: Flask) -> None: server.register_grant(JWTBearerGrant) server.register_token_generator( "urn:ietf:params:oauth:grant-type:jwt-bearer", - JWTBearerTokenGenerator(app.config["JWT_PRIVATE_KEY"])) + JWTBearerTokenGenerator(app.config["SSL_PRIVATE_KEY"])) # register endpoints server.register_endpoint(RevocationEndpoint) @@ -82,4 +82,4 @@ def setup_oauth2_server(app: Flask) -> None: ## Set up the token validators require_oauth.register_token_validator(BearerTokenValidator()) require_oauth.register_token_validator( - JWTBearerTokenValidator(app.config["JWT_PUBLIC_KEY"])) + JWTBearerTokenValidator(app.config["SSL_PRIVATE_KEY"].get_public_key())) |