def create_new_client(self, request):
"""
:param request: The Client registration request
:return: The client_id
"""
_cinfo = request.to_dict()
# create new id and secret
_id = rndstr(12)
while _id in self.cdb:
_id = rndstr(12)
_cinfo["client_id"] = _id
_cinfo["client_secret"] = secret(self.seed, _id)
_cinfo["client_id_issued_at"] = utc_time_sans_frac()
_cinfo["client_secret_expires_at"] = utc_time_sans_frac() + \
self.secret_lifetime
# If I support client info endpoint
if ClientInfoEndpoint in self.endp:
_cinfo["registration_access_token"] = rndstr(32)
_cinfo["registration_client_uri"] = "%s%s?client_id=%s" % (
self.client_info_url, ClientInfoEndpoint.etype, _id)
if "redirect_uris" in request:
_cinfo["redirect_uris"] = self._uris_to_tuples(
request["redirect_uris"])
self.cdb[_id] = _cinfo
return _id
def create_new_client(self, request):
"""
:param request: The Client registration request
:return: The client_id
"""
_cinfo = request.to_dict()
# create new id and secret
_id = rndstr(12)
while _id in self.cdb:
_id = rndstr(12)
_cinfo["client_id"] = _id
_cinfo["client_secret"] = secret(self.seed, _id)
_cinfo["client_id_issued_at"] = utc_time_sans_frac()
_cinfo["client_secret_expires_at"] = utc_time_sans_frac() + \
self.secret_lifetime
# If I support client info endpoint
if ClientInfoEndpoint in self.endp:
_cinfo["registration_access_token"] = rndstr(32)
_cinfo["registration_client_uri"] = "%s%s?client_id=%s" % (
self.client_info_url, ClientInfoEndpoint.etype, _id)
if "redirect_uris" in request:
_cinfo["redirect_uris"] = self._uris_to_tuples(
request["redirect_uris"])
self.cdb[_id] = _cinfo
return _id
def create(self, redirect_uris=None, policy_uri="", logo_uri=""):
if redirect_uris is None:
print 'Enter redirect_uris one at the time, end with a blank line: '
redirect_uris = []
while True:
redirect_uri = raw_input('?: ')
if redirect_uri:
redirect_uris.append(redirect_uri)
else:
break
if not policy_uri:
policy_uri = raw_input("Enter policy_uri or just return: ")
if not logo_uri:
logo_uri = raw_input("Enter logo_uri or just return: ")
client_id = rndstr(12)
while client_id in self.cdb:
client_id = rndstr(12)
client_secret = secret(self.seed, client_id)
info = {
"client_secret": client_secret,
"client_id": client_id,
"redirect_uris": pack_redirect_uri(redirect_uris),
}
if policy_uri:
info["policy_uri"] = policy_uri
if logo_uri:
info["logo_uri"] = logo_uri
self.cdb[client_id] = info
return self.cdb[client_id]
def create(self, redirect_uris=None, policy_uri="", logo_uri=""):
if redirect_uris is None:
print 'Enter redirect_uris one at the time, end with a blank line: '
redirect_uris = []
while True:
redirect_uri = raw_input('?: ')
if redirect_uri:
redirect_uris.append(redirect_uri)
else:
break
if not policy_uri:
policy_uri = raw_input("Enter policy_uri or just return: ")
if not logo_uri:
logo_uri = raw_input("Enter logo_uri or just return: ")
client_id = rndstr(12)
while client_id in self.cdb:
client_id = rndstr(12)
client_secret = secret(self.seed, client_id)
self.cdb[client_id] = {
"client_secret": client_secret,
"client_id": client_id,
"redirect_uris": pack_redirect_uri(redirect_uris),
"policy_uri": policy_uri,
"logo_uri": logo_uri,
}
return self.cdb[client_id]
def update_registered_data(self, sws_id, sws_message, unpacked_request):
client_id = unpacked_request["client_id"]
if client_id not in self.cdb:
client_secret = secret(self.seed, client_id)
_rat = rndstr(32)
reg_enp = ""
for endp in self.endp:
if endp == RegistrationEndpoint:
reg_enp = "%s%s" % (self.baseurl, endp.etype)
break
self.cdb[client_id] = {
"client_id": client_id,
"client_secret": client_secret,
"registration_access_token": _rat,
"registration_client_uri": "%s?client_id=%s" % (reg_enp, client_id),
"client_secret_expires_at": utc_time_sans_frac() + 86400,
"client_id_issued_at": utc_time_sans_frac()}
self.cdb[_rat] = client_id
#TODO Why should this be ignored "redirect_uris", "policy_uri", "logo_uri", "tos_uri",?
