Beispiel #1
0
    def do_post_logout_redirect(self, end_session_request):
        # type: (oic.oic.message.EndSessionRequest) -> oic.oic.message.EndSessionResponse
        if 'post_logout_redirect_uri' not in end_session_request:
            return None

        client_id = None
        if 'id_token_hint' in end_session_request:
            id_token = IdToken().from_jwt(end_session_request['id_token_hint'],
                                          key=[self.signing_key])
            client_id = id_token['aud'][0]

        if 'post_logout_redirect_uri' in end_session_request:
            if not client_id:
                return None
            if not end_session_request[
                    'post_logout_redirect_uri'] in self.clients[client_id].get(
                        'post_logout_redirect_uris', []):
                return None

        end_session_response = EndSessionResponse()
        if 'state' in end_session_request:
            end_session_response['state'] = end_session_request['state']

        return end_session_response.request(
            end_session_request['post_logout_redirect_uri'])
    def __call__(self, request):
        query = urlparse(request.url).query
        req = self.provider.parse_end_session_request(query=query)

        resp = EndSessionResponse(state=req['state'])

        return (302, {'Location': resp.request(req['redirect_url'])}, '')
    def __call__(self, request):
        query = urlparse(request.url).query
        req = self.provider.parse_end_session_request(query=query)

        resp = EndSessionResponse(state=req['state'])

        return (302, {'Location': resp.request(req['redirect_url'])}, '')
Beispiel #4
0
    def end_session_endpoint(self, query):
        try:
            req = self.parse_end_session_request(query=query)
        except Exception:
            raise

        # redirect back
        resp = EndSessionResponse(state=req["state"])

        url = resp.request(req["redirect_url"])

        response = Response()
        response.headers = {"location": url}
        response.status_code = 302  # redirect
        response.text = ""
        return response
Beispiel #5
0
    def end_session_endpoint(self, query):
        try:
            req = self.parse_end_session_request(query=query)
        except Exception:
            raise

        # redirect back
        resp = EndSessionResponse(state=req["state"])

        url = resp.request(req["redirect_url"])

        response = Response()
        response.headers = {"location": url}
        response.status_code = 302  # redirect
        response.text = ""
        return response
Beispiel #6
0
 def test_post_logout_redirect(self):
     auth_req = AuthorizationRequest(
         response_type='code id_token token',
         scope='openid',
         client_id='client1',
         redirect_uri='https://client.example.com/redirect')
     auth_resp = self.provider.authorize(auth_req, 'user1')
     end_session_request = EndSessionRequest(
         id_token_hint=auth_resp['id_token'],
         post_logout_redirect_uri='https://client.example.com/post_logout',
         state='state')
     redirect_url = self.provider.do_post_logout_redirect(
         end_session_request)
     assert redirect_url == EndSessionResponse(
         state='state').request('https://client.example.com/post_logout')