def registration_endpoint(self, environ, start_response, **kwargs):
logger.debug("@registration_endpoint")
try:
query = kwargs["query"]
except KeyError:
try:
query = get_or_post(environ)
except UnsupportedMethod:
resp = BadRequest("Unsupported method")
return resp(environ, start_response)
request = RegistrationRequest().deserialize(query, "urlencoded")
logger.info("registration_request:%s" % request.to_dict())
_keystore = self.server.keystore
if request["type"] == "client_associate":
# create new id och secret
client_id = rndstr(12)
while client_id in self.cdb:
client_id = rndstr(12)
client_secret = secret(self.seed, client_id)
self.cdb[client_id] = {
"client_secret":client_secret
}
_cinfo = self.cdb[client_id]
if "redirect_uris" in request:
for uri in request["redirect_uris"]:
if urlparse.urlparse(uri).fragment:
err = ClientRegistrationErrorResponse(
error="invalid_configuration_parameter",
error_description="redirect_uri contains fragment")
resp = Response(err.to_json(),
content="application/json",
status="400 Bad Request")
return resp(environ, start_response)
for key,val in request.items():
_cinfo[key] = val
try:
self.keystore.load_keys(request, client_id)
except Exception, err:
logger.error("Failed to load client keys: %s" % request.to_dict())
err = ClientRegistrationErrorResponse(
error="invalid_configuration_parameter",
error_description="%s" % err)
resp = Response(err.to_json(), content="application/json",
status="400 Bad Request")
return resp(environ, start_response)
response = RegistrationResponseCARS(client_id=client_id)
def test_register_client_with_wrong_response_type(self, context, frontend):
redirect_uri = "https://client.example.com"
registration_request = RegistrationRequest(
redirect_uris=[redirect_uri], response_types=["id_token token"])
context.request = registration_request.to_dict()
registration_response = frontend.client_registration(context)
assert registration_response.status == "400 Bad Request"
error_response = ClientRegistrationErrorResponse().deserialize(
registration_response.message, "json")
assert error_response["error"] == "invalid_request"
assert "response_type" in error_response["error_description"]
def do_client_registration(self, request, client_id, ignore=None):
if ignore is None:
ignore = []
_cinfo = self.cdb[client_id].copy()
logger.debug("_cinfo: %s" % _cinfo)
for key, val in request.items():
if key not in ignore:
_cinfo[key] = val
if "redirect_uris" in request:
ruri = []
for uri in request["redirect_uris"]:
if urlparse.urlparse(uri).fragment:
err = ClientRegistrationErrorResponse(
error="invalid_configuration_parameter",
error_description="redirect_uri contains fragment")
return Response(err.to_json(),
content="application/json",
status="400 Bad Request")
base, query = urllib.splitquery(uri)
if query:
ruri.append((base, urlparse.parse_qs(query)))
else:
ruri.append((base, query))
_cinfo["redirect_uris"] = ruri
if "sector_identifier_uri" in request:
si_url = request["sector_identifier_uri"]
try:
res = self.server.http_request(si_url)
except ConnectionError, err:
logger.error("%s" % err)
return self._error_response(
"invalid_configuration_parameter",
descr="Couldn't open sector_identifier_uri")
if not res:
return self._error_response(
"invalid_configuration_parameter",
descr="Couldn't open sector_identifier_uri")
logger.debug("sector_identifier_uri => %s" % res.text)
try:
si_redirects = json.loads(res.text)
except ValueError:
return self._error_response(
"invalid_configuration_parameter",
descr="Error deserializing sector_identifier_uri content")
if "redirect_uris" in request:
logger.debug("redirect_uris: %s" % request["redirect_uris"])
for uri in request["redirect_uris"]:
try:
assert uri in si_redirects
except AssertionError:
return self._error_response(
"invalid_configuration_parameter",
descr="redirect_uri missing from sector_identifiers"
)
_cinfo["si_redirects"] = si_redirects
_cinfo["sector_id"] = si_url
def to_json(self):
error = ClientRegistrationErrorResponse(error=self.oauth_error,
error_description=str(self))
return error.to_json()