2222from botocore .config import Config
2323from botocore .errorfactory import ClientError
2424from cryptography .fernet import Fernet
25- from joserfc .jwk import KeySet , KeySetSerialization , RSAKey
25+ from joserfc .jwk import KeySet , KeySetSerialization
2626from pydantic import (
27- AliasChoices ,
2827 AnyUrl ,
2928 BeforeValidator ,
3029 Field ,
@@ -88,19 +87,8 @@ def _maybe_load_keys_from_file(value: Any) -> Any:
8887 raise ValueError ("Only file:// URLs are supported" )
8988 if url .path is None :
9089 raise ValueError ("No path specified" )
91- value = Path (url .path ).read_text ()
92-
93- if isinstance (value , str ) and value .strip ().startswith ("-----BEGIN" ):
94- return json .dumps (
95- KeySet (
96- keys = [
97- RSAKey .import_key (
98- value , # type: ignore
99- parameters = {"key_ops" : ["sign" , "verify" ], "alg" : "RS256" }, # type: ignore
100- )
101- ]
102- ).as_dict (private = True )
103- )
90+ return Path (url .path ).read_text ()
91+
10492 return value
10593
10694
@@ -158,9 +146,7 @@ def create(cls) -> Self:
158146class AuthSettings (ServiceSettingsBase ):
159147 """Settings for the authentication service."""
160148
161- model_config = SettingsConfigDict (
162- env_prefix = "DIRACX_SERVICE_AUTH_" , validate_by_name = True
163- )
149+ model_config = SettingsConfigDict (env_prefix = "DIRACX_SERVICE_AUTH_" )
164150
165151 dirac_client_id : str = "myDIRACClientID"
166152 # TODO: This should be taken dynamically
@@ -173,13 +159,7 @@ class AuthSettings(ServiceSettingsBase):
173159 state_key : FernetKey
174160
175161 token_issuer : str
176- token_keystore : TokenSigningKeyStore = Field (
177- validation_alias = AliasChoices (
178- "token_keystore" ,
179- "DIRACX_SERVICE_AUTH_TOKEN_KEYSTORE" ,
180- "DIRACX_SERVICE_AUTH_TOKEN_KEY" ,
181- )
182- )
162+ token_keystore : TokenSigningKeyStore
183163 token_allowed_algorithms : list [str ] = ["RS256" , "EdDSA" ] # noqa: S105
184164 access_token_expire_minutes : int = 20
185165 refresh_token_expire_minutes : int = 60
0 commit comments