Make local issuer credmon smarter about private key types/errors

Description

The local issuer credmon (in the OAuth credmon library) expects the private key it's given to use the EC256 algorithm. If an admin's private key used a different algorithm, the corresponding error message in OAuthCredmonLog is an incredibly cryptic (paraphrasing) "Wrong number of arguments" error. Two easy improvements:

1. Inspect the private key string to detect if it used something other than an elliptic curve (probably RSA since that's the default the scitokens private key generator tool).
2. Catch the specific "Wrong number of arguments" error that comes from the python-jwt library and instead spit out something more useful in the credmon log.

Activity

Show:
Jason Patton
March 15, 2021, 5:36 PM

Good catch, I remember asking about committing to 8.9.12 but I forgot to update the ticket!

Zach Miller
March 15, 2021, 3:15 PM

CODE REVIEW: Looks good.

Zach Miller
March 15, 2021, 3:12 PM
Edited

I think this made it into 8.9.12 so I updated the “Fix versions” but please change if that is incorrect. If it’s correct, go ahead and resolve.

Time remaining

2h 55m

Assignee

Jason Patton