def __init__(
self,
dataset,
symkey="",
rs_keyjar=None,
baseurl="",
# client conf below
client_id=None,
ca_certs=None,
client_authn_method=None,
c_keyjar=None,
server_info=None,
authz_page="",
flow_type="",
password=None,
registration_info=None,
response_type="",
scope="",
ca_bundle=None):
self.ressrv = ResourceServer1C.__init__(dataset, symkey, client_id,
ca_certs, client_authn_method,
rs_keyjar, server_info,
authz_page, flow_type,
password, registration_info,
response_type, scope, baseurl)
self.client = Client(client_id, ca_certs, client_authn_method,
c_keyjar, server_info, authz_page, flow_type,
password, registration_info, response_type, scope)
self.ca_bundle = ca_bundle
def __init__(
self,
name,
sdb,
cdb,
authn_broker,
authz,
client_authn,
symkey,
urlmap=None,
as_keyjar=None,
as_configuration=None,
base_url="",
client_authn_methods=None,
authn_at_registration="",
client_info_url="",
secret_lifetime=86400,
# client conf below
client_id=None,
ca_certs=None,
client_authn_method=None,
c_keyjar=None,
server_info=None,
authz_page="",
flow_type="",
password=None,
registration_info=None,
response_type="",
scope="",
acr="",
resource_srv=""):
self.authzsrv = OAuth2UmaAS(
name,
sdb,
cdb,
authn_broker,
authz,
client_authn,
symkey,
urlmap,
as_keyjar,
configuration=as_configuration,
base_url=base_url,
client_authn_methods=client_authn_methods,
authn_at_registration=authn_at_registration,
client_info_url=client_info_url,
secret_lifetime=secret_lifetime)
self.client = Client(client_id, ca_certs, client_authn_method,
c_keyjar, server_info, authz_page, flow_type,
password, registration_info, response_type, scope)
self.client.redirect_uris = self.client.registration_info[
"redirect_uris"]
self.baseurl = self.authzsrv.baseurl
self.resource_srv = resource_srv
self.acr = acr
self.trace = []
def create_client(self):
dataset = DictDBWrap(USERDB)
client = Client({}, client_authn_methods=CLIENT_AUTHN_METHOD)
self.rsh = ResourceSetHandler(dataset, client, "hans")
self.rsh.dataset.scopes2op[
'https://dirg.org.umu.se/uma/read'] = self.rsh.dataset.get
self.rsh.client.provider_info = {
"resource_set_registration_endpoint": 'https://as.example.com/rsr'
}
self.rsh.token["PAT"] = 'pat'
def __init__(self, client_name, redirect_uris, resource_srv, acr,
verify_ssl=True):
UserInfo.__init__(self)
# The UMA Client
reginfo = {
"client_name": client_name,
"application_type": "native",
"redirect_uris": redirect_uris
}
self.client = Client(
{}, client_authn_methods=CLIENT_AUTHN_METHOD,
registration_info=reginfo, verify_ssl=verify_ssl)
self.client.redirect_uris = redirect_uris
self.resource_srv = resource_srv
self.acr = acr
def create_client(self):
dataset = DictDBWrap(USERDB)
# The scope to dataset operation map
dataset.register_scope('https://dirg.org.umu.se/uma/read', 'get')
client = Client({}, client_authn_methods=CLIENT_AUTHN_METHOD)
resource_owner = 'hans'
self.rsh = ResourceSetHandler(dataset, client, resource_owner)
self.rsh.client.provider_info = {
"resource_set_registration_endpoint": 'https://as.example.com/rsr'
}
# No the real PAT obviously
self.rsh.token["PAT"] = 'pat'
# map client API operation (HTTP GET) to scope
self.rsh.op2scope = {'GET': 'https://dirg.org.umu.se/uma/read'}
def __init__(self,
dataset,
resource_owner,
info_store,
symkey="",
client_id=None,
ca_certs=None,
client_authn_methods=None,
keyjar=None,
server_info=None,
