Beispiel #1
0
    def __init__(self,
                 client_id=None,
                 client_secret=None,
                 ca_certs=None,
                 client_authn_method=None,
                 keyjar=None,
                 verify_ssl=True,
                 config=None):
        """

        :param client_id: The client identifier
        :param ca_certs: Certificates used to verify HTTPS certificates
        :param client_authn_method: Methods that this client can use to
            authenticate itself. It's a dictionary with method names as
            keys and method classes as values.
        :param verify_ssl: Whether the SSL certificate should be verified.
        :return: Client instance
        """
        PBase.__init__(self, ca_certs, verify_ssl=verify_ssl)
        self.client_id = client_id
        self.client_authn_method = client_authn_method
        self.keyjar = keyjar or KeyJar(verify_ssl=verify_ssl,
                                       client_id=client_id,
                                       client_secret=client_secret)
        self.verify_ssl = verify_ssl
        # self.secret_type = "basic "

        # self.state = None
        self.nonce = None

        self.grant = {}

        # own endpoint
        self.redirect_uris = [None]

        # service endpoints
        self.authorization_endpoint = None
        self.token_endpoint = None
        self.token_revocation_endpoint = None

        self.request2endpoint = REQUEST2ENDPOINT
        self.response2error = RESPONSE2ERROR
        self.grant_class = Grant
        self.token_class = Token

        self.provider_info = {}
        self._c_secret = None
        self.kid = {"sig": {}, "enc": {}}
        self.authz_req = None

        # the OAuth issuer is the URL of the authorization server's
        # configuration information location
        self.config = config or {}
        try:
            self.issuer = self.config['issuer']
        except KeyError:
            self.issuer = ''
        self.allow = {}
        self.provider_info = {}
Beispiel #2
0
 def __init__(self,
              keyjar=None,
              ca_certs=None,
              verify_ssl=True,
              client_cert=None):
     PBase.__init__(self,
                    keyjar=keyjar,
                    ca_certs=ca_certs,
                    verify_ssl=verify_ssl,
                    client_cert=client_cert)
Beispiel #3
0
 def __init__(self,
              keyjar=None,
              verify_ssl=True,
              client_cert=None,
              timeout=5):
     PBase.__init__(self,
                    verify_ssl=verify_ssl,
                    keyjar=keyjar,
                    client_cert=client_cert,
                    timeout=timeout)
Beispiel #4
0
    def __init__(self, client_id=None, client_authn_method=None,
                 keyjar=None, verify_ssl=True, config=None, client_cert=None,
                 timeout=5):
        """

        :param client_id: The client identifier
        :param client_authn_method: Methods that this client can use to
            authenticate itself. It's a dictionary with method names as
            keys and method classes as values.
        :param keyjar: The keyjar for this client.
        :param verify_ssl: Whether the SSL certificate should be verified.
        :param client_cert: A client certificate to use.
        :param timeout: Timeout for requests library. Can be specified either as
            a single integer or as a tuple of integers. For more details, refer to
            ``requests`` documentation.
        :return: Client instance
        """

        PBase.__init__(self, verify_ssl=verify_ssl, keyjar=keyjar,
                       client_cert=client_cert, timeout=timeout)

        self.client_id = client_id
        self.client_authn_method = client_authn_method

        self.nonce = None

        self.grant = {}
        self.state2nonce = {}
        # own endpoint
        self.redirect_uris = [None]

        # service endpoints
        self.authorization_endpoint = None
        self.token_endpoint = None
        self.token_revocation_endpoint = None

        self.request2endpoint = REQUEST2ENDPOINT
        self.response2error = RESPONSE2ERROR
        self.grant_class = Grant
        self.token_class = Token

        self.provider_info = {}
        self._c_secret = None
        self.kid = {"sig": {}, "enc": {}}
        self.authz_req = None

        # the OAuth issuer is the URL of the authorization server's
        # configuration information location
        self.config = config or {}
        try:
            self.issuer = self.config['issuer']
        except KeyError:
            self.issuer = ''
        self.allow = {}
        self.provider_info = {}
Beispiel #5
0
    def __init__(self, client_id=None, client_authn_method=None,
                 keyjar=None, verify_ssl=True, config=None, client_cert=None,
                 timeout=5):
        """

