ressrv = idm_rs.main(RS_HOST, RS_CookieHandler)
print("go!")
# ============================== 1 ===========================================
# teach the RS about what the AS can do and where (=endpoints)
opc = OIDCProviderConfiguration()
resp = authzsrv.oidc_providerinfo_endpoint()
oidc_pcr = ProviderConfigurationResponse().from_json(resp.message)
client = Client({}, client_authn_methods=CLIENT_AUTHN_METHOD)
ressrv.baseurl = RS_HOST
callback = "%s/%s" % (ressrv.baseurl, "key")
client.redirect_uris = [callback]
_me = {
"application_type": "web",
"application_name": "umaclient",
"contacts": ["*****@*****.**"],
"redirect_uris": [callback]
}
# link to the client that will talk to the AS
RESSRV_CLI_KEY = "abcdefghijklmn"
ressrv.oidc_client = client
ressrv.client = client
# load the AS provider configuration
# first the OIDC side of the AS
return IntrospectionResponse().from_json(_iresp.message)
# ============================== 1 ===========================================
# teach the RS about what the AS can do and where (=endpoints)
opc = OIDCProviderConfiguration()
resp = authzsrv.providerinfo_endpoint()
oidc_pcr = ProviderConfigurationResponse().from_json(resp.message)
client = Client(
{},
client_config={"client_authn_method": CLIENT_AUTHN_METHOD},
registration_info=ressrv.registration_info)
callback = "%s/%s" % (ressrv.baseurl, "key")
client.redirect_uris = [callback]
_me = ressrv.registration_info.copy()
_me["redirect_uris"] = [callback]
# link to the client
RESSRV_CLI_KEY = "abcdefghijklmn"
ressrv.oic_client[RESSRV_CLI_KEY] = client
ressrv.client[BASE + "/"] = client
client.handle_provider_config(oidc_pcr, authzsrv.baseurl, False, False)
opc.update(oidc_pcr)
resp = authzsrv.uma_providerinfo_endpoint()
uma_pcr = ProviderConfiguration().from_json(resp.message)
opc.update(uma_pcr)
client.handle_provider_config(uma_pcr, authzsrv.baseurl, False, False)
authzsrv.set_authn_broker(AUTHN_BROKER)
ressrv.set_client(authzsrv.baseurl, rs_client)
# -------------------- find authzsrv info --------------------
pcr = ProviderConfiguration().from_json(
authzsrv.providerinfo_endpoint().message)
rs_client.provider_info[pcr["issuer"]] = pcr
for key, val in list(pcr.items()):
if key.endswith("_endpoint"):
setattr(rs_client, key, val)
# -------------------- register client --------------------
rs_client.redirect_uris = _me["redirect_uris"]
http_args, req = rs_client._register(pcr["dynamic_client_endpoint"],
**_me)
resp1 = authzsrv.registration_endpoint(req.to_json())
#regresp = RegistrationResponse().from_json(resp.message)
dresp = DummyResponse(resp1.message)
rs_client.handle_registration_info(dresp)
# -------------- AuthorizationRequest as Resource Owner = Alice ---------------
args = {"response_type": ["code"],
"scope": ["openid"],
"state": "STATE"}
#client.do_authorization_request(state="STATE", request_args=args)
md.update(EPPN)
_key = base64.b16encode(md.digest())
reginfo = {
"client_name": "https://rs.example.com",
"application_type": "web",
"redirect_uris": ["https://rs.example.com/uma/client/%s" % _key]
}
BASE = "http://localhost:8088"
_as = BASE
_client = Client({}, CCONF)
_client.provider_config(_as)
_client.redirect_uris = reginfo["redirect_uris"]
_client.register(
_client.provider_info[BASE]["dynamic_client_endpoint"], **reginfo)
ressrv.set_client(_key, _client)
# Authorize and get PAT
args = {"response_type": ["code"],
"scope": ["openid"]}
resp = _client.do_authorization_request(
state="STATE", request_args=args,
endpoint=_client.provider_info[BASE]["authorization_request_endpoint"])
# The UMA client after given the AS URL
md.update(EPPN)
_key = base64.b16encode(md.digest())
reginfo = {
"client_name": "https://rs.example.com",
"application_type": "web",
"redirect_uris": ["https://rs.example.com/uma/client/%s" % _key]
}
BASE = "http://localhost:8088"
_as = BASE
_client = Client({}, CCONF)
_client.provider_config(_as)
_client.redirect_uris = reginfo["redirect_uris"]
_client.register(_client.provider_info[BASE]["dynamic_client_endpoint"],
**reginfo)
ressrv.set_client(_key, _client)
# Authorize and get PAT
args = {"response_type": ["code"], "scope": ["openid"]}
resp = _client.do_authorization_request(
state="STATE",
request_args=args,
endpoint=_client.provider_info[BASE]["authorization_request_endpoint"])
# The UMA client after given the AS URL
