Ejemplo n.º 1
0
def test_client_registration_2():
    args = {
        "redirect_uris": ["https://client.example.org/callback",
                          "https://client.example.org/callback2"],
        "client_name": "My Example Client",
        "client_name#ja-Jpan-JP":
            "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
        "token_endpoint_auth_method": "client_secret_basic",
        "scope": "read write dolphin",
    }

    provider = Provider("pyoicserv", sdb.SessionDB("https://example.org/"),
                        CDB, AUTHN_BROKER, AUTHZ, verify_client,
                        client_info_url="https://example.com/as/",
                        client_authn_methods={
                            "client_secret_post": ClientSecretPost,
                            "client_secret_basic": ClientSecretBasic,
                            "bearer_header": BearerHeader})

    request = RegistrationRequest(**args)

    resp = provider.registration_endpoint(request.to_json(), {})

    assert isinstance(resp, Response)

    _resp = ClientInfoResponse().from_json(resp.message)

    assert "client_name#ja-Jpan-JP" in _resp.keys()
    assert "client_name" in _resp.keys()
Ejemplo n.º 2
0
    def test_client_registration_delete(self):
        args = {
            "redirect_uris": ["https://client.example.org/callback",
                              "https://client.example.org/callback2"],
            "client_name": "My Example Client",
            "client_name#ja-Jpan-JP":
                "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
            "token_endpoint_auth_method": "client_secret_basic",
            "scope": "read write dolphin",
        }
        request = RegistrationRequest(**args)
        resp = self.provider.registration_endpoint(request.to_json(),
                                                   environ={})
        _resp = ClientInfoResponse().from_json(resp.message)
        resp = self.provider.client_info_endpoint(
            "",
            environ={"HTTP_AUTHORIZATION": "Bearer %s" % (
                _resp["registration_access_token"],)},
            method="DELETE",
            query="client_id=%s" % _resp["client_id"])

        assert isinstance(resp, NoContent)

        # A read should fail
        resp = self.provider.client_info_endpoint(
            "",
            environ={"HTTP_AUTHORIZATION": "Bearer %s" % (
                _resp["registration_access_token"],)},
            query="client_id=%s" % _resp["client_id"])

        assert isinstance(resp, Unauthorized)
Ejemplo n.º 3
0
def test_client_registration_2():
    args = {
        "redirect_uris": ["https://client.example.org/callback",
                          "https://client.example.org/callback2"],
        "client_name": "My Example Client",
        "client_name#ja-Jpan-JP":
            "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
        "token_endpoint_auth_method": "client_secret_basic",
        "scope": "read write dolphin",
    }

    provider = Provider("pyoicserv", sdb.SessionDB(), CDB, AUTHN_BROKER, AUTHZ,
                        verify_client,
                        client_info_url="https://example.com/as/",
                        client_authn_methods={
                            "client_secret_post": ClientSecretPost,
                            "client_secret_basic": ClientSecretBasic,
                            "bearer_header": BearerHeader})

    request = RegistrationRequest(**args)

    resp = provider.registration_endpoint(request.to_json(), {})

    assert isinstance(resp, Response)

    _resp = ClientInfoResponse().from_json(resp.message)

    assert "client_name#ja-Jpan-JP" in _resp.keys()
    assert "client_name" in _resp.keys()
Ejemplo n.º 4
0
def test_client_registration_uri_error():
    args = {
        "redirect_uris": ["https://client.example.org/callback",
                          "https://client.example.org/callback2"],
        "client_name": "My Example Client",
        "client_name#ja-Jpan-JP":
            "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
        "token_endpoint_auth_method": "client_secret_basic",
        "scope": "read write dolphin",
        "logo_uri": "https://client.example.org/logo.png",
        "jwks_uri": "https://client.example.org/my_public_keys.jwks"
    }

    provider = Provider("pyoicserv", sdb.SessionDB("https://example.org/"),
                        CDB, AUTHN_BROKER, AUTHZ, verify_client,
                        client_info_url="https://example.com/as/")

    request = RegistrationRequest(**args)

    resp = provider.registration_endpoint(request.to_json(), {})

    assert isinstance(resp, Response)