        :param client_id: The client identifier
        :param client_authn_method: Methods that this client can use to
            authenticate itself. It's a dictionary with method names as
            keys and method classes as values.
        :param keyjar: The keyjar for this client.
        :param verify_ssl: Whether the SSL certificate should be verified.
        :param client_cert: A client certificate to use.
        :param timeout: Timeout for requests library. Can be specified either as
            a single integer or as a tuple of integers. For more details, refer to
            ``requests`` documentation.
        :return: Client instance
        """

        PBase.__init__(self, verify_ssl=verify_ssl, keyjar=keyjar,
                       client_cert=client_cert, timeout=timeout)

        self.client_id = client_id
        self.client_authn_method = client_authn_method

        self.nonce = None

        self.grant = {}
        self.state2nonce = {}
        # own endpoint
        self.redirect_uris = [None]

        # service endpoints
        self.authorization_endpoint = None
        self.token_endpoint = None
        self.token_revocation_endpoint = None

        self.request2endpoint = REQUEST2ENDPOINT
        self.response2error = RESPONSE2ERROR
        self.grant_class = Grant
        self.token_class = Token

        self.provider_info = {}
        self._c_secret = None
        self.kid = {"sig": {}, "enc": {}}
        self.authz_req = None

        # the OAuth issuer is the URL of the authorization server's
        # configuration information location
        self.config = config or {}
        try:
            self.issuer = self.config['issuer']
        except KeyError:
            self.issuer = ''
        self.allow = {}
        self.provider_info = {}
Beispiel #6
0
    def __init__(self, client_id=None, ca_certs=None, client_authn_method=None,
                 keyjar=None, verify_ssl=True, config=None, client_cert=None):
        """

        :param client_id: The client identifier
        :param ca_certs: Certificates used to verify HTTPS certificates
        :param client_authn_method: Methods that this client can use to
            authenticate itself. It's a dictionary with method names as
            keys and method classes as values.
        :param verify_ssl: Whether the SSL certificate should be verified.
        :return: Client instance
        """

        PBase.__init__(self, ca_certs, verify_ssl=verify_ssl,
                       client_cert=client_cert, keyjar=keyjar)

        self.client_id = client_id
        self.client_authn_method = client_authn_method
        self.verify_ssl = verify_ssl
        # self.secret_type = "basic "

        # self.state = None
        self.nonce = None

        self.grant = {}
        self.state2nonce = {}
        # own endpoint
        self.redirect_uris = [None]

        # service endpoints
        self.authorization_endpoint = None
        self.token_endpoint = None
        self.token_revocation_endpoint = None

        self.request2endpoint = REQUEST2ENDPOINT
        self.response2error = RESPONSE2ERROR
        self.grant_class = Grant
        self.token_class = Token

        self.provider_info = {}
        self._c_secret = None
        self.kid = {"sig": {}, "enc": {}}
        self.authz_req = None

        # the OAuth issuer is the URL of the authorization server's
        # configuration information location
        self.config = config or {}
        try:
            self.issuer = self.config['issuer']
        except KeyError:
            self.issuer = ''
        self.allow = {}
        self.provider_info = {}
Beispiel #7
0
    def __init__(self, jwks_file=None, httpcli=None, iss='', keyjar=None,
                 signed_metadata_statements_dir='.', fo_jwks_dir=None,
                 fo_priority_order=None, ms_cls=ClientMetadataStatement,
                 fo_bundle_uri=None, fo_bundle_sign_key=None,
                 verify_ssl=True, ca_certs=None, client_cert=None):

        if jwks_file:
            keyjar = self.read_jwks_file(jwks_file)

        if httpcli is None:
            httpcli = PBase(verify_ssl=verify_ssl, ca_certs=ca_certs,
                            keyjar=keyjar, client_cert=client_cert)

        Operator.__init__(self, iss=iss, keyjar=keyjar, httpcli=httpcli)

