# ============================== 3 =========================================== # The client does a first attempt at getting information from the RS # but without a RPT it only gets information about where the AS is and a ticket. # >>> RqP-->C: OOB Provision protected resource location # >>> C->RS: UMA3.1.1 Attempt GET /linda?attr=sn&attr=givenName res_set = ressrv.rs_handler.query2permission_registration_request_primer( "GET", "linda", "attr=sn&attr=givenName") pre_rpp = [(ressrv.rs_handler.rsd_map[lid]['_id'], [scope]) for lid, scope in res_set] REQUESTOR = RESOURCE_OWNER # ----------------------------------------------------------------------------- # set permissions such that the request below succeeds owner = safe_name(RESOURCE_OWNER, ressrv.client.client_id) for rsid, scopes in pre_rpp: authzsrv.permit.set_permit(owner, REQUESTOR, rsid, scopes) # ----------------------------------------------------------------------------- # The client does a first attempt at getting information from the RS # (not shown here) but without a RPT it only gets information about where # the AS is. # The RS on the other hand registers the necessary permission at the AS # >>> RS->AS: UMA3.2.1 POST requested permission with “read” # at permission registration endpoint prrs = [] for rsid, scopes in pre_rpp: prrs.append(PermissionRegistrationRequest(resource_set_id=rsid,
# The client does a first attempt at getting information from the RS # but without a RPT it only gets information about where the AS is and a ticket. # The RS on its side registers the necessary permission at the AS # Assume a HTTP GET with the path+query = linda?attr=sn&attr=givenName res_set = ressrv.rs_handler.query2permission_registration_request_primer( "GET", "linda", "attr=sn&attr=givenName") pre_rpp = [(ressrv.rs_handler.rsd_map[lid]['_id'], [scope]) for lid, scope in res_set] REQUESTOR = RESOURCE_OWNER # ----------------------------------------------------------------------------- # set permissions such that the request below succeeds owner = safe_name(RESOURCE_OWNER, ressrv.client.client_id) for rsid, scopes in pre_rpp: authzsrv.permit.set_permit(owner, REQUESTOR, rsid, scopes) # ----------------------------------------------------------------------------- # The client does a first attempt at getting information from the RS # (not shown here) but without a RPT it only gets information about where # the AS is. # The RS on the other hand registers the necessary permission at the AS prrs = [] for rsid, scopes in pre_rpp: prrs.append( PermissionRegistrationRequest(resource_set_id=rsid, scopes=scopes).to_dict())
def test_2(): owner = DB_NAME client_id = "http://xenosmilus2.umdc.umu.se:8089/foo" collection = safe_name("%s:%s" % (owner, client_id)) authz_db = AuthzDB(AuthzDescription, "uma_idm", collection) authz_db.restart(collection)