def test_client_user_info_get(self): args = { "redirect_uris": [ "https://client.example.org/callback", "https://client.example.org/callback2" ], "client_name": "My Example Client", "client_name#ja-Jpan-JP": "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D", "token_endpoint_auth_method": "client_secret_basic", "scope": "read write dolphin", } request = RegistrationRequest(**args) resp = self.provider.registration_endpoint(request=request.to_json()) _resp = ClientInfoResponse().from_json(resp.message) resp = self.provider.client_info_endpoint( "GET", environ={ "HTTP_AUTHORIZATION": "Bearer %s" % (_resp["registration_access_token"], ) }, query="client_id=%s" % _resp["client_id"], request=request.to_json()) _resp_cir = ClientInfoResponse().from_json(resp.message) assert _resp == _resp_cir
def client_info(self, client_id): _cinfo = self.cdb[client_id].copy() try: _cinfo["redirect_uris"] = self._tuples_to_uris( _cinfo["redirect_uris"]) except KeyError: pass msg = ClientInfoResponse(**_cinfo) return Response(msg.to_json(), content="application/json")
def client_info(self, client_id): _cinfo = self.cdb[client_id].copy() if not valid_client_info(_cinfo): err = ErrorResponse(error="invalid_client", error_description="Invalid client secret") return BadRequest(err.to_json(), content="application/json") try: _cinfo["redirect_uris"] = self._tuples_to_uris( _cinfo["redirect_uris"]) except KeyError: pass msg = ClientInfoResponse(**_cinfo) return Response(msg.to_json(), content="application/json")
def handle_registration_info(self, response): if response.status_code in SUCCESSFUL: resp = ClientInfoResponse().deserialize(response.text, "json") self.store_response(resp, response.text) self.store_registration_info(resp) else: resp = ErrorResponse().deserialize(response.text, "json") try: resp.verify() self.store_response(resp, response.text) except Exception: raise PyoidcError('Registration failed: {}'.format( response.text)) return resp
def handle_registration_info(self, response): if response.status_code in SUCCESSFUL: resp = ClientInfoResponse().deserialize(response.text, "json") self.store_response(resp, response.text) self.store_registration_info(resp) else: resp = ErrorResponse().deserialize(response.text, "json") try: resp.verify() self.store_response(resp, response.text) except Exception: raise PyoidcError( 'Registration failed: {}'.format(response.text)) return resp
def client_info(self, client_id): _cinfo = self.cdb[client_id].copy() if not valid_client_info(_cinfo): err = ErrorResponse( error="invalid_client", error_description="Invalid client secret") return BadRequest(err.to_json(), content="application/json") try: _cinfo["redirect_uris"] = self._tuples_to_uris( _cinfo["redirect_uris"]) except KeyError: pass msg = ClientInfoResponse(**_cinfo) return Response(msg.to_json(), content="application/json")
def test_client_registration_with_software_statement(self): jwks, keyjar, kidd = build_keyjar(KEYS) fed_operator = 'https://fedop.example.org' self.provider.keyjar[fed_operator] = keyjar[''] ss = make_software_statement(keyjar, fed_operator, client_id='foxtrot') args = { "redirect_uris": [ "https://client.example.org/callback", "https://client.example.org/callback2" ], "client_name": "XYZ Service B", "token_endpoint_auth_method": "client_secret_basic", "scope": "read write dolphin", 'software_statement': ss } request = RegistrationRequest(**args) resp = self.provider.registration_endpoint(request=request.to_json(), environ={}) cli_resp = ClientInfoResponse().from_json(resp.message) assert cli_resp
def test_registration_endpoint(self): request = RegistrationRequest( client_name="myself", redirect_uris=["https://example.com/rp"], grant_type=['authorization_code', 'implicit']) resp = self.provider.registration_endpoint(request=request.to_json()) assert isinstance(resp, Response) data = json.loads(resp.message) assert data["client_name"] == "myself" assert _eq(data["redirect_uris"], ["https://example.com/rp"]) _resp = ClientInfoResponse().from_json(resp.message) assert "client_id" in _resp
def test_client_registration_delete(self): args = { "redirect_uris": [ "https://client.example.org/callback", "https://client.example.org/callback2", ], "client_name": "My Example Client", "client_name#ja-Jpan-JP": "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D", "token_endpoint_auth_method": "client_secret_basic", "scope": "read write dolphin", } request = RegistrationRequest(**args) resp = self.provider.registration_endpoint(request=request.to_json(), environ={}) _resp = ClientInfoResponse().from_json(resp.message) resp = self.provider.client_info_endpoint( request=request.to_json(), environ={ "HTTP_AUTHORIZATION": "Bearer %s" % (_resp["registration_access_token"], ) }, method="DELETE", query="client_id=%s" % _resp["client_id"], ) assert isinstance(resp, NoContent) # A read should fail resp = self.provider.client_info_endpoint( "", environ={ "HTTP_AUTHORIZATION": "Bearer %s" % (_resp["registration_access_token"], ) }, query="client_id=%s" % _resp["client_id"], ) assert isinstance(resp, Unauthorized)
