def test_faulty_idtoken_from_accesstoken_endpoint(): consumer = Consumer(SessionDB(SERVER_INFO["issuer"]), CONFIG, CLIENT_CONFIG, SERVER_INFO) consumer.keyjar = CLIKEYS mfos = MITMServer("http://localhost:8088") mfos.keyjar = SRVKEYS consumer.http_request = mfos.http_request consumer.redirect_uris = ["http://example.com/authz"] _state = "state0" consumer.nonce = rndstr() consumer.client_secret = "hemlig" consumer.secret_type = "basic" consumer.config["response_type"] = ["id_token"] args = { "client_id": consumer.client_id, "response_type": consumer.config["response_type"], "scope": ["openid"], } result = consumer.do_authorization_request(state=_state, request_args=args) consumer._backup("state0") assert result.status_code == 302 # assert result.location.startswith(consumer.redirect_uri[0]) _, query = result.headers["location"].split("?") print query try: consumer.parse_authz(query=query) except BadSignature: pass else: assert False
def test_faulty_idtoken_from_accesstoken_endpoint(self): mfos = MITMServer("http://localhost:8088") mfos.keyjar = SRVKEYS self.consumer.http_request = mfos.http_request _state = "state0" self.consumer.consumer_config["response_type"] = ["id_token"] args = { "client_id": self.consumer.client_id, "response_type": self.consumer.consumer_config["response_type"], "scope": ["openid"], } result = self.consumer.do_authorization_request(state=_state, request_args=args) self.consumer._backup("state0") assert result.status_code == 302 query = urlparse(result.headers["location"]).query with pytest.raises(BadSignature): self.consumer.parse_authz(query=query)