[message] Updated metadata

[appclient.__init__] Corrected argument to get_deserialization_method.
[entity.__init__] Unnecessary filtering removed. Based on using the metadata argument.
[entity.context] trust marks could be provided in kwargs
[appclient.oauth2/oidc.registration] corrected body types. Use common get_metadata method.
[tests] Fixed

src/fedservice/appclient/__init__.py

@@ -324,11 +324,11 @@ def parse_request_response(self, service, reqresp, response_body_type="", state=
 
         if reqresp.status_code in SUCCESSFUL:
             logger.debug(f'response_body_type: "{response_body_type}"')
-            _ctype = reqresp.headers.get("content-type")
-            _deser_method = get_deserialization_method(reqresp)
+            content_type = reqresp.headers.get("content-type")
+            _deser_method = get_deserialization_method(content_type)
 
-            if _ctype != response_body_type:
-                logger.warning(f"Not the body type I expected: {_ctype} != {response_body_type}")
+            if content_type != response_body_type:
+                logger.warning(f"Not the body type I expected: {content_type} != {response_body_type}")
             if _deser_method in ["json", "jwt", "urlencoded"]:
                 body_type = _deser_method
             else:
@@ -351,7 +351,7 @@ def parse_request_response(self, service, reqresp, response_body_type="", state=
             logger.error(f"Error response ({reqresp.status_code}): {reqresp.text}")
             # expecting an error response
             content_type = reqresp.headers.get("content-type")
-            _deser_method = get_deserialization_method(reqresp)
+            _deser_method = get_deserialization_method(content_type)
             if not content_type:
                 content_type = "application/json"
 

src/fedservice/appclient/oauth2/registration.py

@@ -26,8 +26,8 @@ class Registration(registration.Registration):
     response_cls = OauthClientInformationResponse
     endpoint_name = 'federation_registration_endpoint'
     error_cls = ResponseMessage
-    request_body_type = 'jose'
-    response_body_type = 'jose'
+    request_body_type = 'jwt'
+    response_body_type = 'jwt'
     content_type = "application/entity-statement+jwt"
     name = 'registration'
 
@@ -86,8 +86,7 @@ def create_entity_statement(self, request_args: Optional[dict] = None, **kwargs)
 
         _federation_entity = get_federation_entity(self)
         _combo = _federation_entity.upstream_get('unit')
-        metadata = self.registration_metadata(_combo, **kwargs)
-        # metadata = self.collect_metadata(_combo, **kwargs)
+        metadata = _combo.get_metadata()
 
         _keyjar = _federation_entity.get_attribute("keyjar")
         _authority_hints = _federation_entity.get_authority_hints()

src/fedservice/appclient/oidc/registration.py

@@ -20,8 +20,8 @@ class Registration(registration.Registration):
     msg_type = RegistrationRequest
     response_cls = RegistrationResponse
     endpoint_name = 'federation_registration_endpoint'
-    request_body_type = 'jose'
-    response_body_type = 'jose'
+    request_body_type = 'jwt'
+    response_body_type = 'jwt'
     name = 'registration'
 
     def __init__(self, upstream_get, conf=None, client_authn_factory=None, **kwargs):

src/fedservice/entity/__init__.py

@@ -157,16 +157,10 @@ def get_metadata(self, entity_type="federation_entity", *args):
         _context = self.get_context()
         _claims = _context.claims
 
-        metadata = _claims.get_server_metadata(endpoints=self.get_all_endpoints())
+        # The entity metadata for a Federation entity server
+        metadata = _claims.get_server_metadata(endpoints=self.get_all_endpoints(),
+                                               metadata_schema=message.FederationEntity)
 
-        # remove these from the metadata
-        for item in ["jwks", "jwks_uri", "signed_jwks_uri"]:
-            try:
-                del metadata[item]
-            except KeyError:
-                pass
-
-        # _issuer = getattr(self.server.context, "trust_mark_server", None)
         return {entity_type: metadata}
 
     def get_preferences(self):

src/fedservice/entity/context.py

@@ -119,7 +119,9 @@ def create_entity_statement(self, iss, sub, key_jar=None, metadata=None, metadat
         if not lifetime:
             lifetime = self.default_lifetime
 
-        _trust_marks = self.get_trust_marks()
+        _trust_marks = kwargs.get("trust_marks")
+        if not _trust_marks:
+            _trust_marks = self.get_trust_marks()
         if _trust_marks:
             kwargs["trust_marks"] = _trust_marks
 

