Added export_jwks method and then used it for key rollover in the ser…

…ver example.
CZ-NIC · Sep 25, 2015 · b32013d · b32013d
1 parent c44ef9a
commit b32013d
Showing 1 changed file with 9 additions and 1 deletion.
diff --git a/src/oic/utils/keyio.py b/src/oic/utils/keyio.py
@@ -623,6 +623,12 @@ def dump_issuer_keys(self, issuer):
 
         return res
 
+    def export_jwks(self):
+        keys = []
+        for kb in self.issuer_keys[""]:
+            keys.extend([k.serialize() for k in kb.keys()])
+        return {"keys": keys}
+
     def dump(self):
         res = {}
         for issuer in self.issuer_keys.keys():
@@ -868,7 +874,9 @@ def build_keyjar(key_conf, kid_template="a%d", keyjar=None, kidd=None):
 
     :param key_conf: The key configuration
     :param kid_template: A template by which to build the kids
-    :return: a JWKS
+    :return: a tuple consisting of a JWKS dictionary, a KeyJar instance
+        and a representation of which kids that can be used for what.
+        Note the JWKS contains private key information !!
     """
 
     if keyjar is None: