def create_new_client(self, request): """ :param request: The Client registration request :return: The client_id """ _cinfo = request.to_dict() # create new id and secret _id = rndstr(12) while _id in self.cdb: _id = rndstr(12) _cinfo["client_id"] = _id _cinfo["client_secret"] = secret(self.seed, _id) _cinfo["client_id_issued_at"] = utc_time_sans_frac() _cinfo["client_secret_expires_at"] = utc_time_sans_frac() + \ self.secret_lifetime # If I support client info endpoint if ClientInfoEndpoint in self.endp: _cinfo["registration_access_token"] = rndstr(32) _cinfo["registration_client_uri"] = "%s%s?client_id=%s" % ( self.client_info_url, ClientInfoEndpoint.etype, _id) if "redirect_uris" in request: _cinfo["redirect_uris"] = self._uris_to_tuples( request["redirect_uris"]) self.cdb[_id] = _cinfo return _id
def create(self, redirect_uris=None, policy_uri="", logo_uri=""): if redirect_uris is None: print 'Enter redirect_uris one at the time, end with a blank line: ' redirect_uris = [] while True: redirect_uri = raw_input('?: ') if redirect_uri: redirect_uris.append(redirect_uri) else: break if not policy_uri: policy_uri = raw_input("Enter policy_uri or just return: ") if not logo_uri: logo_uri = raw_input("Enter logo_uri or just return: ") client_id = rndstr(12) while client_id in self.cdb: client_id = rndstr(12) client_secret = secret(self.seed, client_id) info = { "client_secret": client_secret, "client_id": client_id, "redirect_uris": pack_redirect_uri(redirect_uris), } if policy_uri: info["policy_uri"] = policy_uri if logo_uri: info["logo_uri"] = logo_uri self.cdb[client_id] = info return self.cdb[client_id]
def create(self, redirect_uris=None, policy_uri="", logo_uri=""): if redirect_uris is None: print 'Enter redirect_uris one at the time, end with a blank line: ' redirect_uris = [] while True: redirect_uri = raw_input('?: ') if redirect_uri: redirect_uris.append(redirect_uri) else: break if not policy_uri: policy_uri = raw_input("Enter policy_uri or just return: ") if not logo_uri: logo_uri = raw_input("Enter logo_uri or just return: ") client_id = rndstr(12) while client_id in self.cdb: client_id = rndstr(12) client_secret = secret(self.seed, client_id) self.cdb[client_id] = { "client_secret": client_secret, "client_id": client_id, "redirect_uris": pack_redirect_uri(redirect_uris), "policy_uri": policy_uri, "logo_uri": logo_uri, } return self.cdb[client_id]
def update_registered_data(self, sws_id, sws_message, unpacked_request): client_id = unpacked_request["client_id"] if client_id not in self.cdb: client_secret = secret(self.seed, client_id) _rat = rndstr(32) reg_enp = "" for endp in self.endp: if endp == RegistrationEndpoint: reg_enp = "%s%s" % (self.baseurl, endp.etype) break self.cdb[client_id] = { "client_id": client_id, "client_secret": client_secret, "registration_access_token": _rat, "registration_client_uri": "%s?client_id=%s" % (reg_enp, client_id), "client_secret_expires_at": utc_time_sans_frac() + 86400, "client_id_issued_at": utc_time_sans_frac()} self.cdb[_rat] = client_id #TODO Why should this be ignored "redirect_uris", "policy_uri", "logo_uri", "tos_uri",? _cinfo = self.do_client_registration(sws_message.to_dict(), client_id, ignore=["redirect_uris", "policy_uri", "logo_uri", "tos_uri", "client_id", "client_secret", "registration_access_token", "registration_client_uri", "client_secret_expires_at", "client_id_issued_at", "software_statement"]) if isinstance(_cinfo, Response): return _cinfo cinfo = self.cdb[client_id] args = dict([(k, v) for k, v in _cinfo.items() if k in RegistrationRequest.c_param]) for key, value in iteritems(args): cinfo[key] = value # Update cache cinfo[SWS_CACHE_KEY] = sws_id self.cdb[client_id] = cinfo try: self.cdb.sync() except AttributeError: # Not all databases can be sync'ed pass
