def test_sign_registration_request(self):
rp_root_key = rsa_key()
rp = RP(None, rp_root_key, [], None, None)
reg_req = FederationRegistrationRequest(**{"foo": "bar"})
signed = rp._sign_registration_request(reg_req)
_jws = JWS()
assert _jws.is_jws(signed)
assert _jws.jwt.headers["kid"] == rp.intermediate_key.kid
assert SignedHttpRequest(rp.intermediate_key).verify(signed, body=reg_req.to_json())
def test_provider_configuration(self):
provider_config = json.loads(self.op.provider_configuration().message)
assert provider_config["issuer"] == ISSUER
assert provider_config["software_statements"] == self.op.software_statements_jws
assert provider_config["signing_key"] == self.op.signed_intermediate_key
assert provider_config["signed_jwks_uri"] == self.op.signed_jwks_uri
_jws = JWS()
assert _jws.is_jws(provider_config["signed_metadata"])
assert _jws.jwt.headers["kid"] == self.op.intermediate_key.kid
expected_metadata_parameters = set(provider_config.keys())
expected_metadata_parameters.remove("signed_metadata")
actual_metadata_parameters = (
JWS().verify_compact(provider_config["signed_metadata"], keys=[self.op.intermediate_key]).keys()
)
assert set(actual_metadata_parameters) == expected_metadata_parameters
