IdentityPython · rohe · Mar 21, 2021 · Mar 20, 2021 · Mar 20, 2021 · Mar 20, 2021
diff --git a/pyproject.toml b/pyproject.toml
@@ -22,7 +22,7 @@ exclude_lines = [
 
 [tool.poetry]
 name = "cryptojwt"
-version = "1.4.1"
+version = "1.5.0"
 description = "Python implementation of JWT, JWE, JWS and JWK"
 authors = ["Roland Hedberg <roland@catalogix.se>"]
 license = "Apache-2.0"

diff --git a/src/cryptojwt/key_bundle.py b/src/cryptojwt/key_bundle.py
@@ -6,6 +6,8 @@
 import time
 from datetime import datetime
 from functools import cmp_to_key
+from typing import List
+from typing import Optional
 
 import requests
 
@@ -24,7 +26,6 @@
 from .jwk.jwk import dump_jwk
 from .jwk.jwk import import_jwk
 from .jwk.rsa import RSAKey
-from .jwk.rsa import import_private_rsa_key_from_file
 from .jwk.rsa import new_rsa_key
 from .utils import as_unicode
 
@@ -189,22 +190,22 @@ def __init__(
         """
 
         self._keys = []
-        self.remote = False
-        self.local = False
         self.cache_time = cache_time
-        self.ignore_errors_period = ignore_errors_period
-        self.ignore_errors_until = None  # UNIX timestamp of last error
-        self.time_out = 0
         self.etag = ""
-        self.source = None
         self.fileformat = fileformat.lower()
+        self.ignore_errors_period = ignore_errors_period
+        self.ignore_errors_until = None  # UNIX timestamp of last error
+        self.ignore_invalid_keys = ignore_invalid_keys
+        self.imp_jwks = None
         self.keytype = keytype
         self.keyusage = keyusage
-        self.imp_jwks = None
-        self.last_updated = 0
-        self.last_remote = None  # HTTP Date of last remote update
         self.last_local = None  # UNIX timestamp of last local update
-        self.ignore_invalid_keys = ignore_invalid_keys
+        self.last_remote = None  # HTTP Date of last remote update
+        self.last_updated = 0
+        self.local = False
+        self.remote = False
+        self.source = None
+        self.time_out = 0
 
         if httpc:
             self.httpc = httpc
@@ -751,7 +752,7 @@ def difference(self, bundle):
 
         return [k for k in self._keys if k not in bundle]
 
-    def dump(self):
+    def dump(self, exclude_attribute: Optional[List[str]] = None):
         _keys = []
         for _k in self._keys:
             _ser = _k.to_dict()
@@ -761,38 +762,76 @@ def dump(self):
 
         res = {
             "keys": _keys,
+            "cache_time": self.cache_time,
+            "etag": self.etag,
             "fileformat": self.fileformat,
-            "last_updated": self.last_updated,
-            "last_remote": self.last_remote,
-            "last_local": self.last_local,
             "httpc_params": self.httpc_params,
-            "remote": self.remote,
-            "local": self.local,
+            "ignore_errors_period": self.ignore_errors_period,
+            "ignore_errors_until": self.ignore_errors_until,
+            "ignore_invalid_keys": self.ignore_invalid_keys,
             "imp_jwks": self.imp_jwks,
+            "keytype": self.keytype,
+            "keyusage": self.keyusage,
+            "last_local": self.last_local,
+            "last_remote": self.last_remote,
+            "last_updated": self.last_updated,
+            "local": self.local,
+            "remote": self.remote,
             "time_out": self.time_out,
-            "cache_time": self.cache_time,
         }
 
         if self.source:
             res["source"] = self.source
 
+        if exclude_attribute:
+            for attr in exclude_attribute:
+                del res[attr]
+
         return res
 