    _resp = ClientRegistrationError().from_json(resp.message)

    assert "error" in _resp
    assert _resp["error"] == "invalid_client_metadata"
Ejemplo n.º 5
0
def test_client_registration_uri_error():
    args = {
        "redirect_uris": ["https://client.example.org/callback",
                          "https://client.example.org/callback2"],
        "client_name": "My Example Client",
        "client_name#ja-Jpan-JP":
            "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
        "token_endpoint_auth_method": "client_secret_basic",
        "scope": "read write dolphin",
        "logo_uri": "https://client.example.org/logo.png",
        "jwks_uri": "https://client.example.org/my_public_keys.jwks"
    }

    provider = Provider("pyoicserv", sdb.SessionDB(), CDB, AUTHN_BROKER, AUTHZ,
                        verify_client,
                        client_info_url="https://example.com/as/")

    request = RegistrationRequest(**args)

    resp = provider.registration_endpoint(request.to_json(), {})

    assert isinstance(resp, Response)

    _resp = ClientRegistrationError().from_json(resp.message)

    assert "error" in _resp
    assert _resp["error"] == "invalid_client_metadata"
Ejemplo n.º 6
0
def test_client_registration_delete():
    args = {
        "redirect_uris": [
            "https://client.example.org/callback",
            "https://client.example.org/callback2"
        ],
        "client_name":
        "My Example Client",
        "client_name#ja-Jpan-JP":
        "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
        "token_endpoint_auth_method":
        "client_secret_basic",
        "scope":
        "read write dolphin",
    }

    provider = Provider("pyoicserv",
                        sdb.SessionDB(SERVER_INFO["issuer"]),
                        CDB,
                        AUTHN_BROKER,
                        AUTHZ,
                        verify_client,
                        client_info_url="https://example.com/as/",
                        client_authn_methods={
                            "client_secret_post": ClientSecretPost,
                            "client_secret_basic": ClientSecretBasic,
                            "bearer_header": BearerHeader
                        })

    request = RegistrationRequest(**args)

    resp = provider.registration_endpoint(request.to_json(), environ={})

    assert isinstance(resp, Response)

    _resp = ClientInfoResponse().from_json(resp.message)

    resp = provider.client_info_endpoint(
        "",
        environ={
            "HTTP_AUTHORIZATION":
            "Bearer %s" % (_resp["registration_access_token"], )
        },
        method="DELETE",
        query="client_id=%s" % _resp["client_id"])

    assert isinstance(resp, NoContent)

    # A read should fail

    resp = provider.client_info_endpoint(
        "",
        environ={
            "HTTP_AUTHORIZATION":
            "Bearer %s" % (_resp["registration_access_token"], )
        },
        query="client_id=%s" % _resp["client_id"])

    assert isinstance(resp, Unauthorized)
Ejemplo n.º 7
0
def test_client_registration_update():
    args = {
        "redirect_uris": ["https://client.example.org/callback", "https://client.example.org/callback2"],
        "client_name": "My Example Client",
        "client_name#ja-Jpan-JP": "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
        "token_endpoint_auth_method": "client_secret_basic",
        "scope": "read write dolphin",
    }

    provider = Provider(
        "pyoicserv",
        sdb.SessionDB("https://example.org/"),
        CDB,
        AUTHN_BROKER,
        AUTHZ,
        verify_client,
        client_info_url="https://example.com/as/",
        client_authn_methods={
            "client_secret_post": ClientSecretPost,
            "client_secret_basic": ClientSecretBasic,
            "bearer_header": BearerHeader,
        },
    )

    request = RegistrationRequest(**args)

    resp = provider.registration_endpoint(request.to_json(), environ={})

    assert isinstance(resp, Response)

    _resp = ClientInfoResponse().from_json(resp.message)

    assert "client_name#ja-Jpan-JP" in _resp.keys()
    assert "client_name" in _resp.keys()

    update = {
        "client_id": _resp["client_id"],
        "client_secret": _resp["client_secret"],
        "redirect_uris": ["https://client.example.org/callback", "https://client.example.org/alt"],
        "scope": "read write dolphin",
        "grant_types": ["authorization_code", "refresh_token"],
        "token_endpoint_auth_method": "client_secret_basic",
        "jwks_uri": "https://client.example.org/my_public_keys.jwks",
        "client_name": "My New Example",
        "client_name#fr": "Mon Nouvel Exemple",
    }

    update_req = RegistrationRequest(**update)

    resp = provider.client_info_endpoint(
        update_req.to_json(),
        environ={"HTTP_AUTHORIZATION": "Bearer %s" % (_resp["registration_access_token"],)},
        method="PUT",
        query="client_id=%s" % _resp["client_id"],
    )

