def test_client_user_info_get(self):
args = {
"redirect_uris": [
"https://client.example.org/callback",
"https://client.example.org/callback2"
],
"client_name":
"My Example Client",
"client_name#ja-Jpan-JP":
"\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
"token_endpoint_auth_method":
"client_secret_basic",
"scope":
"read write dolphin",
}
request = RegistrationRequest(**args)
resp = self.provider.registration_endpoint(request=request.to_json())
_resp = ClientInfoResponse().from_json(resp.message)
resp = self.provider.client_info_endpoint(
"GET",
environ={
"HTTP_AUTHORIZATION":
"Bearer %s" % (_resp["registration_access_token"], )
},
query="client_id=%s" % _resp["client_id"],
request=request.to_json())
_resp_cir = ClientInfoResponse().from_json(resp.message)
assert _resp == _resp_cir
def test_client_registration_with_software_statement(self):
jwks, keyjar, kidd = build_keyjar(KEYS)
fed_operator = 'https://fedop.example.org'
self.provider.keyjar[fed_operator] = keyjar['']
ss = make_software_statement(keyjar, fed_operator, client_id='foxtrot')
args = {
"redirect_uris": [
"https://client.example.org/callback",
"https://client.example.org/callback2"
],
"client_name":
"XYZ Service B",
"token_endpoint_auth_method":
"client_secret_basic",
"scope":
"read write dolphin",
'software_statement':
ss
}
request = RegistrationRequest(**args)
resp = self.provider.registration_endpoint(request=request.to_json(),
environ={})
cli_resp = ClientInfoResponse().from_json(resp.message)
assert cli_resp
def test_registration_endpoint(self):
request = RegistrationRequest(
client_name="myself",
redirect_uris=["https://example.com/rp"],
grant_type=['authorization_code', 'implicit'])
resp = self.provider.registration_endpoint(request=request.to_json())
assert isinstance(resp, Response)
data = json.loads(resp.message)
assert data["client_name"] == "myself"
assert _eq(data["redirect_uris"], ["https://example.com/rp"])
_resp = ClientInfoResponse().from_json(resp.message)
assert "client_id" in _resp
def run(self):
if self.dynamic:
response = self.catch_exception(self.conv.entity.register,
**self.req_args)
if self.expect_error:
self.expected_error_response(response)
else:
if isinstance(response, ErrorResponse):
raise Break("Unexpected error response")
else:
self.conv.entity.store_registration_info(
ClientInfoResponse(
**self.conf.CLIENT["registration_response"]))
self.conv.trace.response(self.conv.entity.registration_response)
def test_client_registration_delete(self):
args = {
"redirect_uris": [
"https://client.example.org/callback",
"https://client.example.org/callback2"
],
"client_name":
"My Example Client",
"client_name#ja-Jpan-JP":
"\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
"token_endpoint_auth_method":
"client_secret_basic",
"scope":
"read write dolphin",
}
request = RegistrationRequest(**args)
resp = self.provider.registration_endpoint(request=request.to_json(),
environ={})
_resp = ClientInfoResponse().from_json(resp.message)
resp = self.provider.client_info_endpoint(
request=request.to_json(),
environ={
"HTTP_AUTHORIZATION":
"Bearer %s" % (_resp["registration_access_token"], )
},
method="DELETE",
query="client_id=%s" % _resp["client_id"])
assert isinstance(resp, NoContent)
# A read should fail
resp = self.provider.client_info_endpoint(
"",
environ={
"HTTP_AUTHORIZATION":
"Bearer %s" % (_resp["registration_access_token"], )
},
query="client_id=%s" % _resp["client_id"])
assert isinstance(resp, Unauthorized)
def test_client_registration_utf_8_client_name(self):
args = {
"redirect_uris": [
"https://client.example.org/callback",
"https://client.example.org/callback2"
],
"client_name":
"My Example Client",
"client_name#ja-Jpan-JP":
"\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
"token_endpoint_auth_method":
"client_secret_basic",
"scope":
"read write dolphin",
}
request = RegistrationRequest(**args)
resp = self.provider.registration_endpoint(request=request.to_json())
_resp = ClientInfoResponse().from_json(resp.message)
assert _resp[
"client_name#ja-Jpan-JP"] == "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D"
