def test_extract_mode(): mod, path = extract_mode("test_id") assert mod == {"test_id": "test_id"} assert path == "" mod, path = extract_mode(OIDCONF_PATTERN % "test_id") assert mod == {"test_id": "test_id"} assert path == '.well-known/openid-configuration' mod, path = extract_mode("/test_id/_/_/_/normal") assert mod == {"test_id": "test_id", "claims": ["normal"]} assert path == '' mod, path = extract_mode("/test_id/_/_/_/normal/token") assert mod == {"test_id": "test_id", "claims": ["normal"]} assert path == 'token' mod, path = extract_mode( "/test_id/RS256/RSA1_5:A128CBC-HS256/iat/normal/token") assert mod == { 'behavior': ['iat'], 'enc_alg': 'RSA1_5', 'enc_enc': 'A128CBC-HS256', 'sign_alg': 'RS256', 'claims': ['normal'], 'test_id': 'test_id' } assert path == 'token' mod, path = extract_mode( "/test_id/RS256/RSA1_5:A128CBC-HS256/iat,issi/normal,aggregated/token") assert mod == { 'behavior': ['iat', 'issi'], 'enc_alg': 'RSA1_5', 'enc_enc': 'A128CBC-HS256', 'sign_alg': 'RS256', 'claims': ['normal', 'aggregated'], 'test_id': 'test_id' } assert path == 'token'
def test_extract_mode(): mod, path = extract_mode("test_id") assert mod == {"test_id": "test_id"} assert path == "" mod, path = extract_mode(OIDCONF_PATTERN % "test_id") assert mod == {"test_id": "test_id"} assert path == '.well-known/openid-configuration' mod, path = extract_mode("/test_id/_/_/_/normal") assert mod == {"test_id": "test_id", "claims": ["normal"]} assert path == '' mod, path = extract_mode("/test_id/_/_/_/normal/token") assert mod == {"test_id": "test_id", "claims": ["normal"]} assert path == 'token' mod, path = extract_mode( "/test_id/RS256/RSA1_5:A128CBC-HS256/iat/normal/token") assert mod == {'behavior': ['iat'], 'enc_alg': 'RSA1_5', 'enc_enc': 'A128CBC-HS256', 'sign_alg': 'RS256', 'claims': ['normal'], 'test_id': 'test_id'} assert path == 'token' mod, path = extract_mode( "/test_id/RS256/RSA1_5:A128CBC-HS256/iat,issi/normal,aggregated/token") assert mod == {'behavior': ['iat', 'issi'], 'enc_alg': 'RSA1_5', 'enc_enc': 'A128CBC-HS256', 'sign_alg': 'RS256', 'claims': ['normal', 'aggregated'], 'test_id': 'test_id'} assert path == 'token'
def application(environ, start_response): """ :param environ: The HTTP application environment :param start_response: The application to run when the handling of the request is done :return: The response as a list of lines """ global OAS session = environ['beaker.session'] path = environ.get('PATH_INFO', '').lstrip('/') response_encoder = ResponseEncoder(environ=environ, start_response=start_response) parameters = parse_qs(environ["QUERY_STRING"]) if path == "robots.txt": return static(environ, start_response, "static/robots.txt") if path.startswith("static/"): return static(environ, start_response, path) elif path.startswith("log"): return display_log(environ, start_response) elif path.startswith("_static/"): return static(environ, start_response, path) trace = Trace() if path == "test_list": return rp_test_list(environ, start_response) elif path == "": return registration(environ, start_response) elif path == "generate_client_credentials": client_id, client_secret = generate_static_client_credentials(parameters) return response_encoder.return_json( json.dumps({"client_id": client_id, "client_secret": client_secret})) elif path == "claim": _oas = session["op"] authz = environ["HTTP_AUTHORIZATION"] try: assert authz.startswith("Bearer") except AssertionError: resp = BadRequest() else: tok = authz[7:] try: _claims = _oas.claim_access_token[tok] except KeyError: resp = BadRequest() else: del _oas.claim_access_token[tok] resp = Response(json.dumps(_claims), content='application/json') return resp(environ, start_response) mode, endpoint = extract_mode(path) if endpoint == ".well-known/webfinger": _p = urlparse(parameters["resource"][0]) if _p.scheme in ["http", "https"]: mode = {"test_id": _p.path[1:]} elif _p.scheme == "acct": _l, _ = _p.path.split('@') mode = {"test_id": _l} else: resp = ServiceError("Unknown scheme: {}".format(_p.scheme)) return resp(environ, start_response) if mode: session["test_id"] = mode["test_id"] if "op" not in session: session["op"] = setup_op(mode, COM_ARGS, OP_ARG) session["mode_path"] = mode2path(mode) else: # may be a new mode _path = mode2path(mode) if session["mode_path"] != _path: session["op"] = setup_op(mode, COM_ARGS, OP_ARG) session["mode_path"] = _path for regex, callback in URLS: match = re.search(regex, endpoint) if match is not None: trace.request("PATH: %s" % endpoint) trace.request("METHOD: %s" % environ["REQUEST_METHOD"]) try: trace.request( "HTTP_AUTHORIZATION: %s" % environ["HTTP_AUTHORIZATION"]) except KeyError: pass try: environ['oic.url_args'] = match.groups()[0] except IndexError: environ['oic.url_args'] = endpoint LOGGER.info("callback: %s" % callback) try: if hasattr(callback, 'func'): return callback.func(environ, start_response, session, trace) else: return callback(environ, start_response, session, trace) except Exception as err: print >> sys.stderr, "%s" % err message = traceback.format_exception(*sys.exc_info()) print >> sys.stderr, message LOGGER.exception("%s" % err) resp = ServiceError("%s" % err) return resp(environ, start_response) LOGGER.debug("unknown side: %s" % endpoint) resp = NotFound("Couldn't find the side you asked for!") return resp(environ, start_response)
def application(environ, start_response): """ :param environ: The HTTP application environment :param start_response: The application to run when the handling of the request is done :return: The response as a list of lines """ global OAS session = environ['beaker.session'] path = environ.get('PATH_INFO', '').lstrip('/') response_encoder = ResponseEncoder(environ=environ, start_response=start_response) parameters = parse_qs(environ["QUERY_STRING"]) if path == "robots.txt": return static(environ, start_response, "static/robots.txt") if path.startswith("static/"): return static(environ, start_response, path) elif path.startswith("log"): return display_log(environ, start_response) elif path.startswith("_static/"): return static(environ, start_response, path) trace = Trace() if path == "test_list": return rp_test_list(environ, start_response) elif path == "": return registration(environ, start_response) elif path == "generate_client_credentials": client_id, client_secret = generate_static_client_credentials(parameters) return response_encoder.return_json( json.dumps({"client_id": client_id, "client_secret": client_secret})) elif path == "claim": _oas = session["op"] authz = environ["HTTP_AUTHORIZATION"] try: assert authz.startswith("Bearer") except AssertionError: resp = BadRequest() else: tok = authz[7:] try: _claims = _oas.claim_access_token[tok] except KeyError: resp = BadRequest() else: del _oas.claim_access_token[tok] resp = Response(json.dumps(_claims), content='application/json') return resp(environ, start_response) mode, endpoint = extract_mode(path) if endpoint == ".well-known/webfinger": _p = urlparse(parameters["resource"][0]) if _p.scheme in ["http", "https"]: mode = {"test_id": _p.path[1:]} elif _p.scheme == "acct": _l, _ = _p.path.split('@') mode = {"test_id": _l} else: resp = ServiceError("Unknown scheme: {}".format(_p.scheme)) return resp(environ, start_response) if mode: session["test_id"] = mode["test_id"] if "op" not in session: session["op"] = setup_op(mode, COM_ARGS, OP_ARG) session["mode_path"] = mode2path(mode) else: # may be a new mode _path = mode2path(mode) if session["mode_path"] != _path: session["op"] = setup_op(mode, COM_ARGS, OP_ARG) session["mode_path"] = _path for regex, callback in URLS: match = re.search(regex, endpoint) if match is not None: trace.request("PATH: %s" % endpoint) trace.request("METHOD: %s" % environ["REQUEST_METHOD"]) try: trace.request( "HTTP_AUTHORIZATION: %s" % environ["HTTP_AUTHORIZATION"]) except KeyError: pass try: environ['oic.url_args'] = match.groups()[0] except IndexError: environ['oic.url_args'] = endpoint LOGGER.info("callback: %s" % callback) try: return callback(environ, start_response, session, trace) except Exception as err: print >> sys.stderr, "%s" % err message = traceback.format_exception(*sys.exc_info()) print >> sys.stderr, message LOGGER.exception("%s" % err) resp = ServiceError("%s" % err) return resp(environ, start_response) LOGGER.debug("unknown side: %s" % endpoint) resp = NotFound("Couldn't find the side you asked for!") return resp(environ, start_response)