fix: trust chain serialization and resolve example

italia · Feb 21, 2024 · 8746747 · 8746747
1 parent 5355473
commit 8746747
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 5 deletions.
diff --git a/spid_cie_oidc/__init__.py b/spid_cie_oidc/__init__.py
@@ -1 +1 @@
-__version__ = "1.3.1"
+__version__ = "1.3.2"
diff --git a/spid_cie_oidc/authority/tests/test_02_trust_anchor_intermediary.py b/spid_cie_oidc/authority/tests/test_02_trust_anchor_intermediary.py
@@ -2,7 +2,7 @@
 from django.urls import reverse
 
 from spid_cie_oidc.entity.exceptions import InvalidRequiredTrustMark
-from spid_cie_oidc.entity.jwtse import verify_jws
+from spid_cie_oidc.entity.jwtse import verify_jws, unpad_jwt_payload
 from spid_cie_oidc.entity.models import *
 
 from spid_cie_oidc.entity.trust_chain_operations import (
@@ -132,6 +132,15 @@ def test_trust_chain_valid_with_intermediary(self, mocked):
         self.assertTrue(len(trust_chain.trust_path) == 3)
         self.assertTrue((len(trust_chain.trust_path) - 2) == trust_chain.max_path_len)
 
+        tc_ser = trust_chain.serialize()
+        _p0 = unpad_jwt_payload(tc_ser[0])
+        _p1 = unpad_jwt_payload(tc_ser[1])
+        _p2 = unpad_jwt_payload(tc_ser[2])
+
+        self.assertEqual(_p0['iss'], _p0['sub'])
+        self.assertNotEqual(_p2['iss'], _p1['sub'])
+        self.assertEqual(_p2['iss'], _p2['sub'])
+
         dumps = dumps_statements_from_trust_chain_to_db(trust_chain)
 
         self.assertTrue(isinstance(dumps, list) and len(dumps) == 5)

diff --git a/spid_cie_oidc/entity/models.py b/spid_cie_oidc/entity/models.py
@@ -398,8 +398,6 @@ def exp_as_timestamp(self):
     def is_valid(self):
         return self.is_active and ENTITY_STATUS[self.status]
 
-    # TODO: property is_expired
-
     def __str__(self):
         return "{} [{}] [{}]".format(
             self.sub, self.trust_anchor, self.is_valid

diff --git a/spid_cie_oidc/entity/trust_chain.py b/spid_cie_oidc/entity/trust_chain.py
@@ -271,11 +271,13 @@ def serialize(self):
             if not isinstance(self.trust_anchor, str):
                 if (self.subject == stat.sub == stat.iss):
                     res.append(stat.jwt)
+                    continue
                 elif (self.trust_anchor.sub == stat.sub == stat.iss):
                     ta_ec = stat.jwt
+                    continue
 
             if stat.verified_descendant_statements:
-                res.append(
+                res.extend(
                     # [dict(i) for i in stat.verified_descendant_statements.values()]
                     [i for i in stat.verified_descendant_statements_as_jwt.values()]
                 )