assert _resp["client_name"] == "My Example Client"
def test_client_registration_update(self):
args = {
"redirect_uris": [
"https://client.example.org/callback",
"https://client.example.org/callback2"
],
"client_name":
"My Example Client",
"client_name#ja-Jpan-JP":
"\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
"token_endpoint_auth_method":
"client_secret_basic",
"scope":
"read write dolphin",
}
request = RegistrationRequest(**args)
resp = self.provider.registration_endpoint(request=request.to_json(),
environ={})
_resp = ClientInfoResponse().from_json(resp.message)
update = {
"client_id":
_resp["client_id"],
"client_secret":
_resp["client_secret"],
"redirect_uris": [
"https://client.example.org/callback",
"https://client.example.org/alt"
],
"scope":
"read write dolphin",
"grant_types": ["authorization_code", "refresh_token"],
"token_endpoint_auth_method":
"client_secret_basic",
"jwks_uri":
"https://client.example.org/my_public_keys.jwks",
"client_name":
"My New Example",
"client_name#fr":
"Mon Nouvel Exemple",
}
update_req = RegistrationRequest(**update)
resp = self.provider.client_info_endpoint(
request=update_req.to_json(),
environ={
"HTTP_AUTHORIZATION":
"Bearer %s" % (_resp["registration_access_token"], )
},
method="PUT",
query="client_id=%s" % _resp["client_id"])
_resp_up = ClientInfoResponse().from_json(resp.message)
assert _resp_up["client_id"] == update["client_id"]
assert _resp_up["client_secret"] == update["client_secret"]
assert _resp_up["redirect_uris"] == update["redirect_uris"]
assert _resp_up["scope"] == update["scope"].split()
assert _resp_up["grant_types"] == update["grant_types"]
assert _resp_up["token_endpoint_auth_method"] == update[
"token_endpoint_auth_method"]
assert _resp_up["jwks_uri"] == update["jwks_uri"]
assert _resp_up["client_name"] == update["client_name"]
assert _resp_up["client_name#fr"] == update["client_name#fr"]
def create_client(self, **kwargs):
"""
Do an instantiation of a client instance
:param: Keyword arguments
Keys are:
srv_discovery_url
client_info
client_registration
provider_info
behaviour
:return: client instance
"""
_key_set = set(list(kwargs.keys()))
try:
_verify_ssl = kwargs['verify_ssl']
except KeyError:
_verify_ssl = self.verify_ssl
else:
_key_set.discard('verify_ssl')
_client = self.client_cls(client_authn_method=CLIENT_AUTHN_METHOD,
behaviour=kwargs["behaviour"],
verify_ssl=_verify_ssl)
# The behaviour parameter is not significant for the election process
_key_set.discard("behaviour")
for param in ["allow"]:
try:
setattr(_client, param, kwargs[param])
except KeyError:
pass
else:
_key_set.discard(param)
if _key_set == {"client_info", "srv_discovery_url"}:
# Ship the webfinger part
# Gather OP information
_client.provider_config(kwargs["srv_discovery_url"])
# register the client
_client.register(_client.provider_info["registration_endpoint"],
**kwargs["client_info"])
self.get_path(kwargs['client_info']['redirect_uris'],
kwargs["srv_discovery_url"])
elif _key_set == {"provider_info", "client_info"}:
_client.handle_provider_config(
ProviderConfigurationResponse(**kwargs["provider_info"]),
kwargs["provider_info"]["issuer"])
_client.register(_client.provider_info["registration_endpoint"],
**kwargs["client_info"])
self.get_path(kwargs['client_info']['redirect_uris'],
kwargs["provider_info"]["issuer"])
elif _key_set == {"provider_info", "client_registration"}:
_client.handle_provider_config(
ProviderConfigurationResponse(**kwargs["provider_info"]),
kwargs["provider_info"]["issuer"])
_client.store_registration_info(ClientInfoResponse(
**kwargs["client_registration"]))
self.get_path(kwargs['client_info']['redirect_uris'],
kwargs["provider_info"]["issuer"])
elif _key_set == {"srv_discovery_url", "client_registration"}:
_client.provider_config(kwargs["srv_discovery_url"])
_client.store_registration_info(ClientInfoResponse(
**kwargs["client_registration"]))
self.get_path(kwargs['client_registration']['redirect_uris'],
kwargs["srv_discovery_url"])
else:
raise Exception("Configuration error ?")
return client