_cinfo = self.do_client_registration(sws_message.to_dict(),
client_id,
ignore=["redirect_uris",
"policy_uri",
"logo_uri",
"tos_uri",
"client_id",
"client_secret",
"registration_access_token",
"registration_client_uri",
"client_secret_expires_at",
"client_id_issued_at",
"software_statement"])
if isinstance(_cinfo, Response):
return _cinfo
cinfo = self.cdb[client_id]
args = dict([(k, v) for k, v in _cinfo.items()
if k in RegistrationRequest.c_param])
for key, value in iteritems(args):
cinfo[key] = value
# Update cache
cinfo[SWS_CACHE_KEY] = sws_id
self.cdb[client_id] = cinfo
try:
self.cdb.sync()
except AttributeError: # Not all databases can be sync'ed
pass
def create_new_client(self, request, restrictions):
"""
Create new client based on request and restrictions.
:param request: The Client registration request
:param restrictions: Restrictions on the client
:return: The client_id
"""
_cinfo = request.to_dict()
self.match_client_request(_cinfo)
# create new id and secret
_id = rndstr(12)
while _id in self.cdb:
_id = rndstr(12)
_cinfo["client_id"] = _id
_cinfo["client_secret"] = secret(self.seed, _id)
_cinfo["client_id_issued_at"] = utc_time_sans_frac()
_cinfo["client_secret_expires_at"] = utc_time_sans_frac(
) + self.secret_lifetime
# If I support client info endpoint
if ClientInfoEndpoint in self.endp:
_cinfo["registration_access_token"] = rndstr(32)
_cinfo["registration_client_uri"] = "%s%s%s?client_id=%s" % (
self.name,
self.client_info_url,
ClientInfoEndpoint.etype,
_id,
)
if "redirect_uris" in request:
_cinfo["redirect_uris"] = self._uris_to_tuples(
request["redirect_uris"])
self.load_keys(request, _id, _cinfo["client_secret"])
try:
_behav = self.behavior["client_registration"]
except KeyError:
pass
else:
self.verify_correct(_cinfo, _behav)
self.set_token_policy(_id, _cinfo)
self.cdb[_id] = _cinfo
return _id
def create_new_client(self, request, restrictions):
"""
:param request: The Client registration request
:param restrictions: Restrictions on the client
:return: The client_id
"""
_cinfo = request.to_dict()
self.match_client_request(_cinfo)
# create new id and secret
_id = rndstr(12)
while _id in self.cdb:
_id = rndstr(12)
_cinfo["client_id"] = _id
_cinfo["client_secret"] = secret(self.seed, _id)
_cinfo["client_id_issued_at"] = utc_time_sans_frac()
_cinfo["client_secret_expires_at"] = utc_time_sans_frac() + \
self.secret_lifetime
# If I support client info endpoint
if ClientInfoEndpoint in self.endp:
_cinfo["registration_access_token"] = rndstr(32)
_cinfo["registration_client_uri"] = "%s%s%s?client_id=%s" % (
self.name, self.client_info_url, ClientInfoEndpoint.etype,
_id)
if "redirect_uris" in request:
_cinfo["redirect_uris"] = self._uris_to_tuples(
request["redirect_uris"])
self.load_keys(request, _id, _cinfo["client_secret"])
try:
_behav = self.behavior['client_registration']
except KeyError:
pass
else:
self.verify_correct(_cinfo, _behav)
self.set_token_policy(_id, _cinfo)
self.cdb[_id] = _cinfo
return _id
def create(self,
redirect_uris=None,
policy_uri="",
logo_uri="",
jwks_uri="",
**kwargs):
if redirect_uris is None:
print(
'Enter redirect_uris one at the time, end with a blank line: ')
redirect_uris = []
while True:
redirect_uri = input('?: ')
if redirect_uri:
redirect_uris.append(redirect_uri)
else:
break
if not policy_uri:
policy_uri = input("Enter policy_uri or just return: ")
if not logo_uri:
logo_uri = input("Enter logo_uri or just return: ")
client_id = rndstr(12)
while client_id in self.cdb.keys():
client_id = rndstr(12)
client_secret = secret(self.seed, client_id)
info = {
"client_secret": client_secret,
"client_id": client_id,
"client_salt": rndstr(8),
"redirect_uris": pack_redirect_uri(redirect_uris),
}
if policy_uri:
info["policy_uri"] = policy_uri
if logo_uri:
info["logo_uri"] = logo_uri
if jwks_uri:
info['jwks_uri'] = jwks_uri
self.cdb[client_id] = info
return self.cdb[client_id]
_info = json.loads(args.new)
# MUST contain redirect_uris
assert 'redirect_uris' in _info
_info['redirect_uris'] = [
splitquery(uri) for uri in _info['redirect_uris']
]
new = {
"client_id_issued_at": utc_time_sans_frac(),
"client_salt": rndstr(8)
}
try:
client_id = _info['client_id']
except KeyError:
client_id = rndstr(12)
while client_id in cdb:
client_id = rndstr(12)
