Allow alg == "none"

Author: rohe

src/oidcrp/oidc/authorization.py

@@ -158,6 +158,9 @@ def construct_request_parameter(self, req, request_param, audience=None, expires
         if "keys" not in kwargs and alg and alg != "none":
             kwargs["keys"] = _context.keyjar
 
+        if alg == "none":
+            kwargs["keys"] = []
+
         _srv_cntx = _context
 
         # This is the issuer of the JWT, that is me !

src/oidcrp/rp_handler.py

@@ -277,7 +277,7 @@ def do_client_registration(self, client=None,
                 _context.set('callbacks', callbacks)
 
             _params = RegistrationRequest().parameters()
-            request_args = {k:v for k, v in behaviour_args.items() if k in _params}
+            request_args = {k: v for k, v in behaviour_args.items() if k in _params}
             load_registration_response(client, request_args=request_args)
 
     def add_callbacks(self, service_context):
@@ -618,10 +618,12 @@ def userinfo_in_id_token(id_token):
         res.update(id_token.extra())
         return res
 
-    def finalize_auth(self, client, issuer, response):
+    def finalize_auth(self, client, issuer: str, response: dict,
+                      behaviour_args: Optional[dict] = None):
         """
         Given the response returned to the redirect_uri, parse and verify it.
 
+        :param behaviour_args: For fine tuning behaviour
         :param client: A Client instance
         :param issuer: An Issuer ID
         :param response: The authorization response as a dictionary