def setUpClass(cls):
     http_client = MinimalHttpClient()
     if "client_certificate" in CONFIG:
         private_key_path = CONFIG["client_certificate"]["private_key_path"]
         with open(os.path.join(THIS_FOLDER, private_key_path)) as f:
             private_key = f.read()  # Expecting PEM format
         cls.client = Client(
             CONFIG["openid_configuration"],
             CONFIG['client_id'],
             http_client=http_client,
             client_assertion=JwtSigner(
                 private_key,
                 algorithm="RS256",
                 sha1_thumbprint=CONFIG["client_certificate"]["thumbprint"]
             ).sign_assertion(
                 audience=CONFIG["openid_configuration"]["token_endpoint"],
                 issuer=CONFIG["client_id"],
             ),
             client_assertion_type=Client.CLIENT_ASSERTION_TYPE_JWT,
         )
     else:
         cls.client = Client(CONFIG["openid_configuration"],
                             CONFIG['client_id'],
                             http_client=http_client,
                             client_secret=CONFIG.get('client_secret'))
 def test_rt_being_added(self):
     client = Client(
         {"token_endpoint": "http://example.com/token"},
         "client_id",
         http_client=MinimalHttpClient(),
         on_obtaining_tokens=lambda event: self.assertEqual(
             "new", event["response"].get("refresh_token")),
         on_updating_rt=lambda rt_item, new_rt: self.fail(
             "This should not be called here"),
     )
     client.obtain_token_by_authorization_code("code", post=self._dummy)
 def test_rt_being_updated(self):
     old_rt = {"refresh_token": "old"}
     client = Client(
         {"token_endpoint": "http://example.com/token"},
         "client_id",
         http_client=MinimalHttpClient(),
         on_obtaining_tokens=lambda event: self.assertNotIn(
             "refresh_token", event["response"]),
         on_updating_rt=lambda old, new:  # TODO: ensure it being called
         (self.assertEqual(old_rt, old), self.assertEqual("new", new)),
     )
     client.obtain_token_by_refresh_token({"refresh_token": "old"},
                                          post=self._dummy)
 def test_rt_being_migrated(self):
     old_rt = {"refresh_token": "old"}
     client = Client(
         {"token_endpoint": "http://example.com/token"},
         "client_id",
         http_client=MinimalHttpClient(),
         on_obtaining_tokens=lambda event: self.assertEqual(
             "new", event["response"].get("refresh_token")),
         on_updating_rt=lambda rt_item, new_rt: self.fail(
             "This should not be called here"),
     )
     client.obtain_token_by_refresh_token({"refresh_token": "old"},
                                          on_updating_rt=False,
                                          post=self._dummy)
 def test_accessing_session_property_for_backward_compatibility(self):
     client = Client({}, "client_id")
     client.session
     client.session.close()
     client.session = "something"