def runOneTest(self):
csess = self.csess_fact()
msg = Message.fromOpenIDArgs(csess.getRequest())
ssess = self.ssess_fact.fromMessage(msg)
check_secret = csess.extractSecret(
Message.fromOpenIDArgs(ssess.answer(self.secret)))
self.failUnlessEqual(self.secret, check_secret)
def runOneTest(self):
csess = self.csess_fact()
msg = Message.fromOpenIDArgs(csess.getRequest())
ssess = self.ssess_fact.fromMessage(msg)
check_secret = csess.extractSecret(
Message.fromOpenIDArgs(ssess.answer(self.secret)))
self.assertEqual(self.secret, check_secret)
def test(self):
for csess_fact, ssess_fact in self.session_factories:
for secret in self.secrets:
csess = csess_fact()
msg = Message.fromOpenIDArgs(csess.getRequest())
ssess = ssess_fact.fromMessage(msg)
check_secret = csess.extractSecret(
Message.fromOpenIDArgs(ssess.answer(secret)))
self.assertEqual(secret, check_secret)
def test(self):
for csess_fact, ssess_fact in self.session_factories:
for secret in self.secrets:
csess = csess_fact()
msg = Message.fromOpenIDArgs(csess.getRequest())
ssess = ssess_fact.fromMessage(msg)
check_secret = csess.extractSecret(
Message.fromOpenIDArgs(ssess.answer(secret)))
self.assertEqual(secret, check_secret)
def test_tamperedNonce(self):
"""Malformed nonce"""
self.response = Message.fromOpenIDArgs(
{'ns':OPENID2_NS,
'response_nonce':'malformed'})
self.failUnlessRaises(ProtocolError, self.consumer._idResCheckNonce,
self.response, self.endpoint)
def test_fromSuccessResponseWithData(self):
name = 'ext0'
value = 'snozzberry'
uri = "http://willy.wonka.name/"
args = {
'mode': 'id_res',
'ns': OPENID2_NS,
'ns.ax': ax.AXMessage.ns_uri,
'ax.update_url': 'http://example.com/realm/update_path',
'ax.mode': 'fetch_response',
'ax.type.' + name: uri,
'ax.count.' + name: '1',
'ax.value.%s.1' % name: value,
}
sf = ['openid.' + i for i in list(args.keys())]
msg = Message.fromOpenIDArgs(args)
class Endpoint:
claimed_id = 'http://invalid.'
resp = SuccessResponse(Endpoint(), msg, signed_fields=sf)
ax_resp = ax.FetchResponse.fromSuccessResponse(resp)
values = ax_resp.get(uri)
# coming through the system they'll be bytes-ified...
self.assertEqual([value], values)
def test_openID1_sregNSfromArgs(self):
args = {"sreg.optional": "nickname", "sreg.required": "dob"}
m = Message.fromOpenIDArgs(args)
self.assertTrue(m.getArg(sreg.ns_uri_1_1, "optional") == "nickname")
self.assertTrue(m.getArg(sreg.ns_uri_1_1, "required") == "dob")
def test_implicit_sreg_ns(self):
openid_args = {'sreg.email': '*****@*****.**'}
m = Message.fromOpenIDArgs(openid_args)
self.assertEqual(m.namespaces.getAlias(sreg.ns_uri), 'sreg')
self.assertEqual(m.getArg(sreg.ns_uri, 'email'), '*****@*****.**')
self.assertEqual(m.toArgs(), openid_args)
self.assertTrue(m.isOpenID1())
def test_mysterious_missing_namespace_bug(self):
"""A failing test for bug #112"""
openid_args = {
'assoc_handle': '{{HMAC-SHA256}{1211477242.29743}{v5cadg==}',
'claimed_id': 'http://nerdbank.org/OPAffirmative/AffirmativeIdentityWithSregNoAssoc.aspx',
'ns.sreg': 'http://openid.net/extensions/sreg/1.1',
'response_nonce': '2008-05-22T17:27:22ZUoW5.\\NV',
'signed': 'return_to,identity,claimed_id,op_endpoint,response_nonce,ns.sreg,sreg.email,sreg.nickname,'
'assoc_handle',
'sig': 'e3eGZ10+TNRZitgq5kQlk5KmTKzFaCRI8OrRoXyoFa4=',
'mode': 'check_authentication',
'op_endpoint': 'http://nerdbank.org/OPAffirmative/ProviderNoAssoc.aspx',
'sreg.nickname': 'Andy',
'return_to': 'http://localhost.localdomain:8001/process?janrain_nonce=2008-05-22T17%3A27%3A21ZnxHULd',
'invalidate_handle': '{{HMAC-SHA1}{1211477241.92242}{H0akXw==}',
'identity': 'http://nerdbank.org/OPAffirmative/AffirmativeIdentityWithSregNoAssoc.aspx',
'sreg.email': '*****@*****.**'}
