def test_multiple_response_types_json(self): ar = AuthorizationRequest(response_type=["code", "token"], client_id="foobar") ue = ar.to_json() ue_obj = json.loads(ue) expected_ue_obj = {"response_type": "code token", "client_id": "foobar"} assert ue_obj == expected_ue_obj are = AuthorizationRequest().deserialize(ue, "json") assert _eq(are.keys(), ["response_type", "client_id"]) assert _eq(are["response_type"], ["code", "token"])
def test_multiple_response_types_urlencoded(self): ar = AuthorizationRequest(response_type=["code", "token"], client_id="foobar") ue = ar.to_urlencoded() ue_splits = ue.split("&") expected_ue_splits = "response_type=code+token&client_id=foobar".split("&") assert _eq(ue_splits, expected_ue_splits) are = AuthorizationRequest().deserialize(ue, "urlencoded") assert _eq(are.keys(), ["response_type", "client_id"]) assert _eq(are["response_type"], ["code", "token"])
def test_multiple_response_types_urlencoded(self): ar = AuthorizationRequest(response_type=["code", "token"], client_id="foobar") ue = ar.to_urlencoded() ue_splits = ue.split('&') expected_ue_splits = "response_type=code+token&client_id=foobar".split( '&') assert _eq(ue_splits, expected_ue_splits) are = AuthorizationRequest().deserialize(ue, "urlencoded") assert _eq(are.keys(), ["response_type", "client_id"]) assert _eq(are["response_type"], ["code", "token"])
def test_multiple_response_types_json(self): ar = AuthorizationRequest(response_type=["code", "token"], client_id="foobar") ue = ar.to_json() ue_obj = json.loads(ue) expected_ue_obj = { "response_type": "code token", "client_id": "foobar" } assert ue_obj == expected_ue_obj are = AuthorizationRequest().deserialize(ue, "json") assert _eq(are.keys(), ["response_type", "client_id"]) assert _eq(are["response_type"], ["code", "token"])
# To authenticate or Not if identity is None: # No! if "prompt" in areq and "none" in areq["prompt"]: # Need to authenticate but not allowed return self._redirect_authz_error("login_required", redirect_uri) else: # Do authentication return _authn(**authn_args) else: user = identity["uid"] aevent = AuthnEvent(user, authn_info=acr) # If I get this far the person is already authenticated logger.debug("- authenticated -") logger.debug("AREQ keys: %s" % areq.keys()) try: oidc_req = areq["request"] except KeyError: oidc_req = None skey = self.sdb.create_authz_session(aevent, areq, oidreq=oidc_req) # Now about the authorization step. try: permissions = self.authz.permissions(cookie) if not permissions: return self.authz(user, skey) except (ToOld, TamperAllert): return self.authz(user, areq, skey)