def do_endpoint(endpoint, **kwargs):
try:
authn = cherrypy.request.headers['Authorization']
except KeyError:
pr_args = {}
else:
pr_args = {'auth': authn}
if endpoint.request_placement == 'body':
if cherrypy.request.process_request_body is True:
_request = cherrypy.request.body.read()
else:
raise cherrypy.HTTPError(400, 'Missing HTTP body')
if not _request:
_request = kwargs
try:
req_args = endpoint.parse_request(_request, **pr_args)
except Exception as err:
message = traceback.format_exception(*sys.exc_info())
logger.exception(message)
err_msg = ResponseMessage(error='invalid_request',
error_description=str(err))
raise cherrypy.HTTPError(400, err_msg.to_json())
else:
try:
req_args = endpoint.parse_request(kwargs, **pr_args)
except Exception as err:
message = traceback.format_exception(*sys.exc_info())
logger.exception(message)
err_msg = ResponseMessage(error='invalid_request',
error_description=str(err))
raise cherrypy.HTTPError(400, err_msg.to_json())
logger.info('request: {}'.format(req_args))
if isinstance(req_args, ResponseMessage) and 'error' in req_args:
return as_bytes(req_args.to_json())
try:
if cherrypy.request.cookie:
args = endpoint.process_request(req_args,
cookie=cherrypy.request.cookie)
else:
args = endpoint.process_request(req_args)
except Exception as err:
message = traceback.format_exception(*sys.exc_info())
logger.exception(message)
cherrypy.response.headers['Content-Type'] = 'text/html'
err_msg = ResponseMessage(error='invalid_request',
error_description=str(err))
raise cherrypy.HTTPError(400, err_msg.to_json())
if 'http_response' in args:
return as_bytes(args['http_response'])
return do_response(endpoint, req_args, **args)
def test_error_response_2(self):
err = ResponseMessage(error='Illegal')
http_resp = MockResponse(
400,
err.to_json(),
headers={'content-type': 'application/x-www-form-urlencoded'})
with pytest.raises(OidcServiceError):
self.client.parse_request_response(
self.client.service['authorization'], http_resp)
def do_response(self,
response_args=None,
request=None,
error="",
**kwargs):
"""
"""
do_placement = True
content_type = "text/html"
_resp = {}
_response_placement = None
if response_args is None:
response_args = {}
LOGGER.debug("do_response kwargs: %s", kwargs)
resp = None
if error:
_response = ResponseMessage(error=error)
try:
_response["error_description"] = kwargs["error_description"]
except KeyError:
pass
elif "response_msg" in kwargs:
resp = kwargs["response_msg"]
_response_placement = kwargs.get('response_placement')
do_placement = False
_response = ""
content_type = kwargs.get('content_type')
if content_type is None:
if self.response_format == "json":
content_type = "application/json"
elif self.request_format in ["jws", "jwe", "jose"]:
content_type = "application/jose"
else:
content_type = "application/x-www-form-urlencoded"
else:
_response = self.response_info(response_args, request, **kwargs)
if do_placement:
content_type = kwargs.get('content_type')
if content_type is None:
if self.response_placement == "body":
if self.response_format == "json":
content_type = "application/json"
resp = _response.to_json()
elif self.request_format in ["jws", "jwe", "jose"]:
content_type = "application/jose"
resp = _response
else:
content_type = "application/x-www-form-urlencoded"
resp = _response.to_urlencoded()
elif self.response_placement == "url":
# content_type = 'application/x-www-form-urlencoded'
content_type = ""
try:
fragment_enc = kwargs["fragment_enc"]
except KeyError:
_ret_type = kwargs.get("return_type")
if _ret_type:
fragment_enc = fragment_encoding(_ret_type)
else:
fragment_enc = False
if fragment_enc:
resp = _response.request(kwargs["return_uri"], True)
else:
resp = _response.request(kwargs["return_uri"])
else:
raise ValueError("Don't know where that is: '{}".format(
self.response_placement))
if content_type:
try:
http_headers = set_content_type(kwargs["http_headers"],
content_type)
except KeyError:
http_headers = [("Content-type", content_type)]
else:
try:
http_headers = kwargs["http_headers"]
except KeyError:
http_headers = []
if _response_placement:
_resp["response_placement"] = _response_placement
http_headers.extend(OAUTH2_NOCACHE_HEADERS)
_resp.update({"response": resp, "http_headers": http_headers})
try:
_resp["cookie"] = kwargs["cookie"]
except KeyError:
pass
return _resp
def service_endpoint(endpoint):
_log = current_app.logger
_log.info('At the "{}" endpoint'.format(endpoint.name))
if request.method == 'GET':
if request.args:
_req_args = request.args.to_dict()
else:
_req_args = {}
try:
req_args = endpoint.parse_request(_req_args)
except (InvalidClient, UnknownClient) as err:
_log.error(err)
return make_response(
json.dumps({
'error': 'unauthorized_client',
'error_description': str(err)
}), 400)
except Exception as err:
