def create_endpoint(self):
conf = {
"issuer": "https://example.com/",
"password": "******",
"token_expires_in": 600,
"grant_expires_in": 300,
"refresh_token_expires_in": 86400,
"verify_ssl": False,
"capabilities": CAPABILITIES,
"jwks": {"uri_path": "static/jwks.json", "key_defs": KEYDEFS},
"id_token": {
"class": IDToken,
"kwargs": {
"default_claims": {
"email": {"essential": True},
"email_verified": {"essential": True},
}
},
},
"endpoint": {
"authorization": {
"path": "{}/authorization",
"class": Authorization,
"kwargs": {
"response_types_supported": [
" ".join(x) for x in RESPONSE_TYPES_SUPPORTED
],
"response_modes_supported": ["query", "fragment", "form_post"],
"claims_parameter_supported": True,
"request_parameter_supported": True,
"request_uri_parameter_supported": True,
},
}
},
"authentication": {
"anon": {
"acr": "http://www.swamid.se/policy/assurance/al1",
"class": "oidcendpoint.user_authn.user.NoAuthn",
"kwargs": {"user": "******"},
}
},
"userinfo": {"class": UserInfo, "kwargs": {"db": USERINFO_db}},
"template_dir": "template",
"cookie_dealer": {
"class": CookieDealer,
"kwargs": {
"sign_key": "ghsNKDDLshZTPn974nOsIGhedULrsqnsGoBFBLwUKuJhE2ch",
"default_values": {
"name": "oidcop",
"domain": "127.0.0.1",
"path": "/",
"max_age": 3600,
},
},
},
}
endpoint_context = EndpointContext(conf)
_clients = yaml.safe_load(io.StringIO(client_yaml))
endpoint_context.cdb = _clients["clients"]
endpoint_context.keyjar.import_jwks(
endpoint_context.keyjar.export_jwks(True, ""), conf["issuer"]
)
self.endpoint = endpoint_context.endpoint["authorization"]
self.rp_keyjar = KeyJar()
self.rp_keyjar.add_symmetric("client_1", "hemligtkodord1234567890")
self.endpoint.endpoint_context.keyjar.add_symmetric(
"client_1", "hemligtkodord1234567890"
)
def create_endpoint(self):
conf = {
"issuer": ISS,
"password": "******",
"token_expires_in": 600,
"grant_expires_in": 300,
"refresh_token_expires_in": 86400,
"verify_ssl": False,
"capabilities": CAPABILITIES,
"jwks": {
"uri_path": "jwks.json",
"key_defs": KEYDEFS
},
"endpoint": {
"provider_config": {
"path": "{}/.well-known/openid-configuration",
"class": ProviderConfiguration,
"kwargs": {
"client_authn_method": None
},
},
"registration": {
"path": "{}/registration",
"class": Registration,
"kwargs": {
"client_authn_method": None
},
},
"authorization": {
"path": "{}/authorization",
"class": Authorization,
"kwargs": {
"client_authn_method": None
},
},
"token": {
"path": "{}/token",
"class": AccessToken,
"kwargs": {}
},
"userinfo": {
"path": "{}/userinfo",
"class": userinfo.UserInfo,
"kwargs": {
"db_file": "users.json"
},
},
"session": {
"path": "{}/end_session",
"class": Session,
"kwargs": {
"post_logout_uri_path": "post_logout",
"signing_alg": "ES256",
"logout_verify_url": "{}/verify_logout".format(ISS),
"client_authn_method": None,
},
},
},
"authentication": {
"anon": {
"acr": INTERNETPROTOCOLPASSWORD,
"class": "oidcendpoint.user_authn.user.NoAuthn",
"kwargs": {
"user": "******"
},
}
},
"userinfo": {
"class": UserInfo,
"kwargs": {
"db": USERINFO_db
}
},
"template_dir": "template",
# 'cookie_name':{
# 'session': 'oidcop',
# 'register': 'oidcreg'
# }
}
cookie_conf = {
"sign_key": "ghsNKDDLshZTPn974nOsIGhedULrsqnsGoBFBLwUKuJhE2ch",
"default_values": {
"name": "oidcop",
"domain": "127.0.0.1",
"path": "/",
"max_age": 3600,
},
}
self.cd = CookieDealer(**cookie_conf)
endpoint_context = EndpointContext(conf,
cookie_dealer=self.cd,
keyjar=KEYJAR)
endpoint_context.cdb = {
"client_1": {
"client_secret": "hemligt",
"redirect_uris": [("{}cb".format(CLI1), None)],
"client_salt": "salted",
"token_endpoint_auth_method": "client_secret_post",
"response_types":
["code", "token", "code id_token", "id_token"],
"post_logout_redirect_uris":
[("{}logout_cb".format(CLI1), "")],
},
"client_2": {
"client_secret": "hemligare",
"redirect_uris": [("{}cb".format(CLI2), None)],
"client_salt": "saltare",
"token_endpoint_auth_method": "client_secret_post",
"response_types":
["code", "token", "code id_token", "id_token"],
"post_logout_redirect_uris":
[("{}logout_cb".format(CLI2), "")],
},
}
self.authn_endpoint = endpoint_context.endpoint["authorization"]
self.session_endpoint = endpoint_context.endpoint["session"]
self.token_endpoint = endpoint_context.endpoint["token"]
def create_endpoint(self):
conf = {
"issuer": "https://example.com/",
"password": "******",
"token_expires_in": 600,
"grant_expires_in": 300,
"refresh_token_expires_in": 86400,
"verify_ssl": False,
"capabilities": CAPABILITIES,
"jwks": {"uri_path": "static/jwks.json", "key_defs": KEYDEFS},
"id_token": {
"class": IDToken,
"kwargs": {
"default_claims": {
"email": {"essential": True},
"email_verified": {"essential": True},
}
},
},
"endpoint": {
"provider_config": {
"path": "{}/.well-known/openid-configuration",
"class": ProviderConfiguration,
"kwargs": {},
},
"registration": {
"path": "{}/registration",
"class": Registration,
"kwargs": {},
},
"authorization": {
"path": "{}/authorization",
"class": Authorization,
"kwargs": {},
},
"token": {"path": "{}/token", "class": AccessToken, "kwargs": {}},
"userinfo": {
"path": "{}/userinfo",
"class": userinfo.UserInfo,
"kwargs": {"db_file": "users.json"},
},
},
"authentication": {
"anon": {
"acr": "http://www.swamid.se/policy/assurance/al1",
"class": "oidcendpoint.user_authn.user.NoAuthn",
"kwargs": {"user": "******"},
}
},
"userinfo": {"class": UserInfo, "kwargs": {"db": USERINFO_db}},
"template_dir": "template",
"cookie_dealer": {
"class": CookieDealer,
"kwargs": {
"sign_key": "ghsNKDDLshZTPn974nOsIGhedULrsqnsGoBFBLwUKuJhE2ch",
"default_values": {
"name": "oidcop",
"domain": "127.0.0.1",
"path": "/",
"max_age": 3600,
},
},
},
"login_hint2acrs": {
"class": LoginHint2Acrs,
"kwargs": {"scheme_map": {"email": [INTERNETPROTOCOLPASSWORD]}},
},
}
endpoint_context = EndpointContext(conf)
_clients = yaml.safe_load(io.StringIO(client_yaml))
endpoint_context.cdb = _clients["oidc_clients"]
endpoint_context.keyjar.import_jwks(
endpoint_context.keyjar.export_jwks(True, ""), conf["issuer"]
)
self.endpoint = Authorization(endpoint_context)
