def test_client_registration_with_software_statement(self):
jwks, keyjar, kidd = build_keyjar(KEYS)
fed_operator = 'https://fedop.example.org'
self.provider.keyjar[fed_operator] = keyjar['']
ss = make_software_statement(keyjar, fed_operator, client_id='foxtrot')
args = {
"redirect_uris": [
"https://client.example.org/callback",
"https://client.example.org/callback2"
],
"client_name":
"XYZ Service B",
"token_endpoint_auth_method":
"client_secret_basic",
"scope":
"read write dolphin",
'software_statement':
ss
}
request = RegistrationRequest(**args)
resp = self.provider.registration_endpoint(request=request.to_json(),
environ={})
cli_resp = ClientInfoResponse().from_json(resp.message)
assert cli_resp
def test_pack_and_unpack(self):
ss = make_software_statement(self.keyjar, self.issuer,
client_id='ABC 001')
msg = unpack_software_statement(ss, self.issuer, self.keyjar)
assert msg
assert _eq(msg.keys(), ['client_id', 'iat', 'iss', 'exp', 'jti', 'kid'])
assert msg['client_id'] == 'ABC 001'
assert msg['iss'] == self.issuer
def test_pack_and_unpack(self):
ss = make_software_statement(self.keyjar,
self.issuer,
client_id='ABC 001')
msg = unpack_software_statement(ss, self.issuer, self.keyjar)
assert msg
assert _eq(msg.keys(),
['client_id', 'iat', 'iss', 'exp', 'jti', 'kid'])
assert msg['client_id'] == 'ABC 001'
assert msg['iss'] == self.issuer
def test_pack_and_unpack(self):
ss = make_software_statement(self.keyjar,
self.issuer,
client_id="ABC 001")
msg = unpack_software_statement(ss, self.issuer, self.keyjar)
assert msg
assert _eq(msg.keys(),
["client_id", "iat", "iss", "exp", "jti", "kid"])
assert msg["client_id"] == "ABC 001"
assert msg["iss"] == self.issuer
def test_client_registration_with_software_statement(self):
jwks, keyjar, kidd = build_keyjar(KEYS)
fed_operator = 'https://fedop.example.org'
self.provider.keyjar[fed_operator] = keyjar['']
ss = make_software_statement(keyjar, fed_operator, client_id='foxtrot')
args = {
"redirect_uris": ["https://client.example.org/callback",
"https://client.example.org/callback2"],
"client_name": "XYZ Service B",
"token_endpoint_auth_method": "client_secret_basic",
"scope": "read write dolphin",
'software_statement': ss
}
request = RegistrationRequest(**args)
resp = self.provider.registration_endpoint(request=request.to_json(),
environ={})
cli_resp = ClientInfoResponse().from_json(resp.message)
assert cli_resp
def add_software_statement(oper, arg):
argkeys = list(arg.keys())
kwargs = {}
tre = oper.conf.TRUSTED_REGISTRATION_ENTITY
iss = tre['iss']
kb = KeyBundle()
kb.imp_jwks = json.load(open(tre['jwks']))
kb.do_keys(kb.imp_jwks['keys'])
oper.conv.entity.keyjar.add_kb(iss, kb)
if arg['redirect_uris'] is None:
kwargs['redirect_uris'] = oper.conv.entity.redirect_uris
else:
kwargs['redirect_uris'] = arg['redirect_uris']
argkeys.remove('redirect_uris')
if 'jwks_uri' in argkeys:
if arg['jwks_uri'] is None:
kwargs['jwks_uri'] = oper.conv.entity.jwks_uri
else:
kwargs['jwks_uri'] = arg['jwks_uri']
argkeys.remove('jwks_uri')
elif 'jwks' in argkeys:
if arg['jwks'] is None:
kwargs['jwks'] = {
"keys": oper.conv.entity.keyjar.dump_issuer_keys("")
}
else:
kwargs['jwks'] = arg['jwks']
argkeys.remove('jwks')
for a in argkeys:
kwargs[a] = arg[a]
oper.req_args['software_statement'] = make_software_statement(
oper.conv.entity.keyjar, iss=iss, owner=iss, **kwargs)
def add_software_statement(oper, arg):
argkeys = list(arg.keys())
kwargs = {}