_log.error(err)
return make_response(
json.dumps({
'error': 'invalid_request',
'error_description': str(err)
}), 400)
else:
if request.data:
if isinstance(request.data, str):
req_args = request.data
else:
req_args = request.data.decode()
else:
req_args = dict([(k, v) for k, v in request.form.items()])
try:
req_args = endpoint.parse_request(req_args)
except Exception as err:
_log.error(err)
err_msg = ResponseMessage(error='invalid_request',
error_description=str(err))
return make_response(err_msg.to_json(), 400)
_log.info('request: {}'.format(req_args))
if isinstance(req_args, ResponseMessage) and 'error' in req_args:
return make_response(req_args.to_json(), 400)
try:
args = endpoint.process_request(req_args)
except Exception as err:
message = traceback.format_exception(*sys.exc_info())
_log.error(message)
err_msg = ResponseMessage(error='invalid_request',
error_description=str(err))
return make_response(err_msg.to_json(), 400)
_log.info('Response args: {}'.format(args))
if 'redirect_location' in args:
return redirect(args['redirect_location'])
if 'http_response' in args:
return make_response(args['http_response'], 200)
response = do_response(endpoint, req_args, **args)
return response
def do_response(self,
response_args: Optional[dict] = None,
request: Optional[Union[Message, dict]] = None,
error: Optional[str] = "",
**kwargs) -> dict:
"""
:param response_args: Information to use when constructing the response
:param request: The original request
:param error: Possible error encountered while processing the request
"""
do_placement = True
content_type = "text/html"
_resp = {}
_response_placement = None
if response_args is None:
response_args = {}
LOGGER.debug("do_response kwargs: %s", kwargs)
resp = None
if error:
_response = ResponseMessage(error=error)
try:
_response["error_description"] = kwargs["error_description"]
except KeyError:
pass
elif "response_msg" in kwargs:
resp = kwargs["response_msg"]
_response_placement = kwargs.get("response_placement")
do_placement = False
_response = ""
content_type = kwargs.get("content_type")
if content_type is None:
if self.response_format == "json":
content_type = "application/json"
elif self.response_format in ["jws", "jwe", "jose"]:
content_type = "application/jose"
else:
content_type = "application/x-www-form-urlencoded"
else:
_response = self.response_info(response_args, request, **kwargs)
if do_placement:
content_type = kwargs.get("content_type")
if content_type is None:
if self.response_placement == "body":
if self.response_format == "json":
content_type = "application/json; charset=utf-8"
resp = _response.to_json()
elif self.response_format in ["jws", "jwe", "jose"]:
content_type = "application/jose; charset=utf-8"
resp = _response
else:
content_type = "application/x-www-form-urlencoded"
resp = _response.to_urlencoded()
elif self.response_placement == "url":
content_type = "application/x-www-form-urlencoded"
fragment_enc = kwargs.get("fragment_enc")
if not fragment_enc:
_ret_type = kwargs.get("return_type")
if _ret_type:
fragment_enc = fragment_encoding(_ret_type)
else:
fragment_enc = False
if fragment_enc:
resp = _response.request(kwargs["return_uri"], True)
else:
resp = _response.request(kwargs["return_uri"])
else:
raise ValueError("Don't know where that is: '{}".format(
self.response_placement))
if content_type:
try:
http_headers = set_content_type(kwargs["http_headers"],
content_type)
except KeyError:
http_headers = [("Content-type", content_type)]
else:
try:
http_headers = kwargs["http_headers"]
except KeyError:
http_headers = []
if _response_placement:
_resp["response_placement"] = _response_placement
http_headers.extend(OAUTH2_NOCACHE_HEADERS)
_resp.update({"response": resp, "http_headers": http_headers})
try:
_resp["cookie"] = kwargs["cookie"]
except KeyError:
pass
return _resp
def service_endpoint(endpoint):
_log = current_app.logger
_log.info('At the "{}" endpoint'.format(endpoint.name))
http_info = {
"headers": {
k: v
for k, v in request.headers.items(lower=True) if k not in IGNORE
},
"method": request.method,
"url": request.url,
# name is not unique
"cookie": [{
"name": k,
"value": v
} for k, v in request.cookies.items()]
}
if request.method == 'GET':
try:
req_args = endpoint.parse_request(request.args.to_dict(),
http_info=http_info)
except (InvalidClient, UnknownClient) as err:
_log.error(err)
return make_response(
json.dumps({
'error': 'unauthorized_client',
'error_description': str(err)
}), 400)
except Exception as err:
_log.error(err)
return make_response(
json.dumps({
'error': 'invalid_request',
'error_description': str(err)
}), 400)
else:
if request.data:
if isinstance(request.data, str):
req_args = request.data
else:
req_args = request.data.decode()
else:
req_args = dict([(k, v) for k, v in request.form.items()])
try:
