Function for reading http client arguments from configuration.

rohe · rohe · commit d288d647b23b · 2020-02-11T11:55:01.000+01:00
diff --git a/src/oidcendpoint/endpoint_context.py b/src/oidcendpoint/endpoint_context.py
@@ -19,6 +19,7 @@
 from oidcendpoint.user_authn.authn_context import populate_authn_broker
 from oidcendpoint.user_info import SCOPE2CLAIMS
 from oidcendpoint.util import build_endpoints
+from oidcendpoint.util import get_http_params
 from oidcendpoint.util import importer
 
 logger = logging.getLogger(__name__)
@@ -232,15 +233,11 @@ def __init__(
         self.registration_access_token = {}
 
         # The HTTP clients request arguments
-        _verify = conf.get('verify_ssl', True)
-        self.httpc_params= {'verify': _verify}
-
-        _cli_cert = conf.get("client_cert")
-        _cli_key = conf.get("client_key")
-        if _cli_cert and _cli_key:
-            self.httpc_params["cert"] = (_cli_cert, _cli_key)
-        elif _cli_cert:  # The file contains both the certificate and the key
-            self.httpc_params["cert"] = _cli_cert
+        _cnf = conf.get("http_params")
+        if _cnf:
+            self.httpc_params= get_http_params(_cnf)
+        else: # Backward compatibility
+            self.httpc_params = {"verify": conf.get("verify_ssl")}
 
     def set_session_db(self, sso_db=None, db=None):
         sso_db = sso_db or SSODb()
diff --git a/src/oidcendpoint/util.py b/src/oidcendpoint/util.py
@@ -130,3 +130,17 @@ def lv_unpack(txt):
         res.append(v[: int(l)])
         txt = v[int(l) :]
     return res
+
+
+def get_http_params(config):
+    params = {"verify": config.get('verify_ssl')}
+    _cert = config.get('client_cert')
+    _key = config.get('client_key')
+    if _cert:
+        if _key:
+            params['cert'] = (_cert, _key)
+        else:
+            params['cert'] = _cert
+
+    return params
+