m = Message.fromOpenIDArgs(openid_args)
self.assertEqual(m.namespaces.getAlias('http://openid.net/extensions/sreg/1.1'), 'sreg')
missing = []
for k in openid_args['signed'].split(','):
if not ("openid." + k) in m.toPostArgs().keys():
missing.append(k)
self.assertEqual(missing, [])
self.assertEqual(m.toArgs(), openid_args)
self.assertTrue(m.isOpenID1())
def test_fromSuccessResponseWithData(self):
name = 'ext0'
value = 'snozzberry'
uri = "http://willy.wonka.name/"
args = {
'mode': 'id_res',
'ns': OPENID2_NS,
'ns.ax': ax.AXMessage.ns_uri,
'ax.update_url': 'http://example.com/realm/update_path',
'ax.mode': 'fetch_response',
'ax.type.' + name: uri,
'ax.count.' + name: '1',
'ax.value.%s.1' % name: value,
}
sf = ['openid.' + i for i in list(args.keys())]
msg = Message.fromOpenIDArgs(args)
class Endpoint:
claimed_id = 'http://invalid.'
resp = SuccessResponse(Endpoint(), msg, signed_fields=sf)
ax_resp = ax.FetchResponse.fromSuccessResponse(resp)
values = ax_resp.get(uri)
# coming through the system they'll be bytes-ified...
self.assertEqual([value], values)
def setUp(self):
BaseAssocTest.setUp(self)
self.session_type = 'testing-session'
# This must something that works for Association.fromExpiresIn
self.assoc_type = 'HMAC-SHA1'
self.assoc_handle = 'testing-assoc-handle'
# These arguments should all be valid
self.assoc_response = Message.fromOpenIDArgs({
'expires_in':
'1000',
'assoc_handle':
self.assoc_handle,
'assoc_type':
self.assoc_type,
'session_type':
self.session_type,
'ns':
OPENID2_NS,
})
self.assoc_session = DummyAssociationSession()
# Make the session for the response's session type
self.assoc_session.session_type = self.session_type
self.assoc_session.allowed_assoc_types = [self.assoc_type]
def test_newerAssoc(self):
lifetime = 1000
good_issued = time.time() - 10
good_handle = 'handle'
good_assoc = association.Association(
good_handle, 'secret', good_issued, lifetime, 'HMAC-SHA1')
self.store.storeAssociation(self.server_url, good_assoc)
bad_issued = time.time() - 5
bad_handle = 'handle2'
bad_assoc = association.Association(
bad_handle, 'secret', bad_issued, lifetime, 'HMAC-SHA1')
self.store.storeAssociation(self.server_url, bad_assoc)
query = {
'return_to':self.return_to,
'identity':self.server_id,
'assoc_handle':good_handle,
}
message = Message.fromOpenIDArgs(query)
message = good_assoc.signMessage(message)
self.disableReturnToChecking()
info = self.consumer._doIdRes(message, self.endpoint, None)
self.failUnlessEqual(info.status, SUCCESS, info.message)
self.failUnlessEqual(self.consumer_id, info.identity_url)
def setUp(self):
BaseAssocTest.setUp(self)
self.session_type = "testing-session"
# This must something that works for Association.fromExpiresIn
self.assoc_type = "HMAC-SHA1"
self.assoc_handle = "testing-assoc-handle"
# These arguments should all be valid
self.assoc_response = Message.fromOpenIDArgs(
{
"expires_in": "1000",
"assoc_handle": self.assoc_handle,
"assoc_type": self.assoc_type,
"session_type": self.session_type,
"ns": OPENID2_NS,
}
)
self.assoc_session = DummyAssociationSession()
# Make the session for the response's session type
self.assoc_session.session_type = self.session_type
self.assoc_session.allowed_assoc_types = [self.assoc_type]
def test_fromSuccessResponse(self):
openid_req_msg = Message.fromOpenIDArgs({
'mode':
'id_res',
'ns':
OPENID2_NS,
'ns.pape':
pape.ns_uri,
'pape.auth_policies':
' '.join([pape.AUTH_MULTI_FACTOR, pape.AUTH_PHISHING_RESISTANT]),
'pape.auth_time':
'1970-01-01T00:00:00Z'
})
signed_stuff = {
'auth_policies':
' '.join([pape.AUTH_MULTI_FACTOR, pape.AUTH_PHISHING_RESISTANT]),
'auth_time':
'1970-01-01T00:00:00Z'
}
