Introduce a new endpoint, /jwks, which returns a JSON Web Key Set (JWKS).
This set of public crypto keys will be used by external parties to encrypt
data intended for our backend. In the context of the resource server, this key
will be used by the authorization server to encrypt the introspection response.
The current implementation exposes a single public key, with the private key
configurable in the app settings. The private key is represented as a string.
For enhanced security, we might prefer to store this data in a .pem file
excluded from version control.
A few parameters for this key, such as its type and encoding, are configurable
in the settings.
A critique of the current design is its lack of extensibility.
If we decide to offer more than one encryption method, this view will require
refactoring.
Additionally, the current implementation is tightly coupled with joserfc.
This lays the foundation for further improvements.
Please note, this endpoint only public components of the key, there is no
chance for any secret leaking.
We will add a JWKs endpoint to the application
and manipulate signed/encrypted Json Web Token (JWT).
Project lacks tooling for JSON Object Signing and Encryption (JOSE)
manipulations. After a quick benchmark, 'joserfc' has been chosen
as the dependency to add.
joserfc is a Python library that provides a comprehensive
implementation of several essential JOSE standards.
Please find the benchmark:
- Cryptography: Although using only cryptography is feasible, its
interface/API is not as user-friendly.
- pyjwt: While pyjwt is popular, it lacks support for JWK and JWE objects,
which are essential for the requirements.
- python-jose: The latest release of python-jose was in 2021, and the
project seems less active compared to other alternatives.
- Authlib: Authlib is the second most popular library after pyjwt and seems
modern with an active community. However, the parts relevant to the use case
were extracted into a relatively new package named joserfc.
- joserfc: Although joserfc has fewer stars compared to Authlib, it was
extracted from Authlib, which has more than 4k stars, indicating a solid
foundation.
While the low star count of joserfc might raise concerns about its stability, it
is believed to be worth considering its addition. Adding Authlib and refactoring
later, once they finish migrating to joserfc, is also a possibility
Upgrading Django to 5.1 created a severe issue, breaking
mail template-associated features.
The issue originated from the third party 'easy_thumbnail'.
Please refer to the issue #641 on Django's repo. This is
the suggested workaround by @Miketsukami.
We previously accepted '+' as a special caracter during mailbox creation.
We now remove it, as this caracter has a very special meaning and it wouldn't
make sense to create a mail using it.
Latest dimail modification lead to a bug in our app, preventing mailbox creation
from working properly. I swapped old dimail url to new one, mirrored dimail
modification and fixed tests and tada!
By making this email address invariant, we remove failures due to FactoryBoy's
random address being considered as a match to our test query
(and hence returning unexpected number of matches).
- manage 403 returned by dimail API when mail domain secret is not valid
- improve some tests
- improve MailboxFactory to mock success for dimail API POST call
- override 403.html to return a nice failing error in django admin
- an error message is displayed on mailbox creation form of frontend
We want people to create new mailboxes in La Régie.
This commit adds integration with intermediary dimail-api,
which will in turn send our email creation request to Open-Xchange.
Rename member role to viewer role for MailDomainAccess.
A viewer is only allowed to see list of mailboxes
created for a domain. It makes more sense to name it viewer.
mozilla-django-oidc didn't add the `https`
prefix to the redirect_uri.
We set the option SECURE_PROXY_SSL_HEADER to
('HTTP_X_FORWARDED_PROTO', 'https') in the
settings.py file to force the https prefix.
Pylint 3.2.0 introduced a new check `possibly-used-before-assignment`, which
ensures variables are defined regardless of conditional statements.
Some if/else branches were missing defaults. These have been fixed.
