def test_server_parse_token_request(): atr = AccessTokenRequest(grant_type="authorization_code", code="SplxlOBeZQQYbYS6WxSbIA", redirect_uri="https://client.example.com/cb", extra="foo") uenc = atr.to_urlencoded() srv = Server() tr = srv.parse_token_request(body=uenc) print tr.keys() assert tr.type() == "AccessTokenRequest" assert _eq(tr.keys(), ['code', 'redirect_uri', 'grant_type', 'extra']) assert tr["grant_type"] == "authorization_code" assert tr["code"] == "SplxlOBeZQQYbYS6WxSbIA" tr = srv.parse_token_request(body=uenc) print tr.keys() assert tr.type() == "AccessTokenRequest" assert _eq(tr.keys(), ['code', 'grant_type', 'redirect_uri', 'extra']) assert tr["extra"] == "foo"
def test_server_parse_parse_authorization_request(): srv = Server() ar = AuthorizationRequest( response_type=["code"], client_id="foobar", redirect_uri="http://foobar.example.com/oaclient", state="cold") uencq = ar.to_urlencoded() areq = srv.parse_authorization_request(query=uencq) assert areq.type() == "AuthorizationRequest" assert areq["response_type"] == ["code"] assert areq["client_id"] == "foobar" assert areq["redirect_uri"] == "http://foobar.example.com/oaclient" assert areq["state"] == "cold" urluenc = "%s?%s" % ("https://example.com/authz", uencq) areq = srv.parse_authorization_request(url=urluenc) assert areq.type() == "AuthorizationRequest" assert areq["response_type"] == ["code"] assert areq["client_id"] == "foobar" assert areq["redirect_uri"] == "http://foobar.example.com/oaclient" assert areq["state"] == "cold"
def __init__(self, name, sdb, cdb, authn_broker, authz, client_authn, symkey="", urlmap=None, iv=0, default_scope="", ca_bundle=None, verify_ssl=True, default_acr="", baseurl=''): self.name = name self.sdb = sdb self.cdb = cdb self.server = Server(ca_certs=ca_bundle, verify_ssl=verify_ssl) self.authn_broker = authn_broker if authn_broker is None: # default cookie function self.cookie_func = CookieDealer(srv=self).create_cookie else: self.cookie_func = self.authn_broker[0][0].create_cookie for item in self.authn_broker: item.srv = self self.authz = authz self.client_authn = client_authn self.symkey = symkey self.seed = rndstr().encode("utf-8") self.iv = iv or os.urandom(16) self.cookie_name = "pyoidc" self.default_scope = default_scope self.sso_ttl = 0 self.default_acr = default_acr if urlmap is None: self.urlmap = {} else: self.urlmap = urlmap self.response_type_map = { "code": code_response, "token": token_response, "none": none_response, } self.session_cookie_name = "pyoic_session" self.baseurl = baseurl self.keyjar = None self.trace = None self.events = None
def test_server_parse_refresh_token_request(): ratr = RefreshAccessTokenRequest(refresh_token="ababababab", client_id="Client_id") uenc = ratr.to_urlencoded() srv = Server() tr = srv.parse_refresh_token_request(body=uenc) print tr.keys() assert tr.type() == "RefreshAccessTokenRequest" assert tr["refresh_token"] == "ababababab" assert tr["client_id"] == "Client_id"
def test_device_flow(): _client = Client() cli = DeviceFlowClient(_client) _server = Server() srv = DeviceFlowServer(_server) # init req = AuthorizationRequest(client_id=cli.host.client_id, response_type='device_code') resp = srv.device_endpoint(req) # Polling req = TokenRequest( grant_type="urn:ietf:params:oauth:grant-type:device_code", device_code=resp['device_dode'], client_id=cli.host.client_id) resp = srv.token_endpoint(req)
def test_server_parse_jwt_request(): srv = Server() ar = AuthorizationRequest( response_type=["code"], client_id="foobar", redirect_uri="http://foobar.example.com/oaclient", state="cold") srv.keyjar["foobar"] = KeyBundle([{ "kty": "oct", "key": "A1B2C3D4", "use": "ver" }, { "kty": "oct", "key": "A1B2C3D4", "use": "sig" }]) srv.keyjar[""] = KeyBundle([{ "kty": "oct", "key": "A1B2C3D4", "use": "ver" }, { "kty": "oct", "key": "A1B2C3D4", "use": "sig" }]) keys = srv.keyjar.get_signing_key(owner="foobar") _jwt = ar.to_jwt(key=keys, algorithm="HS256") req = srv.parse_jwt_request(txt=_jwt) assert req.type() == "AuthorizationRequest" assert req["response_type"] == ["code"] assert req["client_id"] == "foobar" assert req["redirect_uri"] == "http://foobar.example.com/oaclient" assert req["state"] == "cold"
def create_server(self): self.srv = Server() # pylint: disable=attribute-defined-outside-init