        # FO keys
        self.fo_keyjar = None
        self.fo_jwks_dir = fo_jwks_dir
        self.jwks_mtime = {}
        if fo_jwks_dir:
            self.get_fo_keyjar_from_dir()

        if fo_bundle_uri:
            self.fo_bundle_uri = fo_bundle_uri
            self.fo_bundle_sign_key = fo_bundle_sign_key
            self.import_from_bundle(fo_bundle_uri, fo_bundle_sign_key)

        # Signed metadata statements
        self.signed_metadata_statements_dir = signed_metadata_statements_dir
        self.sms_mtime = {}
        self.signed_metadata_statements = {}
        self.get_sms_from_dir()

        self.fo_priority_order = {} or fo_priority_order
        self.ms_cls = ms_cls
Beispiel #8
0
 def discover(self, *arg, **kwargs):
     wf = WebFinger(OIC_ISSUER)
     wf.httpd = PBase()
     _url = wf.query(kwargs["principal"])
     self.trace.request("Request URL: %s" % _url)
     url = wf.discovery_query(kwargs["principal"])
     self.trace.request("Discovery URL: %s" % url)
     return url
Beispiel #9
0
    def __init__(
        self,
        client_id=None,
        client_authn_method=None,
        keyjar=None,
        verify_ssl=True,
        config=None,
        client_cert=None,
        timeout=5,
        message_factory: Type[MessageFactory] = OauthMessageFactory,
    ):
        """
        Initialize the instance.

        :param client_id: The client identifier
        :param client_authn_method: Methods that this client can use to
            authenticate itself. It's a dictionary with method names as
            keys and method classes as values.
        :param keyjar: The keyjar for this client.
        :param verify_ssl: Whether the SSL certificate should be verified.
        :param client_cert: A client certificate to use.
        :param timeout: Timeout for requests library. Can be specified either as
            a single integer or as a tuple of integers. For more details, refer to
            ``requests`` documentation.
        :param: message_factory: Factory for message classes, should inherit from OauthMessageFactory
        :return: Client instance
        """
        PBase.__init__(
            self,
            verify_ssl=verify_ssl,
            keyjar=keyjar,
            client_cert=client_cert,
            timeout=timeout,
        )

        self.client_id = client_id
        self.client_authn_method = client_authn_method

        self.nonce = None

        self.message_factory = message_factory
        self.grant = {}  # type: Dict[str, Grant]
        self.state2nonce = {}  # type: Dict[str, str]
        # own endpoint
        self.redirect_uris = []  # type: List[str]

        # service endpoints
        self.authorization_endpoint = None  # type: Optional[str]
        self.token_endpoint = None  # type: Optional[str]
        self.token_revocation_endpoint = None  # type: Optional[str]

        self.request2endpoint = REQUEST2ENDPOINT
        self.response2error = RESPONSE2ERROR  # type: Dict[str, List]
        self.grant_class = Grant
        self.token_class = Token

        self.provider_info = ASConfigurationResponse()  # type: Message
        self._c_secret = ""  # type: str
        self.kid = {"sig": {}, "enc": {}}  # type: Dict[str, Dict]
        self.authz_req = {}  # type: Dict[str, Message]

        # the OAuth issuer is the URL of the authorization server's
        # configuration information location
        self.config = config or {}
        try:
            self.issuer = self.config["issuer"]
        except KeyError:
            self.issuer = ""
        self.allow = {}  # type: Dict[str, Any]
Beispiel #10
0
 def __init__(self, keys=None, ca_certs=None, verify_ssl=True):
     PBase.__init__(self, ca_certs, verify_ssl)
Beispiel #11
0
 def __init__(self, keyjar=None, verify_ssl=True, client_cert=None, timeout=5):
     PBase.__init__(self, verify_ssl=verify_ssl, keyjar=keyjar,
                    client_cert=client_cert, timeout=timeout)
Beispiel #12
0
 def __init__(self, keys=None, ca_certs=None, verify_ssl=True):
     PBase.__init__(self, ca_certs, verify_ssl)
Beispiel #13
0
    def __init__(
        self,
        client_id=None,
        client_authn_method=None,
        keyjar=None,
        verify_ssl=None,
        config=None,
        client_cert=None,
        timeout=None,
        message_factory: Type[MessageFactory] = OauthMessageFactory,
        settings: PyoidcSettings = None,
    ):
        """
        Initialize the instance.

