def test_example_response():
resp = {
"version": "3.0",
"issuer": "https://server.example.com",
"authorization_endpoint":
"https://server.example.com/connect/authorize",
"token_endpoint": "https://server.example.com/connect/token",
"token_endpoint_auth_methods_supported": ["client_secret_basic",
"private_key_jwt"],
"token_endpoint_alg_values_supported": ["RS256", "ES256"],
"userinfo_endpoint": "https://server.example.com/connect/userinfo",
"check_session_iframe":
"https://server.example.com/connect/check_session",
"end_session_endpoint":
"https://server.example.com/connect/end_session",
"jwks_uri": "https://server.example.com/jwks.json",
"registration_endpoint": "https://server.example.com/connect/register",
"scopes_supported": ["openid", "profile", "email", "address",
"phone", "offline_access"],
"response_types_supported": ["code", "code id_token", "id_token",
"token id_token"],
"acr_values_supported": ["urn:mace:incommon:iap:silver",
"urn:mace:incommon:iap:bronze"],
"subject_types_supported": ["public", "pairwise"],
"userinfo_signing_alg_values_supported": ["RS256", "ES256", "HS256"],
"userinfo_encryption_alg_values_supported": ["RSA1_5", "A128KW"],
"userinfo_encryption_enc_values_supported": ["A128CBC+HS256",
"A128GCM"],
"id_token_signing_alg_values_supported": ["RS256", "ES256", "HS256"],
"id_token_encryption_alg_values_supported": ["RSA1_5", "A128KW"],
"id_token_encryption_enc_values_supported": ["A128CBC+HS256",
"A128GCM"],
"request_object_signing_alg_values_supported": ["none", "RS256",
"ES256"],
"display_values_supported": ["page", "popup"],
"claim_types_supported": ["normal", "distributed"],
"claims_supported": ["sub", "iss", "auth_time", "acr", "name",
"given_name", "family_name", "nickname", "profile",
"picture", "website", "email", "email_verified",
"locale", "zoneinfo",
"http://example.info/claims/groups"],
"claims_parameter_supported": True,
"service_documentation":
"http://server.example.com/connect/service_documentation.html",
"ui_locales_supported": ["en-US", "en-GB", "en-CA", "fr-FR", "fr-CA"]
}
pcr = ProviderConfigurationResponse().deserialize(json.dumps(resp), "json")
rk = resp.keys()
# parameters with default value if missing
rk.extend(["grant_types_supported", "request_parameter_supported",
"request_uri_parameter_supported",
"require_request_uri_registration"])
rk.sort()
pk = pcr.keys()
pk.sort()
print rk
print pk
assert _eq(pk, rk)
def test_example_response():
resp = {
"version": "3.0",
"issuer": "https://server.example.com",
"authorization_endpoint":
"https://server.example.com/connect/authorize",
"token_endpoint": "https://server.example.com/connect/token",
"token_endpoint_auth_methods_supported": ["client_secret_basic",
"private_key_jwt"],
"token_endpoint_alg_values_supported": ["RS256", "ES256"],
"userinfo_endpoint": "https://server.example.com/connect/userinfo",
"check_session_iframe":
"https://server.example.com/connect/check_session",
"end_session_endpoint":
"https://server.example.com/connect/end_session",
"jwks_uri": "https://server.example.com/jwks.json",
"registration_endpoint": "https://server.example.com/connect/register",
"scopes_supported": ["openid", "profile", "email", "address",
"phone", "offline_access"],
"response_types_supported": ["code", "code id_token", "id_token",
"token id_token"],
"acr_values_supported": ["urn:mace:incommon:iap:silver",
"urn:mace:incommon:iap:bronze"],
"subject_types_supported": ["public", "pairwise"],
"userinfo_signing_alg_values_supported": ["RS256", "ES256", "HS256"],
"userinfo_encryption_alg_values_supported": ["RSA1_5", "A128KW"],
"userinfo_encryption_enc_values_supported": ["A128CBC+HS256",
"A128GCM"],
"id_token_signing_alg_values_supported": ["RS256", "ES256", "HS256"],
"id_token_encryption_alg_values_supported": ["RSA1_5", "A128KW"],
"id_token_encryption_enc_values_supported": ["A128CBC+HS256",
"A128GCM"],
"request_object_signing_alg_values_supported": ["none", "RS256",
"ES256"],
"display_values_supported": ["page", "popup"],
"claim_types_supported": ["normal", "distributed"],
"claims_supported": ["sub", "iss", "auth_time", "acr", "name",
"given_name", "family_name", "nickname", "profile",
"picture", "website", "email", "email_verified",
"locale", "zoneinfo",
"http://example.info/claims/groups"],
"claims_parameter_supported": True,
"service_documentation":
"http://server.example.com/connect/service_documentation.html",
"ui_locales_supported": ["en-US", "en-GB", "en-CA", "fr-FR", "fr-CA"]
}
pcr = ProviderConfigurationResponse().deserialize(json.dumps(resp), "json")
rk = resp.keys()
# parameters with default value if missing
rk.extend(["grant_types_supported", "request_parameter_supported",
"request_uri_parameter_supported",
"require_request_uri_registration"])
rk.sort()
pk = pcr.keys()
pk.sort()
print rk
print pk
assert _eq(pk, rk)
#print URLS
if args.debug:
OAS.debug = True
if args.test:
OAS.test_mode = True
else:
OAS.test_mode = False
if args.authn_as:
OAS.authn_as = args.authn_as
if args.provider_conf:
prc = ProviderConfigurationResponse().from_json(
open(args.provider_conf).read())
endpoints = []
for key in prc.keys():
if key.endswith("_endpoint"):
endpoints.append(key)
else:
endpoints = ENDPOINTS
add_endpoints(endpoints)
OAS.endpoints = endpoints
if args.port == 80:
OAS.baseurl = config.baseurl
else:
if config.baseurl.endswith("/"):
config.baseurl = config.baseurl[:-1]
OAS.baseurl = "%s:%d" % (config.baseurl, args.port)
except AttributeError:
pass
OAS.cookie_func = http_util.cookie
#print URLS
if args.debug:
OAS.debug = True
if args.authn_as:
OAS.authn_as = args.authn_as
if args.provider_conf:
prc = ProviderConfigurationResponse().from_json(open(args.provider_conf).read())
endpoints = []
for key in prc.keys():
if key.endswith("_endpoint"):
endpoints.append(key)
else:
endpoints = ENDPOINTS
add_endpoints(endpoints)
OAS.endpoints = endpoints
if args.port == 80:
OAS.baseurl = config.baseurl
else:
if config.baseurl.endswith("/"):
config.baseurl = config.baseurl[:-1]
OAS.baseurl = "%s:%d" % (config.baseurl, args.port)