authz_page="",
flow_type="",
password=None,
registration_info=None,
response_type="",
scope="",
**kwargs):
self.client = Client(client_id=client_id,
ca_certs=ca_certs,
client_authn_methods=client_authn_methods,
keyjar=keyjar,
server_info=server_info,
authz_page=authz_page,
flow_type=flow_type,
password=password,
registration_info=registration_info,
response_type=response_type,
scope=scope)
self.rs_handler = ResourceSetHandler(dataset, self.client,
resource_owner)
self.info_store = info_store
self.symkey = symkey
self.kwargs = kwargs
self.srv_discovery_url = ""
self.cookie_handler = http_util.CookieDealer(self)
self.cookie_name = "resourceserver"
self.rsd_map = {}
self.pat = None
RS_PORT = 8089
RS_HOST = "https://*****:*****@example.com"],
"redirect_uris": [callback]
}
# link to the client that will talk to the AS
RESSRV_CLI_KEY = "abcdefghijklmn"
ressrv.oidc_client = client
RS_PORT = 8089
RS_HOST = "https://localhost:%s" % RS_PORT
RS_CookieHandler = CookieDealer(None)
ressrv = uma_rs.main(RS_HOST, RS_CookieHandler)
print("go!")
# ============================== 1 ===========================================
# teach the RS about what the AS can do and where (=endpoints)
opc = OIDCProviderConfiguration()
resp = authzsrv.providerinfo_endpoint()
oidc_pcr = ProviderConfigurationResponse().from_json(resp.message)
client = Client({},
client_config={"client_authn_method": CLIENT_AUTHN_METHOD},
registration_info=ressrv.registration_info)
callback = "%s/%s" % (ressrv.baseurl, "key")
client.redirect_uris = [callback]
_me = ressrv.registration_info.copy()
_me["redirect_uris"] = [callback]
# link to the client
RESSRV_CLI_KEY = "abcdefghijklmn"
ressrv.oic_client[RESSRV_CLI_KEY] = client
ressrv.client[BASE + "/"] = client
client.handle_provider_config(oidc_pcr, authzsrv.baseurl, False, False)
opc.update(oidc_pcr)
resp = authzsrv.uma_providerinfo_endpoint()
def __call__(self, owner, scopes, **kwargs):
return "Some result"
reginfo = {
"client_name": "Resource server A",
"redirect_uris": ["https://rsa.example.com/"],
"application_type": "web"
}
ressrv = ResourceServer(DataSet(), registration_info=reginfo)
# -------------------- ResourceServer as Client ---------------------
rs_client = Client({}, {"client_authn_method": CLIENT_AUTHN_METHOD})
_me = ressrv.registration_info.copy()
_me["redirect_uris"] = ["https://rs.example.com/"]
# init authsrv
authzsrv = Provider("foo", SessionDB(), CDB, None, AUTHZ,
verify_client, "1234567890", keyjar=KeyJar())
authzsrv.baseurl = "https://as.example.com/"
AUTHN_BROKER = AuthnBroker()
AUTHN_BROKER.add(UNSPECIFIED, DummyAuthn(None, user="******"), 0,
"http://%s" % socket.gethostname())
# AUTHN_BROKER.add(PASSWORD,
# UsernamePasswordMako(
import hashlib
from oic.utils.authn.client import CLIENT_AUTHN_METHOD
from uma.client import Client
from uma.resourcesrv import ResourceServer1C
__author__ = 'rolandh'
# The UMA Client
reginfo = {
"client_name": "https://idp.example.com",
"application_type": "native",
"redirect_uris": ["https://client.example.com/uma"]
}
CCONF = {"client_authn_method": CLIENT_AUTHN_METHOD}
idp_client = Client({}, CCONF, registration_info=reginfo)
# The UMA RS
class DataSet(object):
def __init__(self):
pass
def __call__(self, owner, scopes, **kwargs):
return "Some result"
ressrv = ResourceServer1C(DataSet(), registration_info=reginfo)
EPPN = b"*****@*****.**"
