feat: add configuration for JWK URL (reanahub#741)

tomondre · tomondre · commit c0e4ab386656 · 2025-08-20T14:29:11.000+02:00
diff --git a/reana_server/config.py b/reana_server/config.py
@@ -350,7 +350,7 @@ def _get_rate_limit(env_variable: str, default: str) -> str:
     OAUTHCLIENT_REMOTE_APPS["keycloak"] = KEYCLOAK_APP
     OAUTHCLIENT_REST_REMOTE_APPS["keycloak"] = KEYCLOAK_REST_APP
 
-    REANA_OAUTH_JWK_URL = PROVIDER_CONFIG["jwk_url"]
+    REANA_OAUTH_JWK_URL = PROVIDER_CONFIG.get("jwk_url", "")
     REANA_OAUTH_USERINFO_URL = PROVIDER_CONFIG["userinfo_url"]
 
 # CERN SSO configuration
diff --git a/reana_server/utils.py b/reana_server/utils.py
@@ -75,6 +75,7 @@
     REANA_QUOTAS_DOCS_URL,
     WORKSPACE_RETENTION_PERIOD,
     DEFAULT_WORKSPACE_RETENTION_RULE,
+    REANA_OAUTH_JWK_URL,
 )
 from reana_server.gitlab_client import (
     GitLabClient,
@@ -682,7 +683,7 @@ def fetch_and_parse_jwk():
         fetch_and_parse_jwk._cache = None
 
     if not fetch_and_parse_jwk._cache:
-        response = requests.get("https://iam-escape.cloud.cnaf.infn.it/jwk")
+        response = requests.get(REANA_OAUTH_JWK_URL)
         if response.status_code != 200:
             raise ValueError(f"Failed to fetch JWK: {response.status_code}")
         fetch_and_parse_jwk._cache = response.json()
