def test_to_urlencoded_extended_omit(self):
atr = AccessTokenResponse(
access_token="2YotnFZFEjr1zCsicMWpAA",
token_type="example",
expires_in=3600,
refresh_token="tGzv3JOkF0XG5Qx2TlKWIA",
example_parameter="example_value",
scope=["inner", "outer"],
extra=["local", "external"],
level=3)
uec = atr.to_urlencoded()
assert query_string_compare(uec,
"scope=inner+outer&level=3&expires_in=3600&token_type=example&extra=local&extra=external&refresh_token=tGzv3JOkF0XG5Qx2TlKWIA&access_token=2YotnFZFEjr1zCsicMWpAA&example_parameter=example_value")
del atr["extra"]
ouec = atr.to_urlencoded()
assert query_string_compare(ouec,
"access_token=2YotnFZFEjr1zCsicMWpAA&refresh_token=tGzv3JOkF0XG5Qx2TlKWIA&level=3&example_parameter=example_value&token_type=example&expires_in=3600&scope=inner+outer")
assert len(uec) == (len(ouec) + len("extra=local") +
len("extra=external") + 2)
atr2 = AccessTokenResponse().deserialize(uec, "urlencoded")
assert _eq(atr2.keys(), ['access_token', 'expires_in', 'token_type',
'scope', 'refresh_token', 'level',
'example_parameter', 'extra'])
atr3 = AccessTokenResponse().deserialize(ouec, "urlencoded")
assert _eq(atr3.keys(), ['access_token', 'expires_in', 'token_type',
'scope', 'refresh_token', 'level',
'example_parameter'])
def test_to_urlencoded_extended_omit(self):
atr = AccessTokenResponse(
access_token="2YotnFZFEjr1zCsicMWpAA",
token_type="example",
expires_in=3600,
refresh_token="tGzv3JOkF0XG5Qx2TlKWIA",
example_parameter="example_value",
scope=["inner", "outer"],
extra=["local", "external"],
level=3)
uec = atr.to_urlencoded()
assert query_string_compare(uec,
"scope=inner+outer&level=3&expires_in=3600&token_type=example&extra=local&extra=external&refresh_token=tGzv3JOkF0XG5Qx2TlKWIA&access_token=2YotnFZFEjr1zCsicMWpAA&example_parameter=example_value")
del atr["extra"]
ouec = atr.to_urlencoded()
assert query_string_compare(ouec,
"access_token=2YotnFZFEjr1zCsicMWpAA&refresh_token=tGzv3JOkF0XG5Qx2TlKWIA&level=3&example_parameter=example_value&token_type=example&expires_in=3600&scope=inner+outer")
assert len(uec) == (len(ouec) + len("extra=local") +
len("extra=external") + 2)
atr2 = AccessTokenResponse().deserialize(uec, "urlencoded")
assert _eq(atr2.keys(), ['access_token', 'expires_in', 'token_type',
'scope', 'refresh_token', 'level',
'example_parameter', 'extra'])
atr3 = AccessTokenResponse().deserialize(ouec, "urlencoded")
assert _eq(atr3.keys(), ['access_token', 'expires_in', 'token_type',
'scope', 'refresh_token', 'level',
'example_parameter'])
def test_urlencoded_with_scope(self):
ar = AuthorizationRequest(response_type=["code"], client_id="foobar",
redirect_uri="http://foobar.example.com/oaclient",
scope=["foo", "bar"], state="cold")
ue = ar.to_urlencoded()
assert query_string_compare(ue,
"scope=foo+bar&state=cold&redirect_uri=http%3A%2F%2Ffoobar.example.com%2Foaclient&response_type=code&client_id=foobar")
def test_urlencoded_with_scope(self):
ar = AuthorizationRequest(response_type=["code"], client_id="foobar",
redirect_uri="http://foobar.example.com/oaclient",
scope=["foo", "bar"], state="cold")
ue = ar.to_urlencoded()
assert query_string_compare(ue,
"scope=foo+bar&state=cold&redirect_uri=http%3A%2F%2Ffoobar.example.com%2Foaclient&response_type=code&client_id=foobar")
def test_urlencoded_resp_type_token(self):
ar = AuthorizationRequest(response_type=["token"],
client_id="s6BhdRkqt3",
redirect_uri="https://client.example.com/cb",
state="xyz")
ue = ar.to_urlencoded()
assert query_string_compare(ue,
"state=xyz&redirect_uri=https%3A%2F%2Fclient.example.com%2Fcb&response_type=token&client_id=s6BhdRkqt3")
