aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gn_auth/auth/authentication/oauth2/models/oauth2client.py13
1 files changed, 13 insertions, 0 deletions
diff --git a/gn_auth/auth/authentication/oauth2/models/oauth2client.py b/gn_auth/auth/authentication/oauth2/models/oauth2client.py
index 0f40688..f48cbce 100644
--- a/gn_auth/auth/authentication/oauth2/models/oauth2client.py
+++ b/gn_auth/auth/authentication/oauth2/models/oauth2client.py
@@ -1,12 +1,14 @@
"""OAuth2 Client model."""
import json
import datetime
+from pathlib import Path
from uuid import UUID
from dataclasses import dataclass
from functools import cached_property
from typing import Sequence, Optional
+from authlib.jose import KeySet, JsonWebKey
from authlib.oauth2.rfc6749 import ClientMixin
from pymonad.maybe import Just, Maybe, Nothing
@@ -55,6 +57,17 @@ class OAuth2Client(ClientMixin):
"""
return self.client_metadata.get("client_type", "public")
+ @cached_property
+ def jwks(self) -> KeySet:
+ """Return this client's KeySet."""
+ def __parse_key__(keypath: Path) -> JsonWebKey:# pylint: disable=[unspecified-encoding]
+ with open(keypath) as _key:
+ return JsonWebKey.import_key(_key.read())
+
+ return KeySet([
+ __parse_key__(Path(pth))
+ for pth in self.client_metadata.get("public_keys", [])])
+
def check_endpoint_auth_method(self, method: str, endpoint: str) -> bool:
"""
Check if the client supports the given method for the given endpoint.