ressrv = idm_rs.main(RS_HOST, RS_CookieHandler) print("go!") # ============================== 1 =========================================== # teach the RS about what the AS can do and where (=endpoints) opc = OIDCProviderConfiguration() resp = authzsrv.oidc_providerinfo_endpoint() oidc_pcr = ProviderConfigurationResponse().from_json(resp.message) client = Client({}, client_authn_methods=CLIENT_AUTHN_METHOD) ressrv.baseurl = RS_HOST callback = "%s/%s" % (ressrv.baseurl, "key") client.redirect_uris = [callback] _me = { "application_type": "web", "application_name": "umaclient", "contacts": ["*****@*****.**"], "redirect_uris": [callback] } # link to the client that will talk to the AS RESSRV_CLI_KEY = "abcdefghijklmn" ressrv.oidc_client = client ressrv.client = client # load the AS provider configuration # first the OIDC side of the AS
return IntrospectionResponse().from_json(_iresp.message) # ============================== 1 =========================================== # teach the RS about what the AS can do and where (=endpoints) opc = OIDCProviderConfiguration() resp = authzsrv.providerinfo_endpoint() oidc_pcr = ProviderConfigurationResponse().from_json(resp.message) client = Client( {}, client_config={"client_authn_method": CLIENT_AUTHN_METHOD}, registration_info=ressrv.registration_info) callback = "%s/%s" % (ressrv.baseurl, "key") client.redirect_uris = [callback] _me = ressrv.registration_info.copy() _me["redirect_uris"] = [callback] # link to the client RESSRV_CLI_KEY = "abcdefghijklmn" ressrv.oic_client[RESSRV_CLI_KEY] = client ressrv.client[BASE + "/"] = client client.handle_provider_config(oidc_pcr, authzsrv.baseurl, False, False) opc.update(oidc_pcr) resp = authzsrv.uma_providerinfo_endpoint() uma_pcr = ProviderConfiguration().from_json(resp.message) opc.update(uma_pcr) client.handle_provider_config(uma_pcr, authzsrv.baseurl, False, False)
authzsrv.set_authn_broker(AUTHN_BROKER) ressrv.set_client(authzsrv.baseurl, rs_client) # -------------------- find authzsrv info -------------------- pcr = ProviderConfiguration().from_json( authzsrv.providerinfo_endpoint().message) rs_client.provider_info[pcr["issuer"]] = pcr for key, val in list(pcr.items()): if key.endswith("_endpoint"): setattr(rs_client, key, val) # -------------------- register client -------------------- rs_client.redirect_uris = _me["redirect_uris"] http_args, req = rs_client._register(pcr["dynamic_client_endpoint"], **_me) resp1 = authzsrv.registration_endpoint(req.to_json()) #regresp = RegistrationResponse().from_json(resp.message) dresp = DummyResponse(resp1.message) rs_client.handle_registration_info(dresp) # -------------- AuthorizationRequest as Resource Owner = Alice --------------- args = {"response_type": ["code"], "scope": ["openid"], "state": "STATE"} #client.do_authorization_request(state="STATE", request_args=args)
md.update(EPPN) _key = base64.b16encode(md.digest()) reginfo = { "client_name": "https://rs.example.com", "application_type": "web", "redirect_uris": ["https://rs.example.com/uma/client/%s" % _key] } BASE = "http://localhost:8088" _as = BASE _client = Client({}, CCONF) _client.provider_config(_as) _client.redirect_uris = reginfo["redirect_uris"] _client.register( _client.provider_info[BASE]["dynamic_client_endpoint"], **reginfo) ressrv.set_client(_key, _client) # Authorize and get PAT args = {"response_type": ["code"], "scope": ["openid"]} resp = _client.do_authorization_request( state="STATE", request_args=args, endpoint=_client.provider_info[BASE]["authorization_request_endpoint"]) # The UMA client after given the AS URL
md.update(EPPN) _key = base64.b16encode(md.digest()) reginfo = { "client_name": "https://rs.example.com", "application_type": "web", "redirect_uris": ["https://rs.example.com/uma/client/%s" % _key] } BASE = "http://localhost:8088" _as = BASE _client = Client({}, CCONF) _client.provider_config(_as) _client.redirect_uris = reginfo["redirect_uris"] _client.register(_client.provider_info[BASE]["dynamic_client_endpoint"], **reginfo) ressrv.set_client(_key, _client) # Authorize and get PAT args = {"response_type": ["code"], "scope": ["openid"]} resp = _client.do_authorization_request( state="STATE", request_args=args, endpoint=_client.provider_info[BASE]["authorization_request_endpoint"]) # The UMA client after given the AS URL