From aeff851ee6a37fe26f36c395a43bc4bfbd69c5e5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20P=C3=A9ters?= <fpeters@entrouvert.com>
Date: Tue, 14 Aug 2018 14:48:21 +0200
Subject: [PATCH] settings loaders: provide A2_IDP_OIDC_JWKSET to authentic
 (#25686)

---
 hobo/multitenant/settings_loaders.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/hobo/multitenant/settings_loaders.py b/hobo/multitenant/settings_loaders.py
index f74acad..4ebb4d3 100644
--- a/hobo/multitenant/settings_loaders.py
+++ b/hobo/multitenant/settings_loaders.py
@@ -214,6 +214,10 @@ class Authentic(FileBaseSettingsLoader):
             tenant_settings.A2_IDP_SAML2_ENABLE = True
             tenant_settings.A2_IDP_SAML2_SIGNATURE_PUBLIC_KEY = open(saml_crt).read()
             tenant_settings.A2_IDP_SAML2_SIGNATURE_PRIVATE_KEY = open(saml_key).read()
+            if not getattr(tenant_settings, 'A2_IDP_OIDC_JWKSET', None):
+                from jwcrypto import jwk
+                tenant_settings.A2_IDP_OIDC_JWKSET = jwk.JWK.from_pem(
+                        tenant_settings.A2_IDP_SAML2_SIGNATURE_PRIVATE_KEY).export()
         else:
             tenant_settings.A2_IDP_SAML2_ENABLE = False
 
-- 
2.18.0