Separate clients' keys from authorisation server's key

The authorisation server uses its key to sign any token it generates. It uses the clients' public keys to validate any assertions it receives from a client using the client's public key.
author: Frederick Muriuki Muriithi 2024-04-22 11:37:36 +0300
committer: Frederick Muriuki Muriithi 2024-04-22 12:23:08 +0300
commit: 23de967334a5f7f2f2daa60884d550e5bd27767e (patch)
tree: 68f4b0724f581e56738524623777c5ce497e2ea3 /gn_auth/settings.py
parent: 115d98a1022dc57fee5895ac335c4aca9f7acdf5 (diff)
download: gn-auth-23de967334a5f7f2f2daa60884d550e5bd27767e.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/gn_auth/settings.py b/gn_auth/settings.py
index 59f3eec..489f72d 100644
--- a/gn_auth/settings.py
+++ b/gn_auth/settings.py
@@ -29,6 +29,6 @@ CORS_HEADERS = [
     "Access-Control-Allow-Credentials"
 ]
 
-# OpenSSL Key-Pair
-SSL_KEY_PAIR_PRIVATE_KEY = ""
-SSL_KEY_PAIR_PUBLIC_KEY = ""
+# OpenSSL keys
+CLIENTS_SSL_PUBLIC_KEYS_DIR = "" # keys from registered clients
+SSL_PRIVATE_KEY = "" # authorisation server primary key
author	Frederick Muriuki Muriithi	2024-04-22 11:37:36 +0300
committer	Frederick Muriuki Muriithi	2024-04-22 12:23:08 +0300
commit	23de967334a5f7f2f2daa60884d550e5bd27767e (patch)
tree	68f4b0724f581e56738524623777c5ce497e2ea3 /gn_auth/settings.py
parent	115d98a1022dc57fee5895ac335c4aca9f7acdf5 (diff)
download	gn-auth-23de967334a5f7f2f2daa60884d550e5bd27767e.tar.gz