diff options
-rw-r--r-- | gn_auth/auth/authentication/oauth2/models/oauth2client.py | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/gn_auth/auth/authentication/oauth2/models/oauth2client.py b/gn_auth/auth/authentication/oauth2/models/oauth2client.py index 0f40688..f48cbce 100644 --- a/gn_auth/auth/authentication/oauth2/models/oauth2client.py +++ b/gn_auth/auth/authentication/oauth2/models/oauth2client.py @@ -1,12 +1,14 @@ """OAuth2 Client model.""" import json import datetime +from pathlib import Path from uuid import UUID from dataclasses import dataclass from functools import cached_property from typing import Sequence, Optional +from authlib.jose import KeySet, JsonWebKey from authlib.oauth2.rfc6749 import ClientMixin from pymonad.maybe import Just, Maybe, Nothing @@ -55,6 +57,17 @@ class OAuth2Client(ClientMixin): """ return self.client_metadata.get("client_type", "public") + @cached_property + def jwks(self) -> KeySet: + """Return this client's KeySet.""" + def __parse_key__(keypath: Path) -> JsonWebKey:# pylint: disable=[unspecified-encoding] + with open(keypath) as _key: + return JsonWebKey.import_key(_key.read()) + + return KeySet([ + __parse_key__(Path(pth)) + for pth in self.client_metadata.get("public_keys", [])]) + def check_endpoint_auth_method(self, method: str, endpoint: str) -> bool: """ Check if the client supports the given method for the given endpoint. |