new['client_id'] = client_id
try:
client_secret = _info['client_secret']
except KeyError:
seed = as_bytes(rndstr())
client_secret = secret(seed, as_bytes(client_id))
new['client_secret'] = client_secret
_info.update(new)
cdb[client_id] = _info
def l_registration_endpoint(self, request, authn=None, **kwargs):
_log_debug = logger.debug
_log_info = logger.info
_log_debug("@registration_endpoint")
request = RegistrationRequest().deserialize(request, "json")
_log_info("registration_request:%s" % request.to_dict())
resp_keys = list(request.keys())
try:
request.verify()
except MessageException as err:
if "type" not in request:
return self._error(error="invalid_type",
descr="%s" % err)
else:
return self._error(error="invalid_configuration_parameter",
descr="%s" % err)
_keyjar = self.server.keyjar
# create new id och secret
client_id = rndstr(12)
while client_id in self.cdb:
client_id = rndstr(12)
client_secret = secret(self.seed, client_id)
_rat = rndstr(32)
reg_enp = ""
for endp in self.endpoints:
if isinstance(endp, DynamicClientEndpoint):
reg_enp = "%s%s" % (self.baseurl, endp.etype)
self.cdb[client_id] = {
"client_id": client_id,
"client_secret": client_secret,
"registration_access_token": _rat,
"registration_client_uri": "%s?client_id=%s" % (reg_enp, client_id),
"client_secret_expires_at": utc_time_sans_frac() + 86400,
"client_id_issued_at": utc_time_sans_frac()}
self.cdb[_rat] = client_id
_cinfo = self.do_client_registration(request, client_id,
ignore=["redirect_uris",
"policy_url",
"logo_url"])
if isinstance(_cinfo, Response):
return _cinfo
args = dict([(k, v) for k, v in list(_cinfo.items())
if k in RegistrationResponse.c_param])
self.comb_redirect_uris(args)
response = RegistrationResponse(**args)
self.keyjar.load_keys(request, client_id)
# Add the key to the keyjar
if client_secret:
_kc = KeyBundle([{"kty": "oct", "key": client_secret,
"use": "ver"},
{"kty": "oct", "key": client_secret,
"use": "sig"}])
try:
_keyjar[client_id].append(_kc)
except KeyError:
_keyjar[client_id] = [_kc]
self.cdb[client_id] = _cinfo
_log_info("Client info: %s" % _cinfo)
logger.debug("registration_response: %s" % response.to_dict())
return Response(response.to_json(), content="application/json",
headers=[("Cache-Control", "no-store")])
def l_registration_endpoint(self, request, authn=None, **kwargs):
_log_debug = logger.debug
_log_info = logger.info
_log_debug("@registration_endpoint")
request = RegistrationRequest().deserialize(request, "json")
_log_info("registration_request:%s" % request.to_dict())
resp_keys = list(request.keys())
try:
request.verify()
except MessageException as err:
if "type" not in request:
return self._error(error="invalid_type", descr="%s" % err)
else:
return self._error(error="invalid_configuration_parameter",
descr="%s" % err)
_keyjar = self.server.keyjar
# create new id och secret
client_id = rndstr(12)
while client_id in self.cdb:
client_id = rndstr(12)
client_secret = secret(self.seed, client_id)
_rat = rndstr(32)
reg_enp = ""
for endp in self.endpoints:
if isinstance(endp, DynamicClientEndpoint):
reg_enp = "%s%s" % (self.baseurl, endp.etype)
self.cdb[client_id] = {
"client_id": client_id,
"client_secret": client_secret,
"registration_access_token": _rat,
"registration_client_uri":
"%s?client_id=%s" % (reg_enp, client_id),
"client_secret_expires_at": utc_time_sans_frac() + 86400,
"client_id_issued_at": utc_time_sans_frac()
}
self.cdb[_rat] = client_id
_cinfo = self.do_client_registration(
request,
client_id,
ignore=["redirect_uris", "policy_url", "logo_url"])
if isinstance(_cinfo, Response):
return _cinfo
args = dict([(k, v) for k, v in list(_cinfo.items())
if k in RegistrationResponse.c_param])
self.comb_redirect_uris(args)
response = RegistrationResponse(**args)
self.keyjar.load_keys(request, client_id)
# Add the key to the keyjar
if client_secret:
_kc = KeyBundle([{
"kty": "oct",
"key": client_secret,
"use": "ver"
}, {
"kty": "oct",
"key": client_secret,
"use": "sig"
}])
try:
_keyjar[client_id].append(_kc)
except KeyError:
_keyjar[client_id] = [_kc]
self.cdb[client_id] = _cinfo
_log_info("Client info: %s" % _cinfo)
logger.debug("registration_response: %s" % response.to_dict())
return Response(response.to_json(),
content="application/json",
headers=[("Cache-Control", "no-store")])