def create_new_client(self, request, restrictions): """ Create new client based on request and restrictions. :param request: The Client registration request :param restrictions: Restrictions on the client :return: The client_id """ _cinfo = request.to_dict() self.match_client_request(_cinfo) # create new id and secret _id = rndstr(12) while _id in self.cdb: _id = rndstr(12) _cinfo["client_id"] = _id _cinfo["client_secret"] = secret(self.seed, _id) _cinfo["client_id_issued_at"] = utc_time_sans_frac() _cinfo["client_secret_expires_at"] = utc_time_sans_frac( ) + self.secret_lifetime # If I support client info endpoint if ClientInfoEndpoint in self.endp: _cinfo["registration_access_token"] = rndstr(32) _cinfo["registration_client_uri"] = "%s%s%s?client_id=%s" % ( self.name, self.client_info_url, ClientInfoEndpoint.etype, _id, ) if "redirect_uris" in request: _cinfo["redirect_uris"] = self._uris_to_tuples( request["redirect_uris"]) self.load_keys(request, _id, _cinfo["client_secret"]) try: _behav = self.behavior["client_registration"] except KeyError: pass else: self.verify_correct(_cinfo, _behav) self.set_token_policy(_id, _cinfo) self.cdb[_id] = _cinfo return _id
def create_new_client(self, request, restrictions): """ :param request: The Client registration request :param restrictions: Restrictions on the client :return: The client_id """ _cinfo = request.to_dict() self.match_client_request(_cinfo) # create new id and secret _id = rndstr(12) while _id in self.cdb: _id = rndstr(12) _cinfo["client_id"] = _id _cinfo["client_secret"] = secret(self.seed, _id) _cinfo["client_id_issued_at"] = utc_time_sans_frac() _cinfo["client_secret_expires_at"] = utc_time_sans_frac() + \ self.secret_lifetime # If I support client info endpoint if ClientInfoEndpoint in self.endp: _cinfo["registration_access_token"] = rndstr(32) _cinfo["registration_client_uri"] = "%s%s%s?client_id=%s" % ( self.name, self.client_info_url, ClientInfoEndpoint.etype, _id) if "redirect_uris" in request: _cinfo["redirect_uris"] = self._uris_to_tuples( request["redirect_uris"]) self.load_keys(request, _id, _cinfo["client_secret"]) try: _behav = self.behavior['client_registration'] except KeyError: pass else: self.verify_correct(_cinfo, _behav) self.set_token_policy(_id, _cinfo) self.cdb[_id] = _cinfo return _id
def create(self, redirect_uris=None, policy_uri="", logo_uri="", jwks_uri="", **kwargs): if redirect_uris is None: print( 'Enter redirect_uris one at the time, end with a blank line: ') redirect_uris = [] while True: redirect_uri = input('?: ') if redirect_uri: redirect_uris.append(redirect_uri) else: break if not policy_uri: policy_uri = input("Enter policy_uri or just return: ") if not logo_uri: logo_uri = input("Enter logo_uri or just return: ") client_id = rndstr(12) while client_id in self.cdb.keys(): client_id = rndstr(12) client_secret = secret(self.seed, client_id) info = { "client_secret": client_secret, "client_id": client_id, "client_salt": rndstr(8), "redirect_uris": pack_redirect_uri(redirect_uris), } if policy_uri: info["policy_uri"] = policy_uri if logo_uri: info["logo_uri"] = logo_uri if jwks_uri: info['jwks_uri'] = jwks_uri self.cdb[client_id] = info return self.cdb[client_id]
_info = json.loads(args.new) # MUST contain redirect_uris assert 'redirect_uris' in _info _info['redirect_uris'] = [ splitquery(uri) for uri in _info['redirect_uris'] ] new = { "client_id_issued_at": utc_time_sans_frac(), "client_salt": rndstr(8) } try: client_id = _info['client_id'] except KeyError: client_id = rndstr(12) while client_id in cdb: client_id = rndstr(12) new['client_id'] = client_id try: client_secret = _info['client_secret'] except KeyError: seed = as_bytes(rndstr()) client_secret = secret(seed, as_bytes(client_id)) new['client_secret'] = client_secret _info.update(new) cdb[client_id] = _info
