From c0ab45d33536016e3ff257567fc0853ef90b7230 Mon Sep 17 00:00:00 2001
From: Jimmy Zelinskie <jimmyzelinskie@gmail.com>
Date: Thu, 31 Mar 2016 16:41:53 -0400
Subject: [PATCH] key server: derive audience from host and scheme

---
 config.py               | 1 -
 endpoints/key_server.py | 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/config.py b/config.py
index 6560eb3d8..9958f6c12 100644
--- a/config.py
+++ b/config.py
@@ -304,4 +304,3 @@ class DefaultConfig(object):
 
   # The timeout for service key approval.
   UNAPPROVED_SERVICE_KEY_TTL_SEC = 60 * 60 * 24 # One day
-  KEY_SERVER_AUDIENCE_NAME = 'quay'
diff --git a/endpoints/key_server.py b/endpoints/key_server.py
index 7f4037117..8911ee30f 100644
--- a/endpoints/key_server.py
+++ b/endpoints/key_server.py
@@ -16,7 +16,7 @@ from util.security import strictjwt
 key_server = Blueprint('key_server', __name__)
 
 JWT_HEADER_NAME = 'Authorization'
-JWT_AUDIENCE = app.config['KEY_SERVER_AUDIENCE_NAME']
+JWT_AUDIENCE = app.config['PREFERRED_URL_SCHEME'] + '://' + app.config['SERVER_HOSTNAME']
 
 
 def _validate_jwk(jwk, kid):