     def load(self, spec):
         _keys = spec.get("keys", [])
         if _keys:
             self.do_keys(_keys)
-        self.source = spec.get("source", None)
+        self.cache_time = spec.get("cache_time", 0)
+        self.etag = spec.get("etag", "")
         self.fileformat = spec.get("fileformat", "jwks")
-        self.last_updated = spec.get("last_updated", 0)
-        self.last_remote = spec.get("last_remote", None)
+        self.httpc_params = spec.get("httpc_params", {})
+        self.ignore_errors_period = spec.get("ignore_errors_period", 0)
+        self.ignore_errors_until = spec.get("ignore_errors_until", None)
+        self.ignore_invalid_keys = spec.get("ignore_invalid_keys", True)
+        self.imp_jwks = spec.get("imp_jwks", None)
+        self.keytype = (spec.get("keytype", "RSA"),)
+        self.keyusage = (spec.get("keyusage", None),)
         self.last_local = spec.get("last_local", None)
-        self.remote = spec.get("remote", False)
+        self.last_remote = spec.get("last_remote", None)
+        self.last_updated = spec.get("last_updated", 0)
         self.local = spec.get("local", False)
-        self.imp_jwks = spec.get("imp_jwks", None)
+        self.remote = spec.get("remote", False)
+        self.source = spec.get("source", None)
         self.time_out = spec.get("time_out", 0)
-        self.cache_time = spec.get("cache_time", 0)
-        self.httpc_params = spec.get("httpc_params", {})
+        return self
+
+    def flush(self):
+        self._keys = []
+        self.cache_time = (300,)
+        self.etag = ""
+        self.fileformat = "jwks"
+        # self.httpc=None,
+        self.httpc_params = (None,)
+        self.ignore_errors_period = 0
+        self.ignore_errors_until = None
+        self.ignore_invalid_keys = True
+        self.imp_jwks = None
+        self.keytype = ("RSA",)
+        self.keyusage = (None,)
+        self.last_local = None  # UNIX timestamp of last local update
+        self.last_remote = None  # HTTP Date of last remote update
+        self.last_updated = 0
+        self.local = False
+        self.remote = False
+        self.source = None
+        self.time_out = 0
         return self
 
 
@@ -1246,3 +1285,19 @@ def init_key(filename, type, kid="", **kwargs):
     _new_key = key_gen(type, kid=kid, **kwargs)
     dump_jwk(filename, _new_key)
     return _new_key
+
+
+def key_by_alg(alg: str):
+    if alg.startswith("RS"):
+        return key_gen("RSA", alg="RS256")
+    elif alg.startswith("ES"):
+        if alg == "ES256":
+            return key_gen("EC", crv="P-256")
+        elif alg == "ES384":
+            return key_gen("EC", crv="P-384")
+        elif alg == "ES512":
+            return key_gen("EC", crv="P-521")
+    elif alg.startswith("HS"):
+        return key_gen("sym")
+
+    raise ValueError("Don't know who to create a key to use with '{}'".format(alg))
diff --git a/src/cryptojwt/key_issuer.py b/src/cryptojwt/key_issuer.py
@@ -1,6 +1,8 @@
 import json
 import logging
 import os
+from typing import List
+from typing import Optional
 
 from requests import request
 
@@ -350,16 +352,17 @@ def __len__(self):
             nr += len(kb)
         return nr
 
-    def dump(self, exclude=None):
+    def dump(self, exclude_attribute: Optional[List[str]] = None) -> dict:
         """
         Returns the content as a dictionary.
 
+        :param exclude_attribute: List of attribute names for objects that should be ignored.
         :return: A dictionary
         """
 
         _bundles = []
         for kb in self._bundles:
-            _bundles.append(kb.dump())
+            _bundles.append(kb.dump(exclude_attribute=exclude_attribute))
 
         info = {
             "name": self.name,
@@ -370,12 +373,18 @@ def dump(self, exclude=None):
             "remove_after": self.remove_after,
             "httpc_params": self.httpc_params,
         }
+
+        # remove after the fact
+        if exclude_attribute:
+            for attr in exclude_attribute:
+                del info[attr]
+
         return info
 
     def load(self, info):
         """
 
-        :param items: A list with the information
+        :param items: A dictionary with the information to load
         :return:
         """
         self.name = info["name"]
@@ -387,6 +396,18 @@ def load(self, info):
         self._bundles = [KeyBundle().load(val) for val in info["bundles"]]
         return self
 
+    def flush(self):
+        self.ca_certs = (None,)
+        self.keybundle_cls = (KeyBundle,)
+        self.remove_after = (3600,)
+        self.httpc = (None,)
+        self.httpc_params = (None,)
+        self.name = ""
+        self.spec2key = None
+        self.remove_after = 0
+        self._bundles = []
+        return self
+
     def update(self):
         for kb in self._bundles:
             kb.update()