def test_client_registration_utf_8_client_name(self): args = { "redirect_uris": [ "https://client.example.org/callback", "https://client.example.org/callback2" ], "client_name": "My Example Client", "client_name#ja-Jpan-JP": "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D", "token_endpoint_auth_method": "client_secret_basic", "scope": "read write dolphin", } request = RegistrationRequest(**args) resp = self.provider.registration_endpoint(request=request.to_json()) _resp = ClientInfoResponse().from_json(resp.message) assert _resp[ "client_name#ja-Jpan-JP"] == "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D" assert _resp["client_name"] == "My Example Client"
def create_client(self, **kwargs): """ Do an instantiation of a client instance. :param: Keyword arguments Keys are: srv_discovery_url client_info client_registration provider_info behaviour :return: client instance """ _key_set = set(list(kwargs.keys())) try: _verify_ssl = kwargs["verify_ssl"] except KeyError: _verify_ssl = self.verify_ssl else: _key_set.discard("verify_ssl") _client = self.client_cls( client_authn_method=CLIENT_AUTHN_METHOD, behaviour=kwargs["behaviour"], verify_ssl=_verify_ssl, ) # The behaviour parameter is not significant for the election process _key_set.discard("behaviour") for param in ["allow"]: try: setattr(_client, param, kwargs[param]) except KeyError: pass else: _key_set.discard(param) if _key_set == {"client_info", "srv_discovery_url"}: # Ship the webfinger part # Gather OP information _client.provider_config(kwargs["srv_discovery_url"]) # register the client _client.register( _client.provider_info["registration_endpoint"], **kwargs["client_info"] ) self.get_path( kwargs["client_info"]["redirect_uris"], kwargs["srv_discovery_url"] ) elif _key_set == {"provider_info", "client_info"}: _client.handle_provider_config( ASConfigurationResponse(**kwargs["provider_info"]), kwargs["provider_info"]["issuer"], ) _client.register( _client.provider_info["registration_endpoint"], **kwargs["client_info"] ) self.get_path( kwargs["client_info"]["redirect_uris"], kwargs["provider_info"]["issuer"], ) elif _key_set == {"provider_info", "client_registration"}: _client.handle_provider_config( ASConfigurationResponse(**kwargs["provider_info"]), kwargs["provider_info"]["issuer"], ) _client.store_registration_info( ClientInfoResponse(**kwargs["client_registration"]) ) self.get_path( kwargs["client_info"]["redirect_uris"], kwargs["provider_info"]["issuer"], ) elif _key_set == {"srv_discovery_url", "client_registration"}: _client.provider_config(kwargs["srv_discovery_url"]) _client.store_registration_info( ClientInfoResponse(**kwargs["client_registration"]) ) self.get_path( kwargs["client_registration"]["redirect_uris"], kwargs["srv_discovery_url"], ) else: raise Exception("Configuration error ?") return client
def run(self): if self.dynamic: self.catch_exception(self.conv.entity.register, **self.req_args) else: self.conv.entity.store_registration_info( ClientInfoResponse(**self.conf.INFO["registered"]))
def test_client_registration_update(self): args = { "redirect_uris": [ "https://client.example.org/callback", "https://client.example.org/callback2" ], "client_name": "My Example Client", "client_name#ja-Jpan-JP": "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D", "token_endpoint_auth_method": "client_secret_basic", "scope": "read write dolphin", } request = RegistrationRequest(**args) resp = self.provider.registration_endpoint(request=request.to_json(), environ={}) _resp = ClientInfoResponse().from_json(resp.message) update = { "client_id": _resp["client_id"], "client_secret": _resp["client_secret"], "redirect_uris": [ "https://client.example.org/callback", "https://client.example.org/alt" ], "scope": "read write dolphin", "grant_types": ["authorization_code", "refresh_token"], "token_endpoint_auth_method": "client_secret_basic", "jwks_uri": "https://client.example.org/my_public_keys.jwks", "client_name": "My New Example", "client_name#fr": "Mon Nouvel Exemple", } update_req = RegistrationRequest(**update) resp = self.provider.client_info_endpoint( request=update_req.to_json(), environ={ "HTTP_AUTHORIZATION": "Bearer %s" % (_resp["registration_access_token"], ) }, method="PUT", query="client_id=%s" % _resp["client_id"]) _resp_up = ClientInfoResponse().from_json(resp.message) assert _resp_up["client_id"] == update["client_id"] assert _resp_up["client_secret"] == update["client_secret"] assert _resp_up["redirect_uris"] == update["redirect_uris"] assert _resp_up["scope"] == update["scope"].split() assert _resp_up["grant_types"] == update["grant_types"] assert _resp_up["token_endpoint_auth_method"] == update[ "token_endpoint_auth_method"] assert _resp_up["jwks_uri"] == update["jwks_uri"] assert _resp_up["client_name"] == update["client_name"] assert _resp_up["client_name#fr"] == update["client_name#fr"]