Example #1
0
    def create_client(self):
        signer, ms = create_compound_metadata_statement(SPEC)
        sms = {signer: [ms]}

        self.redirect_uri = "http://example.com/redirect"
        self.client = Client(CLIENT_ID,
                             client_authn_method=CLIENT_AUTHN_METHOD,
                             fo_keyjar=fo_member(FOP, FO1P).fo_keyjar,
                             signed_metadata_statements=sms,
                             fo_priority_order=[FOP.iss, FO1P.iss]
                             )
        self.client.redirect_uris = [self.redirect_uri]
        self.client.authorization_endpoint = \
            "http://example.com/authorization"
        self.client.token_endpoint = "http://example.com/token"
        self.client.userinfo_endpoint = "http://example.com/userinfo"
        self.client.client_secret = "abcdefghijklmnop"
        self.client.keyjar[""] = KC_RSA
        self.client.behaviour = {
            "request_object_signing_alg": DEF_SIGN_ALG[
                "openid_request_object"]}

        self.provider = Provider(
            SERVER_INFO["issuer"], SessionDB(SERVER_INFO["issuer"]), CDB,
            AUTHN_BROKER, USERINFO, AUTHZ, verify_client, SYMKEY, urlmap=URLMAP,
            keyjar=KEYJAR, fo_keyjar=fo_keyjar(FOP, FO1P),
            fo_priority_order=[FOP.iss, FO1P.iss])
        self.provider.baseurl = self.provider.name
Example #2
0
class TestClient(object):
    @pytest.fixture(autouse=True)
    def create_client(self):
        signer, ms = create_compound_metadata_statement(SPEC)
        sms = {signer: [ms]}

        self.redirect_uri = "http://example.com/redirect"
        self.client = Client(CLIENT_ID,
                             client_authn_method=CLIENT_AUTHN_METHOD,
                             fo_keyjar=fo_member(FOP, FO1P).fo_keyjar,
                             signed_metadata_statements=sms,
                             fo_priority_order=[FOP.iss, FO1P.iss]
                             )
        self.client.redirect_uris = [self.redirect_uri]
        self.client.authorization_endpoint = \
            "http://example.com/authorization"
        self.client.token_endpoint = "http://example.com/token"
        self.client.userinfo_endpoint = "http://example.com/userinfo"
        self.client.client_secret = "abcdefghijklmnop"
        self.client.keyjar[""] = KC_RSA
        self.client.behaviour = {
            "request_object_signing_alg": DEF_SIGN_ALG[
                "openid_request_object"]}

        self.provider = Provider(
            SERVER_INFO["issuer"], SessionDB(SERVER_INFO["issuer"]), CDB,
            AUTHN_BROKER, USERINFO, AUTHZ, verify_client, SYMKEY, urlmap=URLMAP,
            keyjar=KEYJAR, fo_keyjar=fo_keyjar(FOP, FO1P),
            fo_priority_order=[FOP.iss, FO1P.iss])
        self.provider.baseurl = self.provider.name

    def test_init(self):
        receiver = fo_member(FOP, FO1P)
        ms = receiver.unpack_metadata_statement(
            jwt_ms=self.client.signed_metadata_statements[FOP.iss][0])
        res = receiver.evaluate_metadata_statement(ms)
        assert FOP.iss in res

    def test_create_registration_request(self):
        req = self.client.federated_client_registration_request(
            redirect_uris=['https://rp.example.com/auth_cb']
        )
        msg = self.provider.registration_endpoint(req.to_json())
        assert msg.status == '201 Created'
        reqresp = RegistrationResponse(**json.loads(msg.message))
        assert reqresp['response_types'] == ['code']