def create_endpoint(self): conf = { "issuer": "https://example.com/", "password": "******", "token_expires_in": 600, "grant_expires_in": 300, "refresh_token_expires_in": 86400, "verify_ssl": False, "capabilities": CAPABILITIES, "jwks": {"uri_path": "static/jwks.json", "key_defs": KEYDEFS}, "id_token": { "class": IDToken, "kwargs": { "default_claims": { "email": {"essential": True}, "email_verified": {"essential": True}, } }, }, "endpoint": { "authorization": { "path": "{}/authorization", "class": Authorization, "kwargs": { "response_types_supported": [ " ".join(x) for x in RESPONSE_TYPES_SUPPORTED ], "response_modes_supported": ["query", "fragment", "form_post"], "claims_parameter_supported": True, "request_parameter_supported": True, "request_uri_parameter_supported": True, }, } }, "authentication": { "anon": { "acr": "http://www.swamid.se/policy/assurance/al1", "class": "oidcendpoint.user_authn.user.NoAuthn", "kwargs": {"user": "******"}, } }, "userinfo": {"class": UserInfo, "kwargs": {"db": USERINFO_db}}, "template_dir": "template", "cookie_dealer": { "class": CookieDealer, "kwargs": { "sign_key": "ghsNKDDLshZTPn974nOsIGhedULrsqnsGoBFBLwUKuJhE2ch", "default_values": { "name": "oidcop", "domain": "127.0.0.1", "path": "/", "max_age": 3600, }, }, }, } endpoint_context = EndpointContext(conf) _clients = yaml.safe_load(io.StringIO(client_yaml)) endpoint_context.cdb = _clients["clients"] endpoint_context.keyjar.import_jwks( endpoint_context.keyjar.export_jwks(True, ""), conf["issuer"] ) self.endpoint = endpoint_context.endpoint["authorization"] self.rp_keyjar = KeyJar() self.rp_keyjar.add_symmetric("client_1", "hemligtkodord1234567890") self.endpoint.endpoint_context.keyjar.add_symmetric( "client_1", "hemligtkodord1234567890" )
def create_endpoint(self): conf = { "issuer": ISS, "password": "******", "token_expires_in": 600, "grant_expires_in": 300, "refresh_token_expires_in": 86400, "verify_ssl": False, "capabilities": CAPABILITIES, "jwks": { "uri_path": "jwks.json", "key_defs": KEYDEFS }, "endpoint": { "provider_config": { "path": "{}/.well-known/openid-configuration", "class": ProviderConfiguration, "kwargs": { "client_authn_method": None }, }, "registration": { "path": "{}/registration", "class": Registration, "kwargs": { "client_authn_method": None }, }, "authorization": { "path": "{}/authorization", "class": Authorization, "kwargs": { "client_authn_method": None }, }, "token": { "path": "{}/token", "class": AccessToken, "kwargs": {} }, "userinfo": { "path": "{}/userinfo", "class": userinfo.UserInfo, "kwargs": { "db_file": "users.json" }, }, "session": { "path": "{}/end_session", "class": Session, "kwargs": { "post_logout_uri_path": "post_logout", "signing_alg": "ES256", "logout_verify_url": "{}/verify_logout".format(ISS), "client_authn_method": None, }, }, }, "authentication": { "anon": { "acr": INTERNETPROTOCOLPASSWORD, "class": "oidcendpoint.user_authn.user.NoAuthn", "kwargs": { "user": "******" }, } }, "userinfo": { "class": UserInfo, "kwargs": { "db": USERINFO_db } }, "template_dir": "template", # 'cookie_name':{ # 'session': 'oidcop', # 'register': 'oidcreg' # } } cookie_conf = { "sign_key": "ghsNKDDLshZTPn974nOsIGhedULrsqnsGoBFBLwUKuJhE2ch", "default_values": { "name": "oidcop", "domain": "127.0.0.1", "path": "/", "max_age": 3600, }, } self.cd = CookieDealer(**cookie_conf) endpoint_context = EndpointContext(conf, cookie_dealer=self.cd, keyjar=KEYJAR) endpoint_context.cdb = { "client_1": { "client_secret": "hemligt", "redirect_uris": [("{}cb".format(CLI1), None)], "client_salt": "salted", "token_endpoint_auth_method": "client_secret_post", "response_types": ["code", "token", "code id_token", "id_token"], "post_logout_redirect_uris": [("{}logout_cb".format(CLI1), "")], }, "client_2": { "client_secret": "hemligare", "redirect_uris": [("{}cb".format(CLI2), None)], "client_salt": "saltare", "token_endpoint_auth_method": "client_secret_post", "response_types": ["code", "token", "code id_token", "id_token"], "post_logout_redirect_uris": [("{}logout_cb".format(CLI2), "")], }, } self.authn_endpoint = endpoint_context.endpoint["authorization"] self.session_endpoint = endpoint_context.endpoint["session"] self.token_endpoint = endpoint_context.endpoint["token"]
def create_endpoint(self): conf = { "issuer": "https://example.com/", "password": "******", "token_expires_in": 600, "grant_expires_in": 300, "refresh_token_expires_in": 86400, "verify_ssl": False, "capabilities": CAPABILITIES, "jwks": {"uri_path": "static/jwks.json", "key_defs": KEYDEFS}, "id_token": { "class": IDToken, "kwargs": { "default_claims": { "email": {"essential": True}, "email_verified": {"essential": True}, } }, }, "endpoint": { "provider_config": { "path": "{}/.well-known/openid-configuration", "class": ProviderConfiguration, "kwargs": {}, }, "registration": { "path": "{}/registration", "class": Registration, "kwargs": {}, }, "authorization": { "path": "{}/authorization", "class": Authorization, "kwargs": {}, }, "token": {"path": "{}/token", "class": AccessToken, "kwargs": {}}, "userinfo": { "path": "{}/userinfo", "class": userinfo.UserInfo, "kwargs": {"db_file": "users.json"}, }, }, "authentication": { "anon": { "acr": "http://www.swamid.se/policy/assurance/al1", "class": "oidcendpoint.user_authn.user.NoAuthn", "kwargs": {"user": "******"}, } }, "userinfo": {"class": UserInfo, "kwargs": {"db": USERINFO_db}}, "template_dir": "template", "cookie_dealer": { "class": CookieDealer, "kwargs": { "sign_key": "ghsNKDDLshZTPn974nOsIGhedULrsqnsGoBFBLwUKuJhE2ch", "default_values": { "name": "oidcop", "domain": "127.0.0.1", "path": "/", "max_age": 3600, }, }, }, "login_hint2acrs": { "class": LoginHint2Acrs, "kwargs": {"scheme_map": {"email": [INTERNETPROTOCOLPASSWORD]}}, }, } endpoint_context = EndpointContext(conf) _clients = yaml.safe_load(io.StringIO(client_yaml)) endpoint_context.cdb = _clients["oidc_clients"] endpoint_context.keyjar.import_jwks( endpoint_context.keyjar.export_jwks(True, ""), conf["issuer"] ) self.endpoint = Authorization(endpoint_context)