oid_req = DummySuccessResponse(openid_req_msg, signed_stuff)
req = pape.Response.fromSuccessResponse(oid_req)
self.assertEqual(
req.auth_policies,
[pape.AUTH_MULTI_FACTOR, pape.AUTH_PHISHING_RESISTANT])
self.assertEqual(req.auth_time, '1970-01-01T00:00:00Z')
def test_fromSuccessResponse_signed(self):
message = Message.fromOpenIDArgs({
'sreg.nickname':'The Mad Stork',
})
success_resp = DummySuccessResponse(message, {})
sreg_resp = sreg.SRegResponse.fromSuccessResponse(success_resp)
self.failIf(sreg_resp)
def setUp(self):
self.store = GoodAssocStore()
self.consumer = GenericConsumer(self.store)
self.server_url = "http://idp.unittest/"
CatchLogs.setUp(self)
claimed_id = 'bogus.claimed'
self.message = Message.fromOpenIDArgs(
{'mode': 'id_res',
'return_to': 'return_to (just anything)',
'identity': claimed_id,
'assoc_handle': 'does not matter',
'sig': GOODSIG,
'response_nonce': mkNonce(),
'signed': 'identity,return_to,response_nonce,assoc_handle,claimed_id,op_endpoint',
'claimed_id': claimed_id,
'op_endpoint': self.server_url,
'ns':OPENID2_NS,
})
self.endpoint = OpenIDServiceEndpoint()
self.endpoint.server_url = self.server_url
self.endpoint.claimed_id = claimed_id
self.consumer._checkReturnTo = lambda unused1, unused2 : True
def test_openid1Success(self):
"""use consumer-generated nonce"""
nonce_value = mkNonce()
self.return_to = 'http://rt.unittest/?nonce=%s' % (nonce_value,)
self.response = Message.fromOpenIDArgs({'return_to': self.return_to})
self.response.setArg(BARE_NS, 'nonce', nonce_value)
self.consumer._idResCheckNonce(self.response, self.endpoint)
self.failUnlessLogEmpty()
def test_fromSuccessResponse_unsigned(self):
message = Message.fromOpenIDArgs({
'sreg.nickname': 'The Mad Stork',
})
success_resp = DummySuccessResponse(message, {})
sreg_resp = sreg.SRegResponse.fromSuccessResponse(success_resp,
signed_only=False)
self.assertEqual(list(sreg_resp.items()), [('nickname', 'The Mad Stork')])
def test_noSetupNeededOpenID1(self):
"""When the user_setup_url is missing on an OpenID 1 message,
we assume that it's not a cancel response to checkid_immediate"""
message = Message.fromOpenIDArgs({'mode': 'id_res'})
self.failUnless(message.isOpenID1())
# No SetupNeededError raised
self.consumer._checkSetupNeeded(message)
def test_consumerNonceOpenID2(self):
"""OpenID 2 does not use consumer-generated nonce"""
self.return_to = 'http://rt.unittest/?nonce=%s' % (mkNonce(),)
self.response = Message.fromOpenIDArgs(
{'return_to': self.return_to, 'ns':OPENID2_NS})
self.failUnlessRaises(ProtocolError, self.consumer._idResCheckNonce,
self.response, self.endpoint)
self.failUnlessLogEmpty()
def test_openidNoRealm(self):
openid_req_msg = Message.fromOpenIDArgs({
'mode': 'checkid_setup',
'ns': OPENID2_NS,
'ns.ax': ax.AXMessage.ns_uri,
'ax.update_url': 'http://different.site/path',
'ax.mode': 'fetch_request',
})
self.assertRaises(ax.AXError, ax.FetchRequest.fromOpenIDRequest, DummyRequest(openid_req_msg))
def test_setupNeededOpenID2(self):
message = Message.fromOpenIDArgs({
'mode':'setup_needed',
'ns':OPENID2_NS,
})
self.failUnless(message.isOpenID2())
response = self.consumer.complete(message, None, None)
self.failUnlessEqual('setup_needed', response.status)
self.failUnlessEqual(None, response.setup_url)
def test_serverNonceOpenID1(self):
"""OpenID 1 does not use server-generated nonce"""
self.response = Message.fromOpenIDArgs(
{'ns':OPENID1_NS,
'return_to': 'http://return.to/',
'response_nonce': mkNonce(),})
self.failUnlessRaises(ProtocolError, self.consumer._idResCheckNonce,
self.response, self.endpoint)
self.failUnlessLogEmpty()
def test_fromOpenIDRequestWithoutExtension(self):
"""return None for an OpenIDRequest without AX paramaters."""
