def frontend(self, frontend_config):
# will use in-memory storage
instance = OpenIDConnectFrontend(lambda ctx, req: None,
INTERNAL_ATTRIBUTES, frontend_config,
BASE_URL, "oidc_frontend")
instance.register_endpoints(["foo_backend"])
return instance
def test_token_endpoint_issues_refresh_tokens_if_configured(
self, context, frontend_config, authn_req):
frontend_config["provider"][
"refresh_token_lifetime"] = 60 * 60 * 24 * 365
frontend = OpenIDConnectFrontend(lambda ctx, req: None,
INTERNAL_ATTRIBUTES, frontend_config,
BASE_URL, "oidc_frontend")
frontend.register_endpoints(["test_backend"])
user_id = "test_user"
self.insert_client_in_client_db(frontend, authn_req["redirect_uri"])
self.insert_user_in_user_db(frontend, user_id)
authn_req["response_type"] = "code"
authn_resp = frontend.provider.authorize(authn_req, user_id)
context.request = AccessTokenRequest(
redirect_uri=authn_req["redirect_uri"],
code=authn_resp["code"]).to_dict()
credentials = "{}:{}".format(CLIENT_ID, CLIENT_SECRET)
basic_auth = urlsafe_b64encode(
credentials.encode("utf-8")).decode("utf-8")
context.request_authorization = "Basic {}".format(basic_auth)
response = frontend.token_endpoint(context)
parsed = AccessTokenResponse().deserialize(response.message, "json")
assert parsed["refresh_token"]
def frontend(self, frontend_config):
# will use in-memory storage
instance = OpenIDConnectFrontend(
lambda ctx, req: None, INTERNAL_ATTRIBUTES, frontend_config, BASE_URL, "oidc_frontend"
)
instance.register_endpoints(["foo_backend"])
return instance
def create_frontend_with_extra_scopes(self, frontend_config_with_extra_scopes):
# will use in-memory storage
internal_attributes_with_extra_scopes = copy.deepcopy(INTERNAL_ATTRIBUTES)
internal_attributes_with_extra_scopes["attributes"].update(EXTRA_CLAIMS)
instance = OpenIDConnectFrontend(
lambda ctx, req: None,
internal_attributes_with_extra_scopes,
frontend_config_with_extra_scopes,
BASE_URL,
"oidc_frontend_with_extra_scopes",
)
instance.register_endpoints(["foo_backend"])
return instance
def test_token_endpoint_issues_refresh_tokens_if_configured(self, context, frontend_config, authn_req):
frontend_config["provider"]["refresh_token_lifetime"] = 60 * 60 * 24 * 365
frontend = OpenIDConnectFrontend(lambda ctx, req: None, INTERNAL_ATTRIBUTES,
frontend_config, BASE_URL, "oidc_frontend")
frontend.register_endpoints(["test_backend"])
user_id = "test_user"
self.insert_client_in_client_db(frontend, authn_req["redirect_uri"])
self.insert_user_in_user_db(frontend, user_id)
authn_req["response_type"] = "code"
authn_resp = frontend.provider.authorize(authn_req, user_id)
context.request = AccessTokenRequest(redirect_uri=authn_req["redirect_uri"], code=authn_resp["code"]).to_dict()
credentials = "{}:{}".format(CLIENT_ID, CLIENT_SECRET)
basic_auth = urlsafe_b64encode(credentials.encode("utf-8")).decode("utf-8")
context.request_authorization = "Basic {}".format(basic_auth)
response = frontend.token_endpoint(context)
parsed = AccessTokenResponse().deserialize(response.message, "json")
assert parsed["refresh_token"]