req_args = endpoint.parse_request(req_args, http_info=http_info)
except Exception as err:
_log.error(err)
err_msg = ResponseMessage(error='invalid_request',
error_description=str(err))
return make_response(err_msg.to_json(), 400)
_log.info('request: {}'.format(req_args))
if isinstance(req_args, ResponseMessage) and 'error' in req_args:
return make_response(req_args.to_json(), 400)
try:
if isinstance(endpoint, Token):
args = endpoint.process_request(AccessTokenRequest(**req_args),
http_info=http_info)
else:
args = endpoint.process_request(req_args, http_info=http_info)
except Exception as err:
message = traceback.format_exception(*sys.exc_info())
_log.error(message)
err_msg = ResponseMessage(error='invalid_request',
error_description=str(err))
return make_response(err_msg.to_json(), 400)
_log.info('Response args: {}'.format(args))
if 'redirect_location' in args:
return redirect(args['redirect_location'])
if 'http_response' in args:
return make_response(args['http_response'], 200)
response = do_response(endpoint, req_args, **args)
return response
def service_endpoint(endpoint):
_log = current_app.srv_config.logger
_log.info('At the "{}" endpoint'.format(endpoint.endpoint_name))
try:
authn = request.headers['Authorization']
except KeyError:
pr_args = {}
else:
pr_args = {'auth': authn}
if request.method == 'GET':
try:
req_args = endpoint.parse_request(request.args.to_dict(),
**pr_args)
except (InvalidClient, UnknownClient) as err:
_log.error(err)
return make_response(
json.dumps({
'error': 'unauthorized_client',
'error_description': str(err)
}), 400)
except Exception as err:
_log.error(err)
return make_response(
json.dumps({
'error': 'invalid_request',
'error_description': str(err)
}), 400)
else:
if request.data:
if isinstance(request.data, str):
req_args = request.data
else:
req_args = request.data.decode()
else:
req_args = dict([(k, v) for k, v in request.form.items()])
try:
req_args = endpoint.parse_request(req_args, **pr_args)
except Exception as err:
_log.error(err)
err_msg = ResponseMessage(error='invalid_request',
error_description=str(err))
return make_response(err_msg.to_json(), 400)
_log.info('request: {}'.format(req_args))
if isinstance(req_args, ResponseMessage) and 'error' in req_args:
return make_response(req_args.to_json(), 400)
try:
if request.cookies:
_log.debug(request.cookies)
kwargs = {'cookie': request.cookies}
else:
kwargs = {}
if isinstance(endpoint, AccessToken):
args = endpoint.process_request(AccessTokenRequest(**req_args),
**kwargs)
else:
args = endpoint.process_request(req_args, **kwargs)
except Exception as err:
message = traceback.format_exception(*sys.exc_info())
_log.error(message)
err_msg = ResponseMessage(error='invalid_request',
error_description=str(err))
return make_response(err_msg.to_json(), 400)
_log.info('Response args: {}'.format(args))
if 'redirect_location' in args:
return redirect(args['redirect_location'])
if 'http_response' in args:
return make_response(args['http_response'], 200)
return do_response(endpoint, req_args, **args)
def do_response(self,
response_args=None,
request=None,
error='',
**kwargs):
do_placement = True
content_type = 'text/html'
_resp = {}
if response_args is None:
response_args = {}
if error:
_response = ResponseMessage(error=error)
try:
_response['error_description'] = kwargs['error_description']
except KeyError:
pass
elif 'response_msg' in kwargs:
resp = kwargs['response_msg']
do_placement = False
_response = ''
_resp['response_placement'] = 'body'
else:
_response = self.response_info(response_args, request, **kwargs)
resp = None
if do_placement:
if self.response_placement == 'body':
if self.response_format == 'json':
content_type = 'application/json'
resp = _response.to_json()
elif self.request_format in ['jws', 'jwe', 'jose']:
content_type = 'application/jose'
resp = _response
else:
content_type = 'application/x-www-form-urlencoded'
resp = _response.to_urlencoded()
elif self.response_placement == 'url':
# content_type = 'application/x-www-form-urlencoded'
content_type = ''
try:
fragment_enc = kwargs['fragment_enc']
except KeyError:
fragment_enc = fragment_encoding(kwargs['return_type'])
if fragment_enc:
resp = _response.request(kwargs['return_uri'], True)
else:
resp = _response.request(kwargs['return_uri'])
else:
raise ValueError("Don't know where that is: '{}".format(
self.response_placement))
if content_type:
try:
http_headers = set_content_type(kwargs['http_headers'],
content_type)
except KeyError:
http_headers = [('Content-type', content_type)]
else:
try:
http_headers = kwargs['http_headers']
except KeyError:
http_headers = []
http_headers.extend(OAUTH2_NOCACHE_HEADERS)
_resp.update({'response': resp, 'http_headers': http_headers})
try:
_resp['cookie'] = kwargs['cookie']
except KeyError:
pass
return _resp