tre = oper.conf.TRUSTED_REGISTRATION_ENTITY
iss = tre['iss']
kb = KeyBundle()
kb.imp_jwks = json.load(open(tre['jwks']))
kb.do_keys(kb.imp_jwks['keys'])
oper.conv.entity.keyjar.add_kb(iss, kb)
if arg['redirect_uris'] is None:
kwargs['redirect_uris'] = oper.conv.entity.redirect_uris
else:
kwargs['redirect_uris'] = arg['redirect_uris']
argkeys.remove('redirect_uris')
if 'jwks_uri' in argkeys:
if arg['jwks_uri'] is None:
kwargs['jwks_uri'] = oper.conv.entity.jwks_uri
else:
kwargs['jwks_uri'] = arg['jwks_uri']
argkeys.remove('jwks_uri')
elif 'jwks' in argkeys:
if arg['jwks'] is None:
kwargs['jwks'] = {
"keys": oper.conv.entity.keyjar.dump_issuer_keys("")}
else:
kwargs['jwks'] = arg['jwks']
argkeys.remove('jwks')
for a in argkeys:
kwargs[a] = arg[a]
oper.req_args['software_statement'] = make_software_statement(
oper.conv.entity.keyjar, iss=iss, owner=iss, **kwargs)
def test_pack(self):
ss = make_software_statement(self.keyjar,
self.issuer,
client_id='ABC 001')
assert ss
assert len(ss.split('.')) == 3
def test_pack(self):
ss = make_software_statement(self.keyjar, self.issuer,
client_id='ABC 001')
assert ss
assert len(ss.split('.')) == 3
print('Software statement request')
print(70 * "-")
print_lines(json.dumps(ssreq.to_dict(), sort_keys=True, indent=2,
separators=(',', ': ')))
# -----------------------------------------------------------------------------
# The SWAMID FO constructs Software statement
# -----------------------------------------------------------------------------
ssreq.update({
"response_types": ["code", "code id_token", "token"],
"token_endpoint_auth_method": "private_key_jwt",
"scopes": ['openid', 'email', 'phone']
})
dev_swamid_sost = make_software_statement(swamid_keyjar, swamid_issuer,
**ssreq.to_dict())
_jwt = factory(dev_swamid_sost)
_sos = json.loads(_jwt.jwt.part[1].decode('utf8'))
print(70 * "-")
print('SWAMID extended software statement')
print(70 * "-")
print_lines(json.dumps(_sos, sort_keys=True, indent=2, separators=(',', ': ')))
# -----------------------------------------------------------------------------
# -- construct JSON document to be signed by InCommon
# -----------------------------------------------------------------------------
ssreq = SoftwareStatement(
contacts=['*****@*****.**'],
policy_uri='https://example.com/policy.html',
json.dumps(ssreq.to_dict(),
sort_keys=True,
indent=2,
separators=(',', ': ')))
# -----------------------------------------------------------------------------
# The SWAMID FO constructs Software statement
# -----------------------------------------------------------------------------
ssreq.update({
"response_types": ["code", "code id_token", "token"],
"token_endpoint_auth_method": "private_key_jwt",
"scopes": ['openid', 'email', 'phone']
})
dev_swamid_sost = make_software_statement(swamid_keyjar, swamid_issuer,
**ssreq.to_dict())
_jwt = factory(dev_swamid_sost)
_sos = json.loads(_jwt.jwt.part[1].decode('utf8'))
print(70 * "-")
print('SWAMID extended software statement')
print(70 * "-")
print_lines(json.dumps(_sos, sort_keys=True, indent=2, separators=(',', ': ')))
# -----------------------------------------------------------------------------
# -- construct JSON document to be signed by InCommon
# -----------------------------------------------------------------------------
ssreq = SoftwareStatement(contacts=['*****@*****.**'],
policy_uri='https://example.com/policy.html',
tos_uri='https://example.com/tos.html',