def test_scope_who_am_i(provider): registration_params = { "application_type": "web", "response_types": ["code", "token"], "redirect_uris": "http://example.org" } reg_req = RegistrationRequest(**registration_params) resp = provider.registration_endpoint(reg_req.to_urlencoded()) reg_resp = RegistrationResponse().from_json(resp.message) auth_req = AuthorizationRequest( **{ "client_id": reg_resp["client_id"], "scope": "openid who_am_i", "response_type": "code token", "redirect_uri": "http://example.org", "state": "state0", "nonce": "nonce0" }) resp = provider.authorization_endpoint(auth_req.to_urlencoded()) auth_resp = AuthorizationResponse().from_urlencoded(resp.message) userinfo_req = UserInfoRequest( **{"access_token": auth_resp["access_token"]}) resp = provider.userinfo_endpoint(userinfo_req.to_urlencoded()) userinfo_resp = AuthorizationResponse().from_json(resp.message) assert userinfo_resp["given_name"] == "Bruce" assert userinfo_resp["family_name"] == "Lee"
def test_userinfo_endpoint(): server = provider_init _session_db = {} cons = Consumer(_session_db, CONSUMER_CONFIG, CLIENT_CONFIG, server_info=SERVER_INFO) cons.debug = True cons.client_secret = "drickyoughurt" cons.config["response_type"] = ["token"] cons.config["request_method"] = "parameter" cons.keyjar[""] = KC_RSA state, location = cons.begin("openid", "token", path="http://localhost:8087") resp = server.authorization_endpoint(request=location.split("?")[1]) line = resp.message path, query = line.split("#") # redirect atr = AuthorizationResponse().deserialize(query, "urlencoded") uir = UserInfoRequest(access_token=atr["access_token"], schema="openid") resp3 = server.userinfo_endpoint(request=uir.to_urlencoded()) ident = OpenIDSchema().deserialize(resp3.message, "json") print ident.keys() assert _eq(ident.keys(), ['nickname', 'sub', 'name', 'email'])
def test_userinfo_endpoint(): server = provider_init _session_db = {} cons = Consumer(_session_db, CONSUMER_CONFIG, CLIENT_CONFIG, server_info=SERVER_INFO) cons.debug = True cons.client_secret = "drickyoughurt" cons.config["response_type"] = ["token"] cons.config["request_method"] = "parameter" cons.keyjar[""] = KC_RSA location = cons.begin("openid", "token", path="http://localhost:8087") resp = server.authorization_endpoint(request=location.split("?")[1]) line = resp.message path, query = line.split("?") # redirect atr = AuthorizationResponse().deserialize(query, "urlencoded") uir = UserInfoRequest(access_token=atr["access_token"], schema="openid") resp3 = server.userinfo_endpoint(request=uir.to_urlencoded()) ident = OpenIDSchema().deserialize(resp3.message, "json") print ident.keys() assert _eq(ident.keys(), ['nickname', 'sub', 'name', 'email']) assert ident["sub"] == USERDB["username"]["sub"]
def setup_userinfo_endpoint(self): cons = Consumer( {}, CONSUMER_CONFIG, {"client_id": CLIENT_ID}, server_info=SERVER_INFO, ) cons.behaviour = { "request_object_signing_alg": DEF_SIGN_ALG["openid_request_object"] } cons.keyjar[""] = KC_RSA cons.client_secret = "drickyoughurt" state, location = cons.begin( "openid", "token", path=TestConfiguration.get_instance().rp_base) resp = self.provider.authorization_endpoint( request=urlparse(location).query) # redirect atr = AuthorizationResponse().deserialize( urlparse(resp.message).fragment, "urlencoded") uir = UserInfoRequest(access_token=atr["access_token"], schema="openid") resp = self.provider.userinfo_endpoint(request=uir.to_urlencoded()) responses.add(responses.POST, self.op_base + "userinfo", body=resp.message, status=200, content_type='application/json')