openid_req_msg = Message.fromOpenIDArgs({
'mode': 'checkid_setup',
'ns': OPENID2_NS,
})
oreq = DummyRequest(openid_req_msg)
r = ax.FetchRequest.fromOpenIDRequest(oreq)
self.assertIsNone(r)
def mkAssocResponse(*keys):
"""Build an association response message that contains the
specified subset of keys. The values come from
`association_response_values`.
This is useful for testing for missing keys and other times that
we don't care what the values are."""
args = dict([(key, association_response_values[key]) for key in keys])
return Message.fromOpenIDArgs(args)
def test_fromSuccessResponse_unsigned(self):
message = Message.fromOpenIDArgs({
'sreg.nickname':'The Mad Stork',
})
success_resp = DummySuccessResponse(message, {})
sreg_resp = sreg.SRegResponse.fromSuccessResponse(success_resp,
signed_only=False)
self.failUnlessEqual([('nickname', 'The Mad Stork')],
sreg_resp.items())
def test_successWithNoStore(self):
"""When there is no store, checking the nonce succeeds"""
self.consumer.store = None
self.response = Message.fromOpenIDArgs(
{'response_nonce': mkNonce(),
'ns':OPENID2_NS,
})
self.consumer._idResCheckNonce(self.response, self.endpoint)
self.failUnlessLogEmpty()
def mkAssocResponse(*keys):
"""Build an association response message that contains the
specified subset of keys. The values come from
`association_response_values`.
This is useful for testing for missing keys and other times that
we don't care what the values are."""
args = dict([(key, association_response_values[key]) for key in keys])
return Message.fromOpenIDArgs(args)
def test_fromOpenIDRequestWithoutExtension(self):
"""return None for an OpenIDRequest without AX paramaters."""
openid_req_msg = Message.fromOpenIDArgs({
'mode': 'checkid_setup',
'ns': OPENID2_NS,
})
oreq = DummyRequest(openid_req_msg)
r = ax.FetchRequest.fromOpenIDRequest(oreq)
self.assertIsNone(r)
def test_openID1_sregNSfromArgs(self):
args = {
'sreg.optional': 'nickname',
'sreg.required': 'dob',
}
m = Message.fromOpenIDArgs(args)
self.failUnless(m.getArg(sreg.ns_uri_1_1, 'optional') == 'nickname')
self.failUnless(m.getArg(sreg.ns_uri_1_1, 'required') == 'dob')
def test_openidNoRealm(self):
openid_req_msg = Message.fromOpenIDArgs({
'mode': 'checkid_setup',
'ns': OPENID2_NS,
'ns.ax': ax.AXMessage.ns_uri,
'ax.update_url': 'http://different.site/path',
'ax.mode': 'fetch_request',
})
self.assertRaises(ax.AXError, ax.FetchRequest.fromOpenIDRequest,
DummyRequest(openid_req_msg))
def test_noSetupNeededOpenID2(self):
message = Message.fromOpenIDArgs({
'mode':'id_res',
'game':'puerto_rico',
'ns':OPENID2_NS,
})
self.failUnless(message.isOpenID2())
# No SetupNeededError raised
self.consumer._checkSetupNeeded(message)
def test_invalidateMissing(self):
"""invalidate_handle with a handle that is not present"""
response = Message.fromOpenIDArgs({
'is_valid':'true',
'invalidate_handle':'missing',
})
r = self.consumer._processCheckAuthResponse(response, self.server_url)
self.failUnless(r)
self.failUnlessLogMatches(
'Received "invalidate_handle"'
)
def test_openidUpdateURLVerificationSuccessReturnTo(self):
openid_req_msg = Message.fromOpenIDArgs({
'mode': 'checkid_setup',
'ns': OPENID2_NS,
'return_to': 'http://example.com/realm',
'ns.ax': ax.AXMessage.ns_uri,
'ax.update_url': 'http://example.com/realm/update_path',
'ax.mode': 'fetch_request',
})
ax.FetchRequest.fromOpenIDRequest(DummyRequest(openid_req_msg))
def test_openidUpdateURLVerificationSuccessReturnTo(self):
openid_req_msg = Message.fromOpenIDArgs({
'mode': 'checkid_setup',
'ns': OPENID2_NS,
'return_to': 'http://example.com/realm',
'ns.ax': ax.AXMessage.ns_uri,
'ax.update_url': 'http://example.com/realm/update_path',
'ax.mode': 'fetch_request',
})
ax.FetchRequest.fromOpenIDRequest(DummyRequest(openid_req_msg))