def test_urlencoded_resp_type_token(self):
ar = AuthorizationRequest(response_type=["token"],
client_id="s6BhdRkqt3",
redirect_uri="https://client.example.com/cb",
state="xyz")
ue = ar.to_urlencoded()
assert query_string_compare(ue,
"state=xyz&redirect_uri=https%3A%2F%2Fclient.example.com%2Fcb&response_type=token&client_id=s6BhdRkqt3")
def test_request_info(self):
request_args = {"sub": "norah", "claims_names": ["gender", "birthdate"]}
uri, body, headers, ucr = self.cc.request_info(UserClaimsRequest,
method="POST",
request_args=request_args)
assert uri == "https://example.com/claims"
assert query_string_compare(body,
"claims_names=gender+birthdate&sub=norah&client_id=client_1&client_secret=hemlig")
def test_verify(self, srv):
form = create_return_form_env("user", "hemligt", "query=foo")
authn = UsernamePasswordMako(srv, "login.mako", tl, PASSWD,
"authorization_endpoint")
response, success = authn.verify(parse_qs(form))
assert query_string_compare(response.message.split("?")[1],
"query=foo&upm_answer=true")
headers = dict(response.headers)
assert headers["Set-Cookie"].startswith('xyzxyz=')
def test_verify(self, srv):
form = create_return_form_env("user", "hemligt", "query=foo")
authn = UsernamePasswordMako(srv, "login.mako", tl, PASSWD,
"authorization_endpoint")
response, success = authn.verify(parse_qs(form))
assert query_string_compare(
response.message.split("?")[1], "query=foo&upm_answer=true")
headers = dict(response.headers)
assert headers["Set-Cookie"].startswith('xyzxyz=')
def test_extra(self):
atr = AccessTokenRequest(grant_type="authorization_code",
code="SplxlOBeZQQYbYS6WxSbIA",
redirect_uri="https://client.example.com/cb",
extra="foo")
query = atr.to_urlencoded()
assert query_string_compare(query,
"code=SplxlOBeZQQYbYS6WxSbIA&redirect_uri=https%3A%2F%2Fclient.example.com%2Fcb&grant_type=authorization_code&extra=foo")
atr2 = AccessTokenRequest().deserialize(query, "urlencoded")
assert atr == atr2
def test_extra(self):
atr = AccessTokenRequest(grant_type="authorization_code",
code="SplxlOBeZQQYbYS6WxSbIA",
redirect_uri="https://client.example.com/cb",
extra="foo")
query = atr.to_urlencoded()
assert query_string_compare(query,
"code=SplxlOBeZQQYbYS6WxSbIA&redirect_uri=https%3A%2F%2Fclient.example.com%2Fcb&grant_type=authorization_code&extra=foo")
atr2 = AccessTokenRequest().deserialize(query, "urlencoded")
assert atr == atr2
def test_request_info(self):
request_args = {
"sub": "norah",
"claims_names": ["gender", "birthdate"]
}
uri, body, headers, ucr = self.cc.request_info(
UserClaimsRequest, method="POST", request_args=request_args)
assert uri == "https://example.com/claims"
assert query_string_compare(
body,
"claims_names=gender+birthdate&sub=norah&client_id=client_1&client_secret=hemlig"
)
def test_registration_request(self):
req = RegistrationRequest(operation="register", default_max_age=10,
require_auth_time=True, default_acr="foo",
application_type="web",
redirect_uris=[
"https://example.com/authz_cb"])
js = req.to_json()
js_obj = json.loads(js)
expected_js_obj = {"redirect_uris": ["https://example.com/authz_cb"],
"application_type": "web", "default_acr": "foo",
"require_auth_time": True, "operation": "register",
"default_max_age": 10}
assert js_obj == expected_js_obj
assert query_string_compare(req.to_urlencoded(),
"redirect_uris=https%3A%2F%2Fexample.com%2Fauthz_cb&application_type=web&default_acr=foo&require_auth_time=True&operation=register&default_max_age=10")
def test_registration_request(self):
req = RegistrationRequest(operation="register", default_max_age=10,
