def test_server_parse_refresh_token_request(self):
ratr = RefreshAccessTokenRequest(refresh_token="ababababab",
client_id="Client_id")
uenc = ratr.to_urlencoded()
tr = self.srv.parse_refresh_token_request(body=uenc)
assert isinstance(tr, RefreshAccessTokenRequest)
assert tr["refresh_token"] == "ababababab"
assert tr["client_id"] == "Client_id"
def test_server_parse_refresh_token_request(self):
ratr = RefreshAccessTokenRequest(refresh_token="ababababab",
client_id="Client_id")
uenc = ratr.to_urlencoded()
tr = self.srv.parse_refresh_token_request(body=uenc)
assert isinstance(tr, RefreshAccessTokenRequest)
assert tr["refresh_token"] == "ababababab"
assert tr["client_id"] == "Client_id"
def test_server_parse_refresh_token_request():
ratr = RefreshAccessTokenRequest(refresh_token="ababababab", client_id="Client_id")
uenc = ratr.to_urlencoded()
srv = Server()
tr = srv.parse_refresh_token_request(body=uenc)
print tr.keys()
assert tr.type() == "RefreshAccessTokenRequest"
assert tr["refresh_token"] == "ababababab"
assert tr["client_id"] == "Client_id"
def test_server_parse_refresh_token_request():
ratr = RefreshAccessTokenRequest(refresh_token="ababababab",
client_id="Client_id")
uenc = ratr.to_urlencoded()
srv = Server()
srv.keyjar = KEYJ
tr = srv.parse_refresh_token_request(body=uenc)
print tr.keys()
assert tr.type() == "RefreshAccessTokenRequest"
assert tr["refresh_token"] == "ababababab"
assert tr["client_id"] == "Client_id"
def test_refresh_access_token_request(self):
authreq = AuthorizationRequest(state="state",
redirect_uri="http://example.com/authz",
client_id=CLIENT_ID,
response_type="code",
scope=["openid", 'offline_access'],
prompt='consent')
_sdb = self.provider.sdb
sid = _sdb.access_token.key(user="******", areq=authreq)
access_grant = _sdb.access_token(sid=sid)
ae = AuthnEvent("user", "salt")
_sdb[sid] = {
"oauth_state": "authz",
"authn_event": ae.to_json(),
"authzreq": authreq.to_json(),
"client_id": CLIENT_ID,
"code": access_grant,
"code_used": False,
"scope": ["openid", 'offline_access'],
"redirect_uri": "http://example.com/authz",
}
_sdb.do_sub(sid, "client_salt")
# Construct Access token request
areq = AccessTokenRequest(code=access_grant,
client_id=CLIENT_ID,
redirect_uri="http://example.com/authz",
client_secret=CLIENT_SECRET,
grant_type='authorization_code')
txt = areq.to_urlencoded()
resp = self.provider.token_endpoint(request=txt)
atr = AccessTokenResponse().deserialize(resp.message, "json")
rareq = RefreshAccessTokenRequest(grant_type="refresh_token",
refresh_token=atr['refresh_token'],
client_id=CLIENT_ID,
client_secret=CLIENT_SECRET,
scope=['openid'])
resp = self.provider.token_endpoint(request=rareq.to_urlencoded())
atr2 = AccessTokenResponse().deserialize(resp.message, "json")
assert atr2['access_token'] != atr['access_token']
assert atr2['refresh_token'] == atr['refresh_token']
assert atr2['token_type'] == 'Bearer'
def _do_token_refresh(self, request):
# type: (Mapping[str, str]) -> oic.oic.message.AccessTokenResponse
"""
Handles a token request for refreshing an access token (grant_type=refresh_token).
:param request: parsed http request parameters
:return: a token response containing a new Access Token and possibly a new Refresh Token
:raise InvalidTokenRequest: if the token request is invalid
"""
token_request = RefreshAccessTokenRequest().from_dict(request)
try:
token_request.verify()
except MessageException as e:
raise InvalidTokenRequest(str(e), token_request) from e
response = AccessTokenResponse()
access_token, refresh_token = self.authz_state.use_refresh_token(
token_request['refresh_token'], scope=token_request.get('scope'))
self._add_access_token_to_response(response, access_token)
if refresh_token:
response['refresh_token'] = refresh_token
return response