Moving stateless and encryption_key as part of the db_uri

smalihaider-daasi · smalihaider-daasi · commit 7da6992a2c67 · 2022-03-10T16:00:43.000+05:00
diff --git a/example/plugins/frontends/openid_connect_frontend.yaml.example b/example/plugins/frontends/openid_connect_frontend.yaml.example
@@ -3,8 +3,8 @@ name: OIDC
 config:
   signing_key_path: frontend.key
   signing_key_id: frontend.key1
-  db_uri: mongodb://db.example.com # optional: supports MongoDB, radis (e.g: redis://example/0), and stateless
-  # (e.g: stateless://user:encryptionkey?alg=aes256) storages. It will default to in-memory storage if not specified.
+  db_uri: mongodb://db.example.com # optional: supports MongoDB, radis (e.g: redis://example/0), and stateless (e.g:
+  # stateless://user:encryptionkey@localhost?alg=aes256) storages. It will default to in-memory storage if not specified.
   client_db_path: /path/to/your/cdb.json
   sub_hash_salt: randomSALTvalue # if not specified, it is randomly generated on every startup
   provider:
diff --git a/src/satosa/frontends/openid_connect.py b/src/satosa/frontends/openid_connect.py
@@ -87,7 +87,10 @@ def _create_provider(self, endpoint_baseurl):
                 cdb = json.loads(f.read())
         else:
             cdb = {}
-        self.user_db = MongoWrapper(db_uri, "satosa", "authz_codes") if db_uri else {}
+
+        self.user_db = MongoWrapper(db_uri, "satosa", "authz_codes") if db_uri and not StorageBase.type(
+            db_uri) == "stateless" else {}
+
         self.provider = Provider(
             self.signing_key,
             capabilities,
diff --git a/tests/flows/test_oidc-saml.py b/tests/flows/test_oidc-saml.py
@@ -77,9 +77,8 @@ def oidc_stateless_frontend_config(signing_key_path, client_db_path):
             "issuer": "https://proxy-op.example.com",
             "signing_key_path": signing_key_path,
             "client_db_path": client_db_path,
-            "encryption_key": "abc123",
+            "db_uri": "stateless://user:abc123@localhost",
             "provider": {
-                "stateless": True,
                 "response_types_supported": ["id_token", "code"]
             }
         }

Original file line number	Diff line number	Diff line change
`@@ -77,9 +77,8 @@ def oidc_stateless_frontend_config(signing_key_path, client_db_path):`
`77`	`77`	`"issuer": "https://proxy-op.example.com",`
`78`	`78`	`"signing_key_path": signing_key_path,`
`79`	`79`	`"client_db_path": client_db_path,`
`80`		`- "encryption_key": "abc123",`
	`80`	`+ "db_uri": "stateless://user:abc123@localhost",`
`81`	`81`	`"provider": {`
`82`		`- "stateless": True,`
`83`	`82`	`"response_types_supported": ["id_token", "code"]`
`84`	`83`	`}`
`85`	`84`	`}`