def test_userinfo_endpoint(self): self.cons.client_secret = "drickyoughurt" self.cons.config["response_type"] = ["token"] self.cons.config["request_method"] = "parameter" state, location = self.cons.begin("openid", "token", path="http://localhost:8087") resp = self.server.authorization_endpoint( request=location.split("?")[1]) line = resp.message path, query = line.split("#") # redirect atr = AuthorizationResponse().deserialize(query, "urlencoded") uir = UserInfoRequest(access_token=atr["access_token"], schema="openid") resp3 = self.server.userinfo_endpoint(request=uir.to_urlencoded()) ident = OpenIDSchema().deserialize(resp3.message, "json") print ident.keys() assert _eq(ident.keys(), ['nickname', 'sub', 'name', 'email'])
def setup_userinfo_endpoint(self): cons = Consumer({}, CONSUMER_CONFIG, {"client_id": CLIENT_ID}, server_info=SERVER_INFO, ) cons.behaviour = { "request_object_signing_alg": DEF_SIGN_ALG["openid_request_object"]} cons.keyjar[""] = KC_RSA cons.client_secret = "drickyoughurt" state, location = cons.begin("openid", "token", path=TestConfiguration.get_instance().rp_base) resp = self.provider.authorization_endpoint( request=urlparse(location).query) # redirect atr = AuthorizationResponse().deserialize( urlparse(resp.message).fragment, "urlencoded") uir = UserInfoRequest(access_token=atr["access_token"], schema="openid") resp = self.provider.userinfo_endpoint(request=uir.to_urlencoded()) responses.add( responses.POST, self.op_base + "userinfo", body=resp.message, status=200, content_type='application/json')
def test_userinfo_endpoint_malformed(self): uir = UserInfoRequest(schema="openid") resp = self.provider.userinfo_endpoint(request=uir.to_urlencoded(), authn='Not a token') assert json.loads(resp.message) == {'error_description': 'Token is malformed', 'error': 'invalid_request'}
def test_userinfo_endpoint_malformed(self): uir = UserInfoRequest(schema="openid") resp = self.provider.userinfo_endpoint(request=uir.to_urlencoded(), authn='Not a token') assert json.loads(resp.message) == { 'error_description': 'Token is malformed', 'error': 'invalid_request'}
def test_parse_userinfo_requesr(self): uireq = UserInfoRequest(access_token="access_token") uencq = uireq.to_urlencoded() qdict = self.srv.parse_user_info_request(data=uencq) assert _eq(qdict.keys(), ['access_token']) assert qdict["access_token"] == "access_token" url = "https://example.org/userinfo?{}".format(uencq) qdict = self.srv.parse_user_info_request(data=url) assert _eq(qdict.keys(), ['access_token']) assert qdict["access_token"] == "access_token"
def test_parse_userinfo_requesr(self): uireq = UserInfoRequest(access_token="access_token") uencq = uireq.to_urlencoded() qdict = self.srv.parse_user_info_request(data=uencq) assert _eq(qdict.keys(), ["access_token"]) assert qdict["access_token"] == "access_token" url = "https://example.org/userinfo?{}".format(uencq) qdict = self.srv.parse_user_info_request(data=url) assert _eq(qdict.keys(), ["access_token"]) assert qdict["access_token"] == "access_token"
def test_userinfo_endpoint_authn(self): self.cons.client_secret = "drickyoughurt" self.cons.config["response_type"] = ["token"] self.cons.config["request_method"] = "parameter" state, location = self.cons.begin("openid", "token", path="http://localhost:8087") resp = self.provider.authorization_endpoint(request=urlparse(location).query) # redirect atr = AuthorizationResponse().deserialize(urlparse(resp.message).fragment, "urlencoded") uir = UserInfoRequest(schema="openid") resp = self.provider.userinfo_endpoint(request=uir.to_urlencoded(), authn="Bearer " + atr["access_token"]) ident = OpenIDSchema().deserialize(resp.message, "json") assert _eq(ident.keys(), ["nickname", "sub", "name", "email"])
