From b340846fc4eb6ffc57b9928b3c1d90de927353bf Mon Sep 17 00:00:00 2001
From: Nikos Sklikas <nsklikas@admin.grnet.gr>
Date: Wed, 21 Apr 2021 11:44:35 +0300
Subject: [PATCH] Use per client usage rules

---
 src/oidcendpoint/authz/__init__.py | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/oidcendpoint/authz/__init__.py b/src/oidcendpoint/authz/__init__.py
index 2277df8..ed4a187 100755
--- a/src/oidcendpoint/authz/__init__.py
+++ b/src/oidcendpoint/authz/__init__.py
@@ -27,6 +27,9 @@ def usage_rules(self, client_id):
         else:
             _usage_rules = {}
 
+        if not client_id:
+            return _usage_rules
+
         try:
             _per_client = self.endpoint_context.cdb[client_id]["token_usage_rules"]
         except KeyError:
@@ -52,8 +55,12 @@ def usage_rules_for(self, client_id, token_type):
         except KeyError:
             return {}
 
-    def __call__(self, session_id: str, request: Union[dict, Message],
-                 resources: Optional[list] = None) -> Grant:
+    def __call__(
+        self,
+        session_id: str,
+        request: Union[dict, Message],
+        resources: Optional[list] = None,
+    ) -> Grant:
         args = self.grant_config.copy()
 
         scope = request.get("scope")
@@ -74,6 +81,8 @@ def __call__(self, session_id: str, request: Union[dict, Message],
         for key, val in args.items():
             if key == "expires_in":
                 grant.set_expires_at(val)
+            if key == "usage_rules":
+                setattr(grant, key, self.usage_rules(request.get("client_id")))
             else:
                 setattr(grant, key, val)