def __init__( self, dataset, symkey="", rs_keyjar=None, baseurl="", # client conf below client_id=None, ca_certs=None, client_authn_method=None, c_keyjar=None, server_info=None, authz_page="", flow_type="", password=None, registration_info=None, response_type="", scope="", ca_bundle=None): self.ressrv = ResourceServer1C.__init__(dataset, symkey, client_id, ca_certs, client_authn_method, rs_keyjar, server_info, authz_page, flow_type, password, registration_info, response_type, scope, baseurl) self.client = Client(client_id, ca_certs, client_authn_method, c_keyjar, server_info, authz_page, flow_type, password, registration_info, response_type, scope) self.ca_bundle = ca_bundle
def __init__( self, name, sdb, cdb, authn_broker, authz, client_authn, symkey, urlmap=None, as_keyjar=None, as_configuration=None, base_url="", client_authn_methods=None, authn_at_registration="", client_info_url="", secret_lifetime=86400, # client conf below client_id=None, ca_certs=None, client_authn_method=None, c_keyjar=None, server_info=None, authz_page="", flow_type="", password=None, registration_info=None, response_type="", scope="", acr="", resource_srv=""): self.authzsrv = OAuth2UmaAS( name, sdb, cdb, authn_broker, authz, client_authn, symkey, urlmap, as_keyjar, configuration=as_configuration, base_url=base_url, client_authn_methods=client_authn_methods, authn_at_registration=authn_at_registration, client_info_url=client_info_url, secret_lifetime=secret_lifetime) self.client = Client(client_id, ca_certs, client_authn_method, c_keyjar, server_info, authz_page, flow_type, password, registration_info, response_type, scope) self.client.redirect_uris = self.client.registration_info[ "redirect_uris"] self.baseurl = self.authzsrv.baseurl self.resource_srv = resource_srv self.acr = acr self.trace = []
def create_client(self): dataset = DictDBWrap(USERDB) client = Client({}, client_authn_methods=CLIENT_AUTHN_METHOD) self.rsh = ResourceSetHandler(dataset, client, "hans") self.rsh.dataset.scopes2op[ 'https://dirg.org.umu.se/uma/read'] = self.rsh.dataset.get self.rsh.client.provider_info = { "resource_set_registration_endpoint": 'https://as.example.com/rsr' } self.rsh.token["PAT"] = 'pat'
def __init__(self, client_name, redirect_uris, resource_srv, acr, verify_ssl=True): UserInfo.__init__(self) # The UMA Client reginfo = { "client_name": client_name, "application_type": "native", "redirect_uris": redirect_uris } self.client = Client( {}, client_authn_methods=CLIENT_AUTHN_METHOD, registration_info=reginfo, verify_ssl=verify_ssl) self.client.redirect_uris = redirect_uris self.resource_srv = resource_srv self.acr = acr
def create_client(self): dataset = DictDBWrap(USERDB) # The scope to dataset operation map dataset.register_scope('https://dirg.org.umu.se/uma/read', 'get') client = Client({}, client_authn_methods=CLIENT_AUTHN_METHOD) resource_owner = 'hans' self.rsh = ResourceSetHandler(dataset, client, resource_owner) self.rsh.client.provider_info = { "resource_set_registration_endpoint": 'https://as.example.com/rsr' } # No the real PAT obviously self.rsh.token["PAT"] = 'pat' # map client API operation (HTTP GET) to scope self.rsh.op2scope = {'GET': 'https://dirg.org.umu.se/uma/read'}
def __init__(self, dataset, resource_owner, info_store, symkey="", client_id=None, ca_certs=None, client_authn_methods=None, keyjar=None, server_info=None, authz_page="", flow_type="", password=None, registration_info=None, response_type="", scope="", **kwargs): self.client = Client(client_id=client_id, ca_certs=ca_certs, client_authn_methods=client_authn_methods, keyjar=keyjar, server_info=server_info, authz_page=authz_page, flow_type=flow_type, password=password, registration_info=registration_info, response_type=response_type, scope=scope) self.rs_handler = ResourceSetHandler(dataset, self.client, resource_owner) self.info_store = info_store self.symkey = symkey self.kwargs = kwargs self.srv_discovery_url = "" self.cookie_handler = http_util.CookieDealer(self) self.cookie_name = "resourceserver" self.rsd_map = {} self.pat = None
RS_PORT = 8089 RS_HOST = "https://*****:*****@example.com"], "redirect_uris": [callback] } # link to the client that will talk to the AS RESSRV_CLI_KEY = "abcdefghijklmn" ressrv.oidc_client = client
RS_PORT = 8089 RS_HOST = "https://localhost:%s" % RS_PORT RS_CookieHandler = CookieDealer(None) ressrv = uma_rs.main(RS_HOST, RS_CookieHandler) print("go!") # ============================== 1 =========================================== # teach the RS about what the AS can do and where (=endpoints) opc = OIDCProviderConfiguration() resp = authzsrv.providerinfo_endpoint() oidc_pcr = ProviderConfigurationResponse().from_json(resp.message) client = Client({}, client_config={"client_authn_method": CLIENT_AUTHN_METHOD}, registration_info=ressrv.registration_info) callback = "%s/%s" % (ressrv.baseurl, "key") client.redirect_uris = [callback] _me = ressrv.registration_info.copy() _me["redirect_uris"] = [callback] # link to the client RESSRV_CLI_KEY = "abcdefghijklmn" ressrv.oic_client[RESSRV_CLI_KEY] = client ressrv.client[BASE + "/"] = client client.handle_provider_config(oidc_pcr, authzsrv.baseurl, False, False) opc.update(oidc_pcr) resp = authzsrv.uma_providerinfo_endpoint()
def __call__(self, owner, scopes, **kwargs): return "Some result" reginfo = { "client_name": "Resource server A", "redirect_uris": ["https://rsa.example.com/"], "application_type": "web" } ressrv = ResourceServer(DataSet(), registration_info=reginfo) # -------------------- ResourceServer as Client --------------------- rs_client = Client({}, {"client_authn_method": CLIENT_AUTHN_METHOD}) _me = ressrv.registration_info.copy() _me["redirect_uris"] = ["https://rs.example.com/"] # init authsrv authzsrv = Provider("foo", SessionDB(), CDB, None, AUTHZ, verify_client, "1234567890", keyjar=KeyJar()) authzsrv.baseurl = "https://as.example.com/" AUTHN_BROKER = AuthnBroker() AUTHN_BROKER.add(UNSPECIFIED, DummyAuthn(None, user="******"), 0, "http://%s" % socket.gethostname()) # AUTHN_BROKER.add(PASSWORD, # UsernamePasswordMako(
import hashlib from oic.utils.authn.client import CLIENT_AUTHN_METHOD from uma.client import Client from uma.resourcesrv import ResourceServer1C __author__ = 'rolandh' # The UMA Client reginfo = { "client_name": "https://idp.example.com", "application_type": "native", "redirect_uris": ["https://client.example.com/uma"] } CCONF = {"client_authn_method": CLIENT_AUTHN_METHOD} idp_client = Client({}, CCONF, registration_info=reginfo) # The UMA RS class DataSet(object): def __init__(self): pass def __call__(self, owner, scopes, **kwargs): return "Some result" ressrv = ResourceServer1C(DataSet(), registration_info=reginfo) EPPN = b"*****@*****.**"