providers/oauth2: ensure that when rs256 is selected, a certificate key pair is selected

2020-10-01 20:01:45 +02:00 · 2020-10-01 20:01:45 +02:00 · e9a1a18ba3
parent 6cd9edd38a
commit e9a1a18ba3
1 changed files with 9 additions and 0 deletions
--- a/passbook/providers/oauth2/forms.py
+++ b/passbook/providers/oauth2/forms.py
@ -1,6 +1,7 @@
 """passbook OAuth2 Provider Forms"""

 from django import forms
+from django.core.exceptions import ValidationError
 from django.utils.translation import gettext as _

 from passbook.admin.fields import CodeMirrorWidget
@ -29,6 +30,14 @@ class OAuth2ProviderForm(forms.ModelForm):
        )
        self.fields["property_mappings"].queryset = ScopeMapping.objects.all()

+    def clean_jwt_alg(self):
+        """Ensure that when RS256 is selected, a certificate-key-pair is selected"""
+        if "rsa_key" not in self.cleaned_data:
+            raise ValidationError(
+                _("RS256 requires a Certificate-Key-Pair to be selected.")
+            )
+        return self.cleaned_data["jwt_alg"]
+
    class Meta:
        model = OAuth2Provider
        fields = [