def test_userinfo_endpoint(): server = provider_init _session_db = {} cons = Consumer(_session_db, CONSUMER_CONFIG, CLIENT_CONFIG, server_info=SERVER_INFO) cons.debug = True cons.client_secret = "drickyoughurt" cons.config["response_type"] = ["token"] cons.config["request_method"] = "parameter" cons.keyjar[""] = KC_RSA environ = BASE_ENVIRON location = cons.begin(environ, start_response) environ = BASE_ENVIRON.copy() environ["QUERY_STRING"] = location.split("?")[1] resp = server.authorization_endpoint(environ, start_response) sid = resp[0][len("<form>"):-len("</form>")] environ2 = create_return_form_env("user", "password", sid) resp2 = server.authenticated(environ2, start_response) line = resp2[0] start = line.index("<title>") start += len("<title>Redirecting to ") stop = line.index("</title>") path, query = line[start:stop].split("?") # redirect atr = AuthorizationResponse().deserialize(query, "urlencoded") uir = UserInfoRequest(access_token=atr["access_token"], schema="openid") environ = BASE_ENVIRON.copy() environ["QUERY_STRING"] = uir.to_urlencoded() resp3 = server.userinfo_endpoint(environ, start_response) ident = OpenIDSchema().deserialize(resp3[0], "json") print ident.keys() assert _eq(ident.keys(), ['nickname', 'sub', 'name', 'email']) assert ident["sub"] == USERDB["user"]["sub"]
def test_userinfo_endpoint_authn(self): self.cons.client_secret = "drickyoughurt" self.cons.config["response_type"] = ["token"] self.cons.config["request_method"] = "parameter" state, location = self.cons.begin("openid", "token", path="http://localhost:8087") resp = self.provider.authorization_endpoint( request=urlparse(location).query) # redirect atr = AuthorizationResponse().deserialize( urlparse(resp.message).fragment, "urlencoded") uir = UserInfoRequest(schema="openid") resp = self.provider.userinfo_endpoint(request=uir.to_urlencoded(), authn='Bearer ' + atr[ 'access_token']) ident = OpenIDSchema().deserialize(resp.message, "json") assert _eq(ident.keys(), ['nickname', 'sub', 'name', 'email'])
def test_userinfo_endpoint(self): self.cons.client_secret = "drickyoughurt" self.cons.config["response_type"] = ["token"] self.cons.config["request_method"] = "parameter" state, location = self.cons.begin("openid", "token", path="http://localhost:8087") resp = self.server.authorization_endpoint(request=location.split("?")[1]) line = resp.message path, query = line.split("#") # redirect atr = AuthorizationResponse().deserialize(query, "urlencoded") uir = UserInfoRequest(access_token=atr["access_token"], schema="openid") resp3 = self.server.userinfo_endpoint(request=uir.to_urlencoded()) ident = OpenIDSchema().deserialize(resp3.message, "json") print ident.keys() assert _eq(ident.keys(), ['nickname', 'sub', 'name', 'email'])
def test_scope_who_am_i(provider): registration_params = { "application_type": "web", "response_types": ["code", "token"], "redirect_uris": "http://example.org"} reg_req = RegistrationRequest(**registration_params) resp = provider.registration_endpoint(reg_req.to_urlencoded()) reg_resp = RegistrationResponse().from_json(resp.message) auth_req = AuthorizationRequest( **{"client_id": reg_resp["client_id"], "scope": "openid who_am_i", "response_type": "code token", "redirect_uri": "http://example.org", "state": "state0", "nonce": "nonce0"}) resp = provider.authorization_endpoint(auth_req.to_urlencoded()) auth_resp = AuthorizationResponse().from_urlencoded(resp.message) userinfo_req = UserInfoRequest(**{"access_token": auth_resp["access_token"]}) resp = provider.userinfo_endpoint(userinfo_req.to_urlencoded()) userinfo_resp = AuthorizationResponse().from_json(resp.message) assert userinfo_resp["given_name"] == "Bruce" assert userinfo_resp["family_name"] == "Lee"
def test_userinfo_endpoint_malformed(self): uir = UserInfoRequest(schema="openid") resp = self.provider.userinfo_endpoint(request=uir.to_urlencoded(), authn="Not a token") assert json.loads(resp.message) == {"error_description": "Token is malformed", "error": "invalid_request"}