    _resp_up = ClientInfoResponse().from_json(resp.message)

    print _resp_up
Ejemplo n.º 8
0
    def test_registration_endpoint(self):
        request = RegistrationRequest(client_name="myself",
                                      redirect_uris=["https://example.com/rp"])
        resp = self.provider.registration_endpoint(request.to_json(), {})
        assert isinstance(resp, Response)
        data = json.loads(resp.message)
        assert data["client_name"] == "myself"
        assert _eq(data["redirect_uris"], ["https://example.com/rp"])

        _resp = ClientInfoResponse().from_json(resp.message)
        assert "client_id" in _resp
Ejemplo n.º 9
0
def test_client_registration_delete():
    args = {
        "redirect_uris": ["https://client.example.org/callback", "https://client.example.org/callback2"],
        "client_name": "My Example Client",
        "client_name#ja-Jpan-JP": "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
        "token_endpoint_auth_method": "client_secret_basic",
        "scope": "read write dolphin",
    }

    provider = Provider(
        "pyoicserv",
        sdb.SessionDB(SERVER_INFO["issuer"]),
        CDB,
        AUTHN_BROKER,
        AUTHZ,
        verify_client,
        client_info_url="https://example.com/as/",
        client_authn_methods={
            "client_secret_post": ClientSecretPost,
            "client_secret_basic": ClientSecretBasic,
            "bearer_header": BearerHeader,
        },
    )

    request = RegistrationRequest(**args)

    resp = provider.registration_endpoint(request.to_json(), environ={})

    assert isinstance(resp, Response)

    _resp = ClientInfoResponse().from_json(resp.message)

    resp = provider.client_info_endpoint(
        "",
        environ={"HTTP_AUTHORIZATION": "Bearer %s" % (_resp["registration_access_token"],)},
        method="DELETE",
        query="client_id=%s" % _resp["client_id"],
    )

    assert isinstance(resp, NoContent)

    # A read should fail

    resp = provider.client_info_endpoint(
        "",
        environ={"HTTP_AUTHORIZATION": "Bearer %s" % (_resp["registration_access_token"],)},
        query="client_id=%s" % _resp["client_id"],
    )

    assert isinstance(resp, Unauthorized)
Ejemplo n.º 10
0
def test_client_registration():
    provider = Provider("pyoicserv", sdb.SessionDB(), CDB, AUTHN_BROKER, AUTHZ,
                        verify_client,
                        client_info_url="https://example.com/as/")

    request = RegistrationRequest(client_name="myself",
                                  redirect_uris=["https://example.com/rp"])

    resp = provider.registration_endpoint(request.to_json(), {})

    assert isinstance(resp, Response)

    _resp = ClientInfoResponse().from_json(resp.message)

    assert "client_id" in _resp
Ejemplo n.º 11
0
    def test_client_registration_utf_8_client_name(self):
        args = {
            "redirect_uris": ["https://client.example.org/callback",
                              "https://client.example.org/callback2"],
            "client_name": "My Example Client",
            "client_name#ja-Jpan-JP":
                "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
            "token_endpoint_auth_method": "client_secret_basic",
            "scope": "read write dolphin",
        }

        request = RegistrationRequest(**args)
        resp = self.provider.registration_endpoint(request.to_json(), {})
        _resp = ClientInfoResponse().from_json(resp.message)

        assert _resp[
                   "client_name#ja-Jpan-JP"] == "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D"
        assert _resp["client_name"] == "My Example Client"
Ejemplo n.º 12
0
    def test_registration_uri_error(self):
        args = {
            "redirect_uris": ["https://client.example.org/callback",
                              "https://client.example.org/callback2"],
            "client_name": "My Example Client",
            "client_name#ja-Jpan-JP":
                "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
            "token_endpoint_auth_method": "client_secret_basic",
            "scope": "read write dolphin",
            # invalid logo_uri
            "logo_uri": "https://client.example.org/logo.png",
            "jwks_uri": "https://client.example.org/my_public_keys.jwks"
        }