src/fedservice/message.py

@@ -98,26 +98,14 @@ class FederationEntity(Message):
     """Class representing Federation Entity metadata."""
     c_param = {
         "federation_fetch_endpoint": SINGLE_REQUIRED_STRING,
-        "federation_fetch_auth_methods": OPTIONAL_LIST_OF_STRINGS,
-        "federation_fetch_auth_signing_algs": OPTIONAL_LIST_OF_STRINGS,
         "federation_list_endpoint": SINGLE_OPTIONAL_STRING,
-        "federation_list_auth_methods": OPTIONAL_LIST_OF_STRINGS,
-        "federation_list_auth_signing_algs": OPTIONAL_LIST_OF_STRINGS,
+        # "federation_registration_endpoint": SINGLE_OPTIONAL_STRING,  part of OP metadata
         "federation_resolve_endpoint": SINGLE_OPTIONAL_STRING,
-        "federation_resolve_auth_methods": OPTIONAL_LIST_OF_STRINGS,
-        "federation_resolve_auth_signing_algs": OPTIONAL_LIST_OF_STRINGS,
         "federation_trust_mark_status_endpoint": SINGLE_OPTIONAL_STRING,
-        "federation_trust_mark_status_auth_methods": OPTIONAL_LIST_OF_STRINGS,
-        "federation_trust_mark_status_auth_signing_algs": OPTIONAL_LIST_OF_STRINGS,
-        "federation_federation_trust_mark_list_endpoint":SINGLE_OPTIONAL_STRING,
-        "federation_trust_mark_list_auth_methods": OPTIONAL_LIST_OF_STRINGS,
-        "federation_trust_mark_list_auth_signing_algs": OPTIONAL_LIST_OF_STRINGS,
-        "federation_federation_trust_mark_endpoint": SINGLE_OPTIONAL_STRING,
-        "federation_trust_mark_auth_methods": OPTIONAL_LIST_OF_STRINGS,
-        "federation_trust_mark_auth_signing_algs": OPTIONAL_LIST_OF_STRINGS,
+        "federation_trust_mark_list_endpoint":SINGLE_OPTIONAL_STRING,
+        "federation_trust_mark_endpoint": SINGLE_OPTIONAL_STRING,
         "federation_historical_keys_endpoint":SINGLE_OPTIONAL_STRING,
-        "historical_keys_auth_methods": OPTIONAL_LIST_OF_STRINGS,
-        "historical_keys_auth_signing_algs": OPTIONAL_LIST_OF_STRINGS,
+        "endpoint_auth_signing_alg_values_supported": SINGLE_OPTIONAL_JSON,
         "name": SINGLE_OPTIONAL_STRING,
         "contacts": OPTIONAL_LIST_OF_STRINGS,
         "policy_url": SINGLE_OPTIONAL_STRING,

tests/test_06_claims.py

@@ -45,7 +45,8 @@ def test_supported(self):
                                               'trust_mark_issuers'}
 
         assert set(self.entity.context.claims.prefer.keys()) == {
-            "organization_name", "homepage_uri", "contacts", "jwks"
+            "organization_name", "homepage_uri", "contacts", "jwks", 'federation_fetch_endpoint',
+            'federation_list_endpoint'
         }
 
         assert self.entity.get_endpoint_claims() == {

tests/test_08_trust_mark.py

@@ -204,11 +204,7 @@ def test_metadata(self):
         assert "federation_entity" in _metadata
         assert set(_metadata["federation_entity"].keys()) == {'federation_resolve_endpoint',
                                                               'federation_trust_mark_endpoint',
-                                                              'federation_trust_mark_endpoint_auth_methods',
-                                                              'federation_trust_mark_endpoint_auth_signing_alg_values',
                                                               'federation_trust_mark_list_endpoint',
-                                                              'federation_trust_mark_list_endpoint_auth_methods',
                                                               'federation_trust_mark_status_endpoint',
-                                                              'federation_trust_mark_status_endpoint_auth_methods',
                                                               'organization_name'}
         assert _metadata["federation_entity"]["federation_trust_mark_endpoint"] == 'https://tmi.example.com/trust_mark'

tests/test_10_explicit_registration_oidc.py

@@ -224,8 +224,8 @@ def test_parse_registration_response(self):
 
         assert set(claims.keys()) == {'client_id',
                                       'client_id_issued_at',
-                                      'client_secret',
                                       'client_secret_expires_at',
+                                      'client_secret',
                                       'default_max_age',
                                       'grant_types',
                                       'id_token_signed_response_alg',

tests/test_40_fe.py

@@ -129,11 +129,7 @@ def test_server(self):
                                                                         'federation_trust_mark_list_endpoint',
                                                                         'federation_trust_mark_status_endpoint',
                                                                         'homepage_uri',
-                                                                        'organization_name',
-                                                                        'federation_trust_mark_status_endpoint_auth_methods',
-                                                                        'federation_trust_mark_endpoint_auth_signing_alg_values',
-                                                                        'federation_trust_mark_endpoint_auth_methods',
-                                                                        'federation_trust_mark_list_endpoint_auth_methods'
+                                                                        'organization_name'
                                                                         }
 
     def test_fetch(self):

tests/test_53_publish_assigned_trust_mark.py

@@ -1,3 +1,4 @@
+import json
 import os
 
 from cryptojwt.jws.jws import factory
@@ -18,7 +19,7 @@
 SUB_KEYJAR = init_key_jar(key_defs=KEYDEFS)
 BASE_PATH = os.path.abspath(os.path.dirname(__file__))
 
-TRUST_MARKS = open(os.path.join(BASE_PATH, "trust_marks.json")).read()
+TRUST_MARKS = json.loads(open(os.path.join(BASE_PATH, "trust_marks.json")).read())
 
 ENTITY_ID = "https://entity.example.org"
 RP_ID = "https://rp.example.org"

tests/test_70_trust_marks.py

@@ -213,10 +213,6 @@ def test_create_metadata(self):
         _metadata = self.trust_mark_issuer.get_metadata()
         assert set(_metadata.keys()) == {"federation_entity"}
         assert set(_metadata["federation_entity"].keys()) == {'federation_trust_mark_endpoint',
-                                                              'federation_trust_mark_endpoint_auth_methods',
-                                                              'federation_trust_mark_endpoint_auth_signing_alg_values',
                                                               'federation_trust_mark_list_endpoint',
-                                                              'federation_trust_mark_list_endpoint_auth_methods',
                                                               'federation_trust_mark_status_endpoint',
-                                                              'federation_trust_mark_status_endpoint_auth_methods',
                                                               'organization_name'}