def l_registration_endpoint(self, request, authn=None, **kwargs): _log_debug = logger.debug _log_info = logger.info _log_debug("@registration_endpoint") request = RegistrationRequest().deserialize(request, "json") _log_info("registration_request:%s" % request.to_dict()) resp_keys = list(request.keys()) try: request.verify() except MessageException as err: if "type" not in request: return self._error(error="invalid_type", descr="%s" % err) else: return self._error(error="invalid_configuration_parameter", descr="%s" % err) _keyjar = self.server.keyjar # create new id och secret client_id = rndstr(12) while client_id in self.cdb: client_id = rndstr(12) client_secret = secret(self.seed, client_id) _rat = rndstr(32) reg_enp = "" for endp in self.endpoints: if isinstance(endp, DynamicClientEndpoint): reg_enp = "%s%s" % (self.baseurl, endp.etype) self.cdb[client_id] = { "client_id": client_id, "client_secret": client_secret, "registration_access_token": _rat, "registration_client_uri": "%s?client_id=%s" % (reg_enp, client_id), "client_secret_expires_at": utc_time_sans_frac() + 86400, "client_id_issued_at": utc_time_sans_frac()} self.cdb[_rat] = client_id _cinfo = self.do_client_registration(request, client_id, ignore=["redirect_uris", "policy_url", "logo_url"]) if isinstance(_cinfo, Response): return _cinfo args = dict([(k, v) for k, v in list(_cinfo.items()) if k in RegistrationResponse.c_param]) self.comb_redirect_uris(args) response = RegistrationResponse(**args) self.keyjar.load_keys(request, client_id) # Add the key to the keyjar if client_secret: _kc = KeyBundle([{"kty": "oct", "key": client_secret, "use": "ver"}, {"kty": "oct", "key": client_secret, "use": "sig"}]) try: _keyjar[client_id].append(_kc) except KeyError: _keyjar[client_id] = [_kc] self.cdb[client_id] = _cinfo _log_info("Client info: %s" % _cinfo) logger.debug("registration_response: %s" % response.to_dict()) return Response(response.to_json(), content="application/json", headers=[("Cache-Control", "no-store")])
def l_registration_endpoint(self, request, authn=None, **kwargs): _log_debug = logger.debug _log_info = logger.info _log_debug("@registration_endpoint") request = RegistrationRequest().deserialize(request, "json") _log_info("registration_request:%s" % request.to_dict()) resp_keys = list(request.keys()) try: request.verify() except MessageException as err: if "type" not in request: return self._error(error="invalid_type", descr="%s" % err) else: return self._error(error="invalid_configuration_parameter", descr="%s" % err) _keyjar = self.server.keyjar # create new id och secret client_id = rndstr(12) while client_id in self.cdb: client_id = rndstr(12) client_secret = secret(self.seed, client_id) _rat = rndstr(32) reg_enp = "" for endp in self.endpoints: if isinstance(endp, DynamicClientEndpoint): reg_enp = "%s%s" % (self.baseurl, endp.etype) self.cdb[client_id] = { "client_id": client_id, "client_secret": client_secret, "registration_access_token": _rat, "registration_client_uri": "%s?client_id=%s" % (reg_enp, client_id), "client_secret_expires_at": utc_time_sans_frac() + 86400, "client_id_issued_at": utc_time_sans_frac() } self.cdb[_rat] = client_id _cinfo = self.do_client_registration( request, client_id, ignore=["redirect_uris", "policy_url", "logo_url"]) if isinstance(_cinfo, Response): return _cinfo args = dict([(k, v) for k, v in list(_cinfo.items()) if k in RegistrationResponse.c_param]) self.comb_redirect_uris(args) response = RegistrationResponse(**args) self.keyjar.load_keys(request, client_id) # Add the key to the keyjar if client_secret: _kc = KeyBundle([{ "kty": "oct", "key": client_secret, "use": "ver" }, { "kty": "oct", "key": client_secret, "use": "sig" }]) try: _keyjar[client_id].append(_kc) except KeyError: _keyjar[client_id] = [_kc] self.cdb[client_id] = _cinfo _log_info("Client info: %s" % _cinfo) logger.debug("registration_response: %s" % response.to_dict()) return Response(response.to_json(), content="application/json", headers=[("Cache-Control", "no-store")])