def read_registration(self, authn, request, **kwargs): """ Read all information this server has on a client. Authorization is done by using the access token that was return as part of the client registration result. :param authn: The Authorization HTTP header :param request: The query part of the URL :param kwargs: Any other arguments :return: """ logger.debug("authn: %s, request: %s" % (authn, request)) # verify the access token, has to be key into the client information # database. assert authn.startswith("Bearer ") token = authn[len("Bearer "):] client_id = self.cdb[token] # extra check _info = urllib.parse.parse_qs(request) assert _info["client_id"][0] == client_id logger.debug("Client '%s' reads client info" % client_id) args = dict([(k, v) for k, v in list(self.cdb[client_id].items()) if k in RegistrationResponse.c_param]) self.comb_redirect_uris(args) response = RegistrationResponse(**args) return Response(response.to_json(), content="application/json", headers=[("Cache-Control", "no-store")])
def handle_registration_info(self, response): err_msg = 'Got error response: {}' unk_msg = 'Unknown response: {}' if response.status_code in [200, 201]: resp = RegistrationResponse().deserialize(response.text, "json") # Some implementations sends back a 200 with an error message inside if resp.verify(): # got a proper registration response resp = self.get_metadata_statement(resp) if resp is None: # No metadata statement that I can use raise RegistrationError('No trusted metadata') self.store_response(resp, response.text) self.store_registration_info(resp) else: resp = ErrorResponse().deserialize(response.text, "json") if resp.verify(): logger.error(err_msg.format(sanitize(resp.to_json()))) if self.events: self.events.store('protocol response', resp) raise RegistrationError(resp.to_dict()) else: # Something else logger.error(unk_msg.format(sanitize(response.text))) raise RegistrationError(response.text) else: try: resp = ErrorResponse().deserialize(response.text, "json") except _decode_err: logger.error(unk_msg.format(sanitize(response.text))) raise RegistrationError(response.text) if resp.verify(): logger.error(err_msg.format(sanitize(resp.to_json()))) if self.events: self.events.store('protocol response', resp) raise RegistrationError(resp.to_dict()) else: # Something else logger.error(unk_msg.format(sanitize(response.text))) raise RegistrationError(response.text) return resp
def l_registration_endpoint(self, request, authn=None, **kwargs): _log_debug = logger.debug _log_info = logger.info _log_debug("@registration_endpoint") request = RegistrationRequest().deserialize(request, "json") _log_info("registration_request:%s" % request.to_dict()) resp_keys = list(request.keys()) try: request.verify() except MessageException as err: if "type" not in request: return self._error(error="invalid_type", descr="%s" % err) else: return self._error(error="invalid_configuration_parameter", descr="%s" % err) _keyjar = self.server.keyjar # create new id och secret client_id = rndstr(12) while client_id in self.cdb: client_id = rndstr(12) client_secret = secret(self.seed, client_id) _rat = rndstr(32) reg_enp = "" for endp in self.endpoints: if isinstance(endp, DynamicClientEndpoint): reg_enp = "%s%s" % (self.baseurl, endp.etype) self.cdb[client_id] = { "client_id": client_id, "client_secret": client_secret, "registration_access_token": _rat, "registration_client_uri": "%s?client_id=%s" % (reg_enp, client_id), "client_secret_expires_at": utc_time_sans_frac() + 86400, "client_id_issued_at": utc_time_sans_frac()} self.cdb[_rat] = client_id _cinfo = self.do_client_registration(request, client_id, ignore=["redirect_uris", "policy_url", "logo_url"]) if isinstance(_cinfo, Response): return _cinfo args = dict([(k, v) for k, v in list(_cinfo.items()) if k in RegistrationResponse.c_param]) self.comb_redirect_uris(args) response = RegistrationResponse(**args) self.keyjar.load_keys(request, client_id) # Add the key to the keyjar if client_secret: _kc = KeyBundle([{"kty": "oct", "key": client_secret, "use": "ver"}, {"kty": "oct", "key": client_secret, "use": "sig"}]) try: _keyjar[client_id].append(_kc) except KeyError: _keyjar[client_id] = [_kc] self.cdb[client_id] = _cinfo _log_info("Client info: %s" % _cinfo) logger.debug("registration_response: %s" % response.to_dict()) return Response(response.to_json(), content="application/json", headers=[("Cache-Control", "no-store")])
def l_registration_endpoint(self, request, authn=None, **kwargs): _log_debug = logger.debug _log_info = logger.info _log_debug("@registration_endpoint") request = RegistrationRequest().deserialize(request, "json") _log_info("registration_request:%s" % request.to_dict()) resp_keys = list(request.keys()) try: request.verify() except MessageException as err: if "type" not in request: return self._error(error="invalid_type", descr="%s" % err) else: return self._error(error="invalid_configuration_parameter", descr="%s" % err) _keyjar = self.server.keyjar # create new id och secret client_id = rndstr(12) while client_id in self.cdb: client_id = rndstr(12) client_secret = secret(self.seed, client_id) _rat = rndstr(32) reg_enp = "" for endp in self.endpoints: if isinstance(endp, DynamicClientEndpoint): reg_enp = "%s%s" % (self.baseurl, endp.etype) self.cdb[client_id] = { "client_id": client_id, "client_secret": client_secret, "registration_access_token": _rat, "registration_client_uri": "%s?client_id=%s" % (reg_enp, client_id), "client_secret_expires_at": utc_time_sans_frac() + 86400, "client_id_issued_at": utc_time_sans_frac() } self.cdb[_rat] = client_id _cinfo = self.do_client_registration( request, client_id, ignore=["redirect_uris", "policy_url", "logo_url"]) if isinstance(_cinfo, Response): return _cinfo args = dict([(k, v) for k, v in list(_cinfo.items()) if k in RegistrationResponse.c_param]) self.comb_redirect_uris(args) response = RegistrationResponse(**args) self.keyjar.load_keys(request, client_id) # Add the key to the keyjar if client_secret: _kc = KeyBundle([{ "kty": "oct", "key": client_secret, "use": "ver" }, { "kty": "oct", "key": client_secret, "use": "sig" }]) try: _keyjar[client_id].append(_kc) except KeyError: _keyjar[client_id] = [_kc] self.cdb[client_id] = _cinfo _log_info("Client info: %s" % _cinfo) logger.debug("registration_response: %s" % response.to_dict()) return Response(response.to_json(), content="application/json", headers=[("Cache-Control", "no-store")])