        request = RegistrationRequest(**args)
        resp = self.provider.registration_endpoint(request.to_json(), {})
        _resp = ClientRegistrationError().from_json(resp.message)

        assert "error" in _resp
        assert _resp["error"] == "invalid_client_metadata"
Ejemplo n.º 13
0
def test_client_registration_update():
    args = {
        "redirect_uris": ["https://client.example.org/callback",
                          "https://client.example.org/callback2"],
        "client_name": "My Example Client",
        "client_name#ja-Jpan-JP":
            "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
        "token_endpoint_auth_method": "client_secret_basic",
        "scope": "read write dolphin",
    }

    provider = Provider("pyoicserv", sdb.SessionDB(), CDB, AUTHN_BROKER, AUTHZ,
                        verify_client,
                        client_info_url="https://example.com/as/",
                        client_authn_methods={
                            "client_secret_post": ClientSecretPost,
                            "client_secret_basic": ClientSecretBasic,
                            "bearer_header": BearerHeader})

    request = RegistrationRequest(**args)

    resp = provider.registration_endpoint(request.to_json(),
                                                 environ={})

    assert isinstance(resp, Response)

    _resp = ClientInfoResponse().from_json(resp.message)

    assert "client_name#ja-Jpan-JP" in _resp.keys()
    assert "client_name" in _resp.keys()

    update = {
        "client_id": _resp["client_id"],
        "client_secret": _resp["client_secret"],
        "redirect_uris": ["https://client.example.org/callback",
                          "https://client.example.org/alt"],
        "scope": "read write dolphin",
        "grant_types": ["authorization_code", "refresh_token"],
        "token_endpoint_auth_method": "client_secret_basic",
        "jwks_uri": "https://client.example.org/my_public_keys.jwks",
        "client_name": "My New Example",
        "client_name#fr": "Mon Nouvel Exemple",
    }

    update_req = RegistrationRequest(**update)

    resp = provider.client_info_endpoint(
        update_req.to_json(),
        environ={"HTTP_AUTHORIZATION": "Bearer %s" % (
            _resp["registration_access_token"],)},
        method="PUT",
        query="client_id=%s" % _resp["client_id"])

    _resp_up = ClientInfoResponse().from_json(resp.message)

    print _resp_up
Ejemplo n.º 14
0
    def test_client_registration_update(self):
        args = {
            "redirect_uris": ["https://client.example.org/callback",
                              "https://client.example.org/callback2"],
            "client_name": "My Example Client",
            "client_name#ja-Jpan-JP":
                "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
            "token_endpoint_auth_method": "client_secret_basic",
            "scope": "read write dolphin",
        }
        request = RegistrationRequest(**args)
        resp = self.provider.registration_endpoint(request.to_json(),
                                                   environ={})
        _resp = ClientInfoResponse().from_json(resp.message)

        update = {
            "client_id": _resp["client_id"],
            "client_secret": _resp["client_secret"],
            "redirect_uris": ["https://client.example.org/callback",
                              "https://client.example.org/alt"],
            "scope": "read write dolphin",
            "grant_types": ["authorization_code", "refresh_token"],
            "token_endpoint_auth_method": "client_secret_basic",
            "jwks_uri": "https://client.example.org/my_public_keys.jwks",
            "client_name": "My New Example",
            "client_name#fr": "Mon Nouvel Exemple",
        }
        update_req = RegistrationRequest(**update)
        resp = self.provider.client_info_endpoint(
            update_req.to_json(),
            environ={"HTTP_AUTHORIZATION": "Bearer %s" % (
                _resp["registration_access_token"],)},
            method="PUT",
            query="client_id=%s" % _resp["client_id"])

        _resp_up = ClientInfoResponse().from_json(resp.message)
        assert _resp_up["client_id"] == update["client_id"]
        assert _resp_up["client_secret"] == update["client_secret"]
        assert _resp_up["redirect_uris"] == update["redirect_uris"]
        assert _resp_up["scope"] == update["scope"].split()
        assert _resp_up["grant_types"] == update["grant_types"]
        assert _resp_up["token_endpoint_auth_method"] == update[
            "token_endpoint_auth_method"]
        assert _resp_up["jwks_uri"] == update["jwks_uri"]
        assert _resp_up["client_name"] == update["client_name"]
        assert _resp_up["client_name#fr"] == update["client_name#fr"]