def setup_conv():
entity = Client(client_authn_method=CLIENT_AUTHN_METHOD, verify_ssl=False)
entity.provider_info = ProviderConfigurationResponse(
authorization_endpoint="https://example.com", )
cls_factories = {'': oper.factory}
func_factory = func.factory
flow_state = FlowState('flows',
profile_handler=ProfileHandler,
cls_factories=cls_factories,
func_factory=func_factory,
display_order=OP_ORDER)
iss = 'https://example.org'
tag = 'foobar'
session_handler = SessionHandler(iss, tag, flows=flow_state,
tool_conf={}) # , rest=rest, **webenv)
session_handler.iss = iss
session_handler.tag = tag
info = WebIh(session=session_handler, profile_handler=ProfileHandler)
conv = Conversation([], entity, factory, callback_uris=[])
conv.events = Events()
conv.tool_config = {}
return {'conv': conv, 'io': info}
def new_map(self, sid=''):
if not sid:
sid = rndstr(16)
op = self.provider_cls(**self.as_args)
op.baseurl = '{}{}'.format(self.base_url, sid)
op.name = op.baseurl
_conv = Conversation(None, op, None)
_conv.events = self.as_args['event_db']
_conv.data = self.data
sh = SessionHandler(flows=self.flows, order=self.order)
sh.init_session(self.profile)
self._db[sid] = {
'op': op,
'conv': _conv,
'ts': time.time(),
'selected': {},
'session_handler': sh,
'headlines': self.headlines
}
return sid
def new_map(self, sid=''):
if not sid:
sid = rndstr(16)
op = self.provider_cls(**self.as_args)
op.baseurl = '{}{}'.format(self.base_url, sid)
op.name = op.baseurl
_conv = Conversation(None, op, None)
_conv.events = self.as_args['event_db']
_conv.data = self.data
sh = SessionHandler(flows=self.flows, order=self.order)
sh.init_session(self.profile)
self._db[sid] = {
'op': op,
'conv': _conv,
'ts': time.time(),
'selected': {},
'session_handler': sh,
'headlines': self.headlines
}
return sid
def setup_conv():
entity = Client(client_authn_method=CLIENT_AUTHN_METHOD,
verify_ssl=False)
entity.provider_info = ProviderConfigurationResponse(
authorization_endpoint="https://example.com",
)
cls_factories = {'': oper.factory}
func_factory = func.factory
flow_state = FlowState('flows', profile_handler=ProfileHandler,
cls_factories=cls_factories,
func_factory=func_factory,
display_order=OP_ORDER)
iss = 'https://example.org'
tag = 'foobar'
session_handler = SessionHandler(iss, tag,
flows=flow_state,
tool_conf={}) # , rest=rest, **webenv)
session_handler.iss = iss
session_handler.tag = tag
info = WebIh(session=session_handler, profile_handler=ProfileHandler)
conv = Conversation([], entity, factory, callback_uris=[])
conv.events = Events()
conv.tool_config = {}
return {'conv': conv, 'io': info}
def run(self, test_id, **kw_args):
if not self.match_profile(test_id):
logger.info("Test doesn't match the profile")
return True
redirs = get_redirect_uris(kw_args['client_info'])
self.sh.session_setup(path=test_id)
_flow = self.flows[test_id]
_cli, _c_info = kw_args['client_factory'].make_client(
**kw_args['client_info'])
self.conv = Conversation(_flow,
_cli,
msg_factory=kw_args["msg_factory"],
callback_uris=redirs,
opid=kw_args['opid'])
_cli.conv = self.conv
_cli.event_store = self.conv.events
self.conv.entity_config = _c_info
self.conv.sequence = self.sh["sequence"]
self.conv.tool_config = kw_args['tool_conf']
self.sh["conv"] = self.conv
# noinspection PyTypeChecker
try:
return self.run_flow(test_id, conf=kw_args["conf"])
except Exception as err:
exception_trace("", err, logger)
# res = Result(self.sh, self.kwargs['profile_handler'])
# res.print_info(test_id)
return self.inut.err_response("run", err)
def get(self, oper_id, test_id, events, endpoint):
# addr = get_client_address(environ)
key = path = '{}/{}'.format(oper_id, test_id)
try:
_op = self.op[key]
_op.events = events
if endpoint == '.well-known/openid-configuration':
if test_id == 'rp-key-rotation-op-sign-key-native':
pass
elif test_id == 'rp-id_token-kid-absent-multiple-jwks':
setattr(_op, 'keys', self.op_args['marg']['keys'])
_op_args = {
'baseurl': self.op_args['baseurl'],
'jwks': self.op_args['marg']['jwks']
}
write_jwks_uri(_op, _op_args, self.folder)
else:
init_keyjar(_op, self.op_args['keyjar'], self.com_args)
_kj = _op.keyjar.export_jwks(True, '')
_op.keyjar.import_jwks(_kj, _op.name)
write_jwks_uri(_op, self.op_args, self.folder)
except KeyError:
if test_id in ['rp-id_token-kid-absent-multiple-jwks']:
_op_args = {}
for param in [
'baseurl', 'cookie_name', 'cookie_ttl', 'endpoints'
]:
_op_args[param] = self.op_args[param]
for param in ["jwks", "keys"]:
_op_