def setup_consumer(self):
client_id = "client_1"
client_config = {
"client_id": client_id,
"client_authn_method": CLIENT_AUTHN_METHOD,
# 'config': {}
}
self.consumer = Consumer(SessionDB(SERVER_INFO["issuer"]), CONFIG,
client_config, SERVER_INFO)
self.consumer.behaviour = {
"request_object_signing_alg": DEF_SIGN_ALG["openid_request_object"]
}
self.consumer.client_secret = "abcdefghijklmnop"
self.consumer.keyjar = CLIKEYS
self.consumer.redirect_uris = ["https://example.com/cb"]
self.consumer.authorization_endpoint = \
"http://example.com/authorization"
self.consumer.token_endpoint = "http://example.com/token"
self.consumer.userinfo_endpoint = "http://example.com/userinfo"
self.consumer.client_secret = "hemlig"
self.consumer.secret_type = "basic"
mfos = MyFakeOICServer("http://localhost:8088")
mfos.keyjar = SRVKEYS
self.consumer.http_request = mfos.http_request
def test_provider_config(self):
c = Consumer(None, None)
mfos = MyFakeOICServer("https://example.com")
mfos.keyjar = SRVKEYS
c.http_request = mfos.http_request
principal = "*****@*****.**"
res = c.discover(principal)
info = c.provider_config(res)
assert isinstance(info, ProviderConfigurationResponse)
assert _eq(info.keys(), [
'registration_endpoint', 'jwks_uri', 'check_session_endpoint',
'refresh_session_endpoint', 'register_endpoint',
'subject_types_supported', 'token_endpoint_auth_methods_supported',
'id_token_signing_alg_values_supported', 'grant_types_supported',
'user_info_endpoint', 'claims_parameter_supported',
'request_parameter_supported', 'discovery_endpoint', 'issuer',
'authorization_endpoint', 'scopes_supported',
'require_request_uri_registration', 'identifiers_supported',
'token_endpoint', 'request_uri_parameter_supported', 'version',
'response_types_supported', 'end_session_endpoint',
'flows_supported'
])
assert info[
"end_session_endpoint"] == "https://example.com/end_session"
def test_discover(self):
c = Consumer(None, None)
mfos = MyFakeOICServer("https://*****:*****@example.com"
res = c.discover(principal)
assert res == "https://localhost:8088/"
def test_client_register(self):
c = Consumer(None, None)
c.application_type = "web"
c.application_name = "My super service"
c.redirect_uris = ["https://example.com/authz"]
c.contact = ["*****@*****.**"]
mfos = MyFakeOICServer("https://example.com")
mfos.keyjar = SRVKEYS
c.http_request = mfos.http_request
location = c.discover("*****@*****.**")
info = c.provider_config(location)
c.register(info["registration_endpoint"])
assert c.client_id is not None
assert c.client_secret is not None
assert c.registration_expires > utc_time_sans_frac()
def create_client(self):
self.redirect_uri = "http://example.com/redirect"
self.client = Client(CLIENT_ID,
client_authn_method=CLIENT_AUTHN_METHOD)
self.client.redirect_uris = [self.redirect_uri]
self.client.authorization_endpoint = "http://example.com/authorization"
self.client.token_endpoint = "http://example.com/token"
self.client.userinfo_endpoint = "http://example.com/userinfo"
self.client.check_session_endpoint = "https://example.com/check_session"
self.client.client_secret = "abcdefghijklmnop"
self.client.keyjar[""] = KC_RSA
self.client.behaviour = {
"request_object_signing_alg": DEF_SIGN_ALG["openid_request_object"]
}
self.mfos = MyFakeOICServer()
self.mfos.keyjar = KEYJ
self.client.http_request = self.mfos.http_request
def fac(name):
return MyFakeOICServer(name, session_db_factory=session_db_factory)