def test_do_request_user(self):
request = AuthorizationRequest(
client_id="client_id",
redirect_uri="https://rp.example.com/cb",
response_type=["id_token"],
state="state",
nonce="nonce",
scope="openid",
)
assert self.endpoint.do_request_user(request) == {}
# With login_hint
request["login_hint"] = "mail:[email protected]"
assert self.endpoint.do_request_user(request) == {}
endpoint_context = self.endpoint.server_get("endpoint_context")
# userinfo
_userinfo = init_user_info(
{"class": "oidcop.user_info.UserInfo", "kwargs": {"db_file": full_path("users.json")},},
"",
)
# login_hint
endpoint_context.login_hint_lookup = init_service(
{"class": "oidcop.login_hint.LoginHintLookup"}, None
)
endpoint_context.login_hint_lookup.userinfo = _userinfo
# With login_hint and login_hint_lookup
assert self.endpoint.do_request_user(request) == {"req_user": "******"}
def __init__(self, server_get, **kwargs):
Endpoint.__init__(self, server_get, **kwargs)
# self.post_construct.append(self.create_entity_statement)
self.metadata_api = None
_subs = kwargs["subordinates"]
if "class" in _subs and "kwargs" in _subs:
self.server_get("context").subordinates = init_service(_subs)
else:
self.server_get("context").subordinates = _subs
def test_login_hint():
userinfo = init_user_info(
{
"class": "oidcop.user_info.UserInfo",
"kwargs": {
"db_file": full_path("users.json")
},
},
"",
)
login_hint_lookup = init_service(
{"class": "oidcop.login_hint.LoginHintLookup"}, None)
login_hint_lookup.userinfo = userinfo
assert login_hint_lookup("tel:0907865000") == "diana"
def do_login_hint_lookup(self):
_conf = self.conf.get("login_hint_lookup")
if _conf:
_userinfo = None
_kwargs = _conf.get("kwargs")
if _kwargs:
_userinfo_conf = _kwargs.get("userinfo")
if _userinfo_conf:
_userinfo = init_user_info(_userinfo_conf,
self.endpoint_context.cwd)
if _userinfo is None:
_userinfo = self.endpoint_context.userinfo
self.endpoint_context.login_hint_lookup = init_service(_conf)
self.endpoint_context.login_hint_lookup.userinfo = _userinfo
def __init__(self,
entity_id: str = "",
config: Optional[Union[dict, Configuration]] = None,
httpc: Optional[Any] = None,
cwd: Optional[str] = ''):
FederationEntity.__init__(self,
entity_id=entity_id,
config=config,
httpc=httpc,
cwd=cwd)
self.trust_marks = config.get("trust_marks")
_db_conf = config.get("trust_mark_db")
self.issued = init_service(_db_conf)
self.tm_lifetime = {}
for id, tm in self.trust_marks.items():
if "lifetime" in tm:
self.tm_lifetime[id] = tm["lifetime"]
del tm["lifetime"]
def __init__(self, conf):
self._db = {}
for id, spec in conf.items():
self._db[id] = init_service(spec)
def __init__(
self,
conf: Union[dict, OPConfiguration, ASConfiguration],
keyjar: Optional[KeyJar] = None,
cwd: Optional[str] = "",
cookie_handler: Optional[Any] = None,
httpc: Optional[Any] = None,
):
ImpExp.__init__(self)
self.conf = conf
self.endpoint_context = EndpointContext(
conf=conf,
keyjar=keyjar,
cwd=cwd,
cookie_handler=cookie_handler,
httpc=httpc,
)
self.endpoint_context.authz = self.do_authz()
self.do_authentication(self.endpoint_context)
self.endpoint = do_endpoints(conf, self.server_get)
_cap = get_capabilities(conf, self.endpoint)
self.endpoint_context.provider_info = self.endpoint_context.create_providerinfo(
_cap)
self.endpoint_context.do_add_on(endpoints=self.endpoint)
self.endpoint_context.session_manager = create_session_manager(
self.server_get,
self.endpoint_context.th_args,
sub_func=self.endpoint_context._sub_func,
conf=self.conf)
self.endpoint_context.do_userinfo()
# Must be done after userinfo
self.do_login_hint_lookup()
for endpoint_name, endpoint_conf in self.endpoint.items():
_endpoint = self.endpoint[endpoint_name]
_methods = _endpoint.kwargs.get("client_authn_method")
self.client_authn_method = []
if _methods:
_endpoint.client_authn_method = client_auth_setup(
_methods, self.server_get)
elif _methods is not None: # [] or '' or something not None but regarded as nothing.
_endpoint.client_authn_method = [None] # Ignore default value
elif _endpoint.default_capabilities:
_methods = _endpoint.default_capabilities.get(
"client_authn_method")
if _methods:
_endpoint.client_authn_method = client_auth_setup(
auth_set=_methods, server_get=self.server_get)
_endpoint.server_get = self.server_get
_token_endp = self.endpoint.get("token")
if _token_endp:
_token_endp.allow_refresh = allow_refresh_token(
self.endpoint_context)
self.endpoint_context.claims_interface = init_service(
conf["claims_interface"], self.server_get)
_id_token_handler = self.endpoint_context.session_manager.token_handler.handler.get(
"id_token")
if _id_token_handler:
self.endpoint_context.provider_info.update(
_id_token_handler.provider_info)
def do_authz(self):
authz_spec = self.conf.get("authz")
if authz_spec:
return init_service(authz_spec, self.server_get)
else:
return authz.Implicit(self.server_get)