From e9a1a18ba3babd5b5a5194f06f2003e82abe884a Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 1 Oct 2020 20:01:45 +0200 Subject: [PATCH] providers/oauth2: ensure that when rs256 is selected, a certificate key pair is selected --- passbook/providers/oauth2/forms.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/passbook/providers/oauth2/forms.py b/passbook/providers/oauth2/forms.py index 2b7e6f033..1bd5e257f 100644 --- a/passbook/providers/oauth2/forms.py +++ b/passbook/providers/oauth2/forms.py @@ -1,6 +1,7 @@ """passbook OAuth2 Provider Forms""" from django import forms +from django.core.exceptions import ValidationError from django.utils.translation import gettext as _ from passbook.admin.fields import CodeMirrorWidget @@ -29,6 +30,14 @@ class OAuth2ProviderForm(forms.ModelForm): ) self.fields["property_mappings"].queryset = ScopeMapping.objects.all() + def clean_jwt_alg(self): + """Ensure that when RS256 is selected, a certificate-key-pair is selected""" + if "rsa_key" not in self.cleaned_data: + raise ValidationError( + _("RS256 requires a Certificate-Key-Pair to be selected.") + ) + return self.cleaned_data["jwt_alg"] + class Meta: model = OAuth2Provider fields = [