def test_server_parse_refresh_token_request(self): ratr = RefreshAccessTokenRequest(refresh_token="ababababab", client_id="Client_id") uenc = ratr.to_urlencoded() tr = self.srv.parse_refresh_token_request(body=uenc) assert isinstance(tr, RefreshAccessTokenRequest) assert tr["refresh_token"] == "ababababab" assert tr["client_id"] == "Client_id"
def test_server_parse_refresh_token_request(): ratr = RefreshAccessTokenRequest(refresh_token="ababababab", client_id="Client_id") uenc = ratr.to_urlencoded() srv = Server() tr = srv.parse_refresh_token_request(body=uenc) print tr.keys() assert tr.type() == "RefreshAccessTokenRequest" assert tr["refresh_token"] == "ababababab" assert tr["client_id"] == "Client_id"
def test_server_parse_refresh_token_request(): ratr = RefreshAccessTokenRequest(refresh_token="ababababab", client_id="Client_id") uenc = ratr.to_urlencoded() srv = Server() srv.keyjar = KEYJ tr = srv.parse_refresh_token_request(body=uenc) print tr.keys() assert tr.type() == "RefreshAccessTokenRequest" assert tr["refresh_token"] == "ababababab" assert tr["client_id"] == "Client_id"
def test_refresh_access_token_request(self): authreq = AuthorizationRequest(state="state", redirect_uri="http://example.com/authz", client_id=CLIENT_ID, response_type="code", scope=["openid", 'offline_access'], prompt='consent') _sdb = self.provider.sdb sid = _sdb.access_token.key(user="******", areq=authreq) access_grant = _sdb.access_token(sid=sid) ae = AuthnEvent("user", "salt") _sdb[sid] = { "oauth_state": "authz", "authn_event": ae.to_json(), "authzreq": authreq.to_json(), "client_id": CLIENT_ID, "code": access_grant, "code_used": False, "scope": ["openid", 'offline_access'], "redirect_uri": "http://example.com/authz", } _sdb.do_sub(sid, "client_salt") # Construct Access token request areq = AccessTokenRequest(code=access_grant, client_id=CLIENT_ID, redirect_uri="http://example.com/authz", client_secret=CLIENT_SECRET, grant_type='authorization_code') txt = areq.to_urlencoded() resp = self.provider.token_endpoint(request=txt) atr = AccessTokenResponse().deserialize(resp.message, "json") rareq = RefreshAccessTokenRequest(grant_type="refresh_token", refresh_token=atr['refresh_token'], client_id=CLIENT_ID, client_secret=CLIENT_SECRET, scope=['openid']) resp = self.provider.token_endpoint(request=rareq.to_urlencoded()) atr2 = AccessTokenResponse().deserialize(resp.message, "json") assert atr2['access_token'] != atr['access_token'] assert atr2['refresh_token'] == atr['refresh_token'] assert atr2['token_type'] == 'Bearer'
def _do_token_refresh(self, request): # type: (Mapping[str, str]) -> oic.oic.message.AccessTokenResponse """ Handles a token request for refreshing an access token (grant_type=refresh_token). :param request: parsed http request parameters :return: a token response containing a new Access Token and possibly a new Refresh Token :raise InvalidTokenRequest: if the token request is invalid """ token_request = RefreshAccessTokenRequest().from_dict(request) try: token_request.verify() except MessageException as e: raise InvalidTokenRequest(str(e), token_request) from e response = AccessTokenResponse() access_token, refresh_token = self.authz_state.use_refresh_token( token_request['refresh_token'], scope=token_request.get('scope')) self._add_access_token_to_response(response, access_token) if refresh_token: response['refresh_token'] = refresh_token return response