aboutsummaryrefslogtreecommitdiff
path: root/gn_auth/auth/authentication/oauth2
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2024-04-22 11:37:36 +0300
committerFrederick Muriuki Muriithi2024-04-22 12:23:08 +0300
commit23de967334a5f7f2f2daa60884d550e5bd27767e (patch)
tree68f4b0724f581e56738524623777c5ce497e2ea3 /gn_auth/auth/authentication/oauth2
parent115d98a1022dc57fee5895ac335c4aca9f7acdf5 (diff)
downloadgn-auth-23de967334a5f7f2f2daa60884d550e5bd27767e.tar.gz
Separate clients' keys from authorisation server's key
The authorisation server uses its key to sign any token it generates. It uses the clients' public keys to validate any assertions it receives from a client using the client's public key.
Diffstat (limited to 'gn_auth/auth/authentication/oauth2')
-rw-r--r--gn_auth/auth/authentication/oauth2/server.py4
1 files changed, 2 insertions, 2 deletions
diff --git a/gn_auth/auth/authentication/oauth2/server.py b/gn_auth/auth/authentication/oauth2/server.py
index db2a0d5..0669139 100644
--- a/gn_auth/auth/authentication/oauth2/server.py
+++ b/gn_auth/auth/authentication/oauth2/server.py
@@ -66,7 +66,7 @@ def setup_oauth2_server(app: Flask) -> None:
server.register_grant(JWTBearerGrant)
server.register_token_generator(
"urn:ietf:params:oauth:grant-type:jwt-bearer",
- JWTBearerTokenGenerator(app.config["JWT_PRIVATE_KEY"]))
+ JWTBearerTokenGenerator(app.config["SSL_PRIVATE_KEY"]))
# register endpoints
server.register_endpoint(RevocationEndpoint)
@@ -82,4 +82,4 @@ def setup_oauth2_server(app: Flask) -> None:
## Set up the token validators
require_oauth.register_token_validator(BearerTokenValidator())
require_oauth.register_token_validator(
- JWTBearerTokenValidator(app.config["JWT_PUBLIC_KEY"]))
+ JWTBearerTokenValidator(app.config["SSL_PRIVATE_KEY"].get_public_key()))