Ejemplo n.º 1
0
class ClientFactory(DjangoModelFactory):
    name = Faker("company")
    client_id = LazyFunction(lambda: hex_string(64))
    client_secret = LazyFunction(lambda: hex_string(64))

    scopes = ["openid", "profile", "email", "address"]
    scope = LazyAttribute(lambda o: " ".join(o.scopes))

    class Meta:
        model = Client
        exclude = ["scopes"]
Ejemplo n.º 2
0
def test_oidc(browser, oidc_client, oidc_provider, oidc_scopes, person,
              user_account, user_password):
    oidc_session = SimpleNamespace(
        state=hex_string(16),
        nonce=hex_string(16),
    )

    auth_req = oidc_client.construct_AuthorizationRequest(
        request_args={
            'client_id': oidc_client.client_id,
            'response_type': 'code',
            'scope': oidc_scopes,
            'nonce': oidc_session.nonce,
            'redirect_uri': oidc_provider.redirect_uris[0],
            'state': oidc_session.state,
        })
    auth_url = auth_req.request(oidc_client.authorization_endpoint)

    browser.visit(auth_url)
    browser.find_by_name('username').fill(user_account.username)
    browser.find_by_name('password').fill(user_password)
    browser.find_by_value('Log in').click()
    browser.find_by_value('Authorize').click()

    auth_resp = oidc_client.parse_response(
        AuthorizationResponse,
        info=browser.url,
        sformat='urlencoded',
    )

    assert auth_resp['state'] == oidc_session.state

    oidc_client.do_access_token_request(
        state=oidc_session.state,
        request_args={
            'code': auth_resp['code'],
        },
        authn_method='client_secret_basic',
    )

    user_info = oidc_client.do_user_info_request(
        state=oidc_session.state,
        behavior='use_authorization_header',
    )

    assert user_info['sub'] == str(user_account.pk)
    assert user_info['name'] == person.full_name
    assert user_info['given_name'] == person.first_name
    assert user_info['family_name'] == person.last_name
    if person.nickname:
        assert user_info['nickname'] == person.nickname
    assert user_info['preferred_username'] == user_account.username
    assert user_info['birthdate'] == person.date_of_birth.isoformat()
    assert user_info['email'] == person.email
Ejemplo n.º 3
0
def test_oidc(
    browser,
    oidc_client,
    oidc_provider,
    oidc_scopes,
    person,
    user_account,
    user_password,
):
    oidc_session = SimpleNamespace(state=hex_string(16), nonce=hex_string(16))

    auth_req = oidc_client.construct_AuthorizationRequest(
        request_args={
            "client_id": oidc_client.client_id,
            "response_type": "code",
            "scope": oidc_scopes,
            "nonce": oidc_session.nonce,
            "redirect_uri": oidc_provider.redirect_uris[0],
            "state": oidc_session.state,
        })
    auth_url = auth_req.request(oidc_client.authorization_endpoint)

    browser.visit(auth_url)
    browser.find_by_name("username").fill(user_account.username)
    browser.find_by_name("password").fill(user_password)
    browser.find_by_value("Log in").click()
    browser.find_by_value("Authorize").click()

    auth_resp = oidc_client.parse_response(AuthorizationResponse,
                                           info=browser.url,
                                           sformat="urlencoded")

    assert auth_resp["state"] == oidc_session.state

    oidc_client.do_access_token_request(
        state=oidc_session.state,
        request_args={"code": auth_resp["code"]},
        authn_method="client_secret_basic",
    )

    user_info = oidc_client.do_user_info_request(
        state=oidc_session.state, behavior="use_authorization_header")

    assert user_info["sub"] == str(user_account.pk)
    assert user_info["name"] == person.full_name
    assert user_info["given_name"] == person.first_name
    assert user_info["family_name"] == person.last_name
    if person.nickname:
        assert user_info["nickname"] == person.nickname
    assert user_info["preferred_username"] == user_account.username
    assert user_info["birthdate"] == person.date_of_birth.isoformat()
    assert user_info["email"] == person.email
Ejemplo n.º 4
0
class ClientFactory(DjangoModelFactory):
    name = Faker('company')
    client_id = LazyFunction(lambda: hex_string(64))
    client_secret = LazyFunction(lambda: hex_string(64))

    scopes = ['openid', 'profile', 'email', 'address']
    scope = LazyAttribute(lambda o: ' '.join(o.scopes))

    class Meta:
        model = Client
        exclude = [
            'scopes',
        ]
Ejemplo n.º 5
0
def user_password():
    return hex_string(16)
Ejemplo n.º 6
0
 def save(self, *args, **kwargs):
     if not self.token:
         self.token = hex_string(length=AUTH_TOKEN_LENGTH)
     super().save(*args, **kwargs)