def test_setupNeededDoesntWorkForOpenID1(self):
message = Message.fromOpenIDArgs({
'mode':'setup_needed',
})
# No SetupNeededError raised
self.consumer._checkSetupNeeded(message)
response = self.consumer.complete(message, None, None)
self.failUnlessEqual('failure', response.status)
self.failUnless(response.message.startswith('Invalid openid.mode'))
def test_fromSuccessResponseWithoutExtension(self):
"""return None for SuccessResponse with no AX paramaters."""
args = {
'mode': 'id_res',
'ns': OPENID2_NS,
}
sf = ['openid.' + i for i in list(args.keys())]
msg = Message.fromOpenIDArgs(args)
oreq = Response(msg, signed_fields=sf)
r = ax.FetchResponse.fromSuccessResponse(oreq)
self.assertTrue(r is None, "%s is not None" % (r,))
def test_openidUpdateURLVerificationError(self):
openid_req_msg = Message.fromOpenIDArgs({
'mode': 'checkid_setup',
'ns': OPENID2_NS,
'realm': 'http://example.com/realm',
'ns.ax': ax.AXMessage.ns_uri,
'ax.update_url': 'http://different.site/path',
'ax.mode': 'fetch_request',
})
self.failUnlessRaises(ax.AXError, ax.FetchRequest.fromOpenIDRequest,
DummyRequest(openid_req_msg))
def test_fromOpenIDRequestWithoutData(self):
"""return something for SuccessResponse with AX paramaters,
even if it is the empty set."""
openid_req_msg = Message.fromOpenIDArgs({
'mode': 'checkid_setup',
'realm': 'http://example.com/realm',
'ns': OPENID2_NS,
'ns.ax': ax.AXMessage.ns_uri,
'ax.mode': 'fetch_request',
})
oreq = DummyRequest(openid_req_msg)
r = ax.FetchRequest.fromOpenIDRequest(oreq)
self.assertIsNotNone(r)
def _setUpDH(self):
sess, message = self.consumer._createAssociateRequest(self.endpoint, "HMAC-SHA1", "DH-SHA1")
# XXX: this is testing _createAssociateRequest
self.failUnlessEqual(self.endpoint.compatibilityMode(), message.isOpenID1())
server_sess = DiffieHellmanSHA1ServerSession.fromMessage(message)
server_resp = server_sess.answer(self.secret)
server_resp["assoc_type"] = "HMAC-SHA1"
server_resp["assoc_handle"] = "handle"
server_resp["expires_in"] = "1000"
server_resp["session_type"] = "DH-SHA1"
return sess, Message.fromOpenIDArgs(server_resp)
def test_setupNeededIdRes(self):
message = Message.fromOpenIDArgs({'mode': 'id_res'})
setup_url_sentinel = object()
def raiseSetupNeeded(msg):
self.failUnless(msg is message)
raise SetupNeededError(setup_url_sentinel)
self.consumer._checkSetupNeeded = raiseSetupNeeded
response = self.consumer.complete(message, None, None)
self.failUnlessEqual(SETUP_NEEDED, response.status)
self.failUnless(setup_url_sentinel is response.setup_url)
def test_fromOpenIDRequest(self):
policy_uris = [pape.AUTH_MULTI_FACTOR, pape.AUTH_PHISHING_RESISTANT]
openid_req_msg = Message.fromOpenIDArgs({
'mode': 'checkid_setup',
'ns': OPENID2_NS,
'ns.pape': pape.ns_uri,
'pape.preferred_auth_policies': ' '.join(policy_uris),
'pape.max_auth_age': '5476'
})
oid_req = server.OpenIDRequest()
oid_req.message = openid_req_msg
req = pape.Request.fromOpenIDRequest(oid_req)
self.assertEqual(req.preferred_auth_policies, policy_uris)
self.assertEqual(req.max_auth_age, 5476)
def _setUpDH(self):
sess, message = self.consumer._createAssociateRequest(
self.endpoint, 'HMAC-SHA1', 'DH-SHA1')
# XXX: this is testing _createAssociateRequest
self.assertEqual(self.endpoint.compatibilityMode(),
message.isOpenID1())
server_sess = DiffieHellmanSHA1ServerSession.fromMessage(message)
server_resp = server_sess.answer(self.secret)
server_resp['assoc_type'] = 'HMAC-SHA1'
server_resp['assoc_handle'] = 'handle'
server_resp['expires_in'] = '1000'
server_resp['session_type'] = 'DH-SHA1'
return sess, Message.fromOpenIDArgs(server_resp)
def test_fromSuccessResponseWithoutExtension(self):
"""return None for SuccessResponse with no AX paramaters."""