require_auth_time=True, default_acr="foo",
application_type="web",
redirect_uris=[
"https://example.com/authz_cb"])
js = req.to_json()
js_obj = json.loads(js)
expected_js_obj = {"redirect_uris": ["https://example.com/authz_cb"],
"application_type": "web", "default_acr": "foo",
"require_auth_time": True, "operation": "register",
"default_max_age": 10, "response_types": ["code"]}
assert js_obj == expected_js_obj
flattened_list_dict = {k: v[0] if isinstance(v, list) else v for k, v in expected_js_obj.items()}
assert query_string_compare(req.to_urlencoded(), urlencode(flattened_list_dict))
def test_client_get_access_token_request(self):
self.consumer.client_secret = "secret0"
_state = "state"
self.consumer.redirect_uris = ["https://www.example.com/oic/cb"]
resp1 = AuthorizationResponse(code="auth_grant", state=_state)
self.consumer.parse_response(AuthorizationResponse,
resp1.to_urlencoded(),
"urlencoded")
resp2 = AccessTokenResponse(access_token="token1",
token_type="Bearer", expires_in=0,
state=_state)
self.consumer.parse_response(AccessTokenResponse, resp2.to_urlencoded(),
"urlencoded")
url, body, http_args = self.consumer.get_access_token_request(_state)
assert url_compare(url, "http://localhost:8088/token")
expected_params = 'redirect_uri=https%3A%2F%2Fwww.example.com%2Foic%2Fcb&client_id=number5&state=state&code=auth_grant&grant_type=authorization_code&client_secret=secret0'
assert query_string_compare(body, expected_params)
assert http_args == {'headers': {
'Content-Type': 'application/x-www-form-urlencoded'}}
def test_registration_request(self):
req = RegistrationRequest(
operation="register",
default_max_age=10,
require_auth_time=True,
default_acr="foo",
application_type="web",
redirect_uris=["https://example.com/authz_cb"])
js = req.to_json()
js_obj = json.loads(js)
expected_js_obj = {
"redirect_uris": ["https://example.com/authz_cb"],
"application_type": "web",
"default_acr": "foo",
"require_auth_time": True,
"operation": "register",
"default_max_age": 10
}
assert js_obj == expected_js_obj
assert query_string_compare(
req.to_urlencoded(),
"redirect_uris=https%3A%2F%2Fexample.com%2Fauthz_cb&application_type=web&default_acr=foo&require_auth_time=True&operation=register&default_max_age=10"
)
def test_client_get_access_token_request(self):
self.consumer.client_secret = "secret0"
_state = "state"
self.consumer.redirect_uris = ["https://www.example.com/oic/cb"]
resp1 = AuthorizationResponse(code="auth_grant", state=_state)
self.consumer.parse_response(AuthorizationResponse,
resp1.to_urlencoded(),
"urlencoded")
resp2 = AccessTokenResponse(access_token="token1",
token_type="Bearer", expires_in=0,
state=_state)
self.consumer.parse_response(AccessTokenResponse, resp2.to_urlencoded(),
"urlencoded")
url, body, http_args = self.consumer.get_access_token_request(_state)
assert url_compare(url, "http://localhost:8088/token")
expected_params = "code=auth_grant&client_secret=secret0&" \
"grant_type=authorization_code&client_id=number5&" \
"redirect_uri=https%3A%2F%2Fwww.example.com%2Foic%2Fcb"
assert query_string_compare(body, expected_params)
assert http_args == {'headers': {
'Content-Type': 'application/x-www-form-urlencoded'}}
def test_authz_req_urlencoded(self):
ar = AuthorizationRequest(response_type=["code"], client_id="foobar")
ue = ar.to_urlencoded()
assert query_string_compare(ue, "response_type=code&client_id=foobar")
def test_authz_req_urlencoded(self):
ar = AuthorizationRequest(response_type=["code"], client_id="foobar")
ue = ar.to_urlencoded()
assert query_string_compare(ue, "response_type=code&client_id=foobar")