        Keyword Args:
            settings
                Instance of :class:`OauthClientSettings` with configuration options.
                Currently used settings are:
                 - verify_ssl
                 - client_cert
                 - timeout

        :param client_id: The client identifier
        :param client_authn_method: Methods that this client can use to
            authenticate itself. It's a dictionary with method names as
            keys and method classes as values.
        :param keyjar: The keyjar for this client.
        :param verify_ssl: Whether the SSL certificate should be verified. Deprecated in favor of settings.
        :param client_cert: A client certificate to use. Deprecated in favor of settings.
        :param timeout: Timeout for requests library. Can be specified either as
            a single integer or as a tuple of integers. For more details, refer to
            ``requests`` documentation. Deprecated in favor of settings.
        :param: message_factory: Factory for message classes, should inherit from OauthMessageFactory
        :return: Client instance

        """
        self.settings = settings or OauthClientSettings()
        if verify_ssl is not None:
            warnings.warn(
                "`verify_ssl` is deprecated, please use `settings` instead if you need to set a non-default value.",
                DeprecationWarning,
                stacklevel=2,
            )
            self.settings.verify_ssl = verify_ssl
        if client_cert is not None:
            warnings.warn(
                "`client_cert` is deprecated, please use `settings` instead if you need to set a non-default value.",
                DeprecationWarning,
                stacklevel=2,
            )
            self.settings.client_cert = client_cert
        if timeout is not None:
            warnings.warn(
                "`timeout` is deprecated, please use `settings` instead if you need to set a non-default value.",
                DeprecationWarning,
                stacklevel=2,
            )
            self.settings.timeout = timeout
        PBase.__init__(self, keyjar=keyjar, settings=self.settings)

        self.sso_db = None  # type: Optional[SessionBackend]
        self.client_id = client_id
        self.client_authn_method = client_authn_method

        self.nonce = None  # type: Optional[str]

        self.message_factory = message_factory
        self.grant = {}  # type: Dict[str, Grant]
        self.state2nonce = {}  # type: Dict[str, str]
        # own endpoint
        self.redirect_uris = []  # type: List[str]
        # Default behaviour
        self.response_type = ["code"]

        # service endpoints
        self.authorization_endpoint = None  # type: Optional[str]
        self.token_endpoint = None  # type: Optional[str]
        self.token_revocation_endpoint = None  # type: Optional[str]

        self.request2endpoint = REQUEST2ENDPOINT
        self.response2error = RESPONSE2ERROR  # type: Dict[str, List]
        self.grant_class = Grant
        self.token_class = Token

        self.provider_info = ASConfigurationResponse()  # type: Message
        self._c_secret = ""  # type: str
        self.kid = {"sig": {}, "enc": {}}  # type: Dict[str, Dict]
        self.authz_req = {}  # type: Dict[str, Message]

        # the OAuth issuer is the URL of the authorization server's
        # configuration information location
        self.config = config or {}
        try:
            self.issuer = self.config["issuer"]
        except KeyError:
            self.issuer = ""
        self.allow = {}  # type: Dict[str, Any]
Beispiel #14
0
 def __init__(self, keyjar=None, ca_certs=None, verify_ssl=True):
     PBase.__init__(self,
                    keyjar=keyjar,
                    ca_certs=ca_certs,
                    verify_ssl=verify_ssl)
Beispiel #15
0
 def __init__(self, keyjar=None, ca_certs=None, verify_ssl=True,
              client_cert=None):
     PBase.__init__(self, keyjar=keyjar, ca_certs=ca_certs,
                    verify_ssl=verify_ssl, client_cert=client_cert)
Beispiel #16
0
 def __init__(self, keyjar=None, ca_certs=None, verify_ssl=True):
     PBase.__init__(self, keyjar=keyjar, ca_certs=ca_certs,
                    verify_ssl=verify_ssl)