args = {
'mode': 'id_res',
'ns': OPENID2_NS,
}
sf = ['openid.' + i for i in args.keys()]
msg = Message.fromOpenIDArgs(args)
class Endpoint:
claimed_id = 'http://invalid.'
oreq = SuccessResponse(Endpoint(), msg, signed_fields=sf)
r = ax.FetchResponse.fromSuccessResponse(oreq)
self.assertIsNone(r)
def _doTest(self, expected_session_type, session_type_value):
# Create a Message with just 'session_type' in it, since
# that's all this function will use. 'session_type' may be
# absent if it's set to None.
args = {}
if session_type_value is not None:
args['session_type'] = session_type_value
message = Message.fromOpenIDArgs(args)
self.assertTrue(message.isOpenID1())
actual_session_type = self.consumer._getOpenID1SessionType(message)
error_message = (
'Returned sesion type parameter %r was expected '
'to yield session type %r, but yielded %r' %
(session_type_value, expected_session_type, actual_session_type))
self.assertEqual(expected_session_type, actual_session_type,
error_message)
def test_fromSuccessResponseWithoutData(self):
"""return something for SuccessResponse with AX paramaters,
even if it is the empty set."""
args = {
'mode': 'id_res',
'ns': OPENID2_NS,
'ns.ax': ax.AXMessage.ns_uri,
'ax.mode': 'fetch_response',
}
sf = ['openid.' + i for i in args.keys()]
msg = Message.fromOpenIDArgs(args)
class Endpoint:
claimed_id = 'http://invalid.'
oreq = SuccessResponse(Endpoint(), msg, signed_fields=sf)
r = ax.FetchResponse.fromSuccessResponse(oreq)
self.assertIsNotNone(r)
def test_fromSuccessResponseNoSignedArgs(self):
policy_uris = [pape.AUTH_MULTI_FACTOR, pape.AUTH_PHISHING_RESISTANT]
openid_req_msg = Message.fromOpenIDArgs({
'mode': 'id_res',
'ns': OPENID2_NS,
'ns.pape': pape.ns_uri,
'pape.auth_policies': ' '.join(policy_uris),
'pape.auth_time': '1970-01-01T00:00:00Z'
})
signed_stuff = {}
class NoSigningDummyResponse(DummySuccessResponse):
def getSignedNS(self, ns_uri):
return None
oid_req = NoSigningDummyResponse(openid_req_msg, signed_stuff)
resp = pape.Response.fromSuccessResponse(oid_req)
self.assertIsNone(resp)
def setUp(self):
BaseAssocTest.setUp(self)
self.session_type = 'testing-session'
# This must something that works for Association.fromExpiresIn
self.assoc_type = 'HMAC-SHA1'
self.assoc_handle = 'testing-assoc-handle'
# These arguments should all be valid
self.assoc_response = Message.fromOpenIDArgs({
'expires_in': '1000',
'assoc_handle': self.assoc_handle,
'assoc_type': self.assoc_type,
'session_type': self.session_type,
'ns': OPENID2_NS,
})
self.assoc_session = DummyAssociationSession()
# Make the session for the response's session type
self.assoc_session.session_type = self.session_type
self.assoc_session.allowed_assoc_types = [self.assoc_type]
