crypto: fallback when no SAN values are given

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens Langhammer 2023-01-18 19:40:24 +01:00
parent e390f5b2d1
commit a302a72379
No known key found for this signature in database
2 changed files with 11 additions and 9 deletions

View file

@ -58,7 +58,7 @@ class CertificateBuilder:
self.__private_key = self.generate_private_key()
self.__public_key = self.__private_key.public_key()
alt_names: list[x509.GeneralName] = []
for alt_name in subject_alt_names:
for alt_name in subject_alt_names or []:
if alt_name.strip() != "":
alt_names.append(x509.DNSName(alt_name))
self.__builder = (

View file

@ -96,14 +96,16 @@ class JWKSView(View):
else:
return key_data
key_data["x5c"] = [b64encode(key.certificate.public_bytes(Encoding.DER)).decode("utf-8")]
key_data["x5t"] = urlsafe_b64encode(
key.certificate.fingerprint(hashes.SHA1())
).decode( # nosec
"utf-8"
).rstrip("=")
key_data["x5t#S256"] = urlsafe_b64encode(
key.certificate.fingerprint(hashes.SHA256())
).decode("utf-8").rstrip("=")
key_data["x5t"] = (
urlsafe_b64encode(key.certificate.fingerprint(hashes.SHA1())) # nosec
.decode("utf-8")
.rstrip("=")
)
key_data["x5t#S256"] = (
urlsafe_b64encode(key.certificate.fingerprint(hashes.SHA256()))
.decode("utf-8")
.rstrip("=")
)
return key_data
def get(self, request: HttpRequest, application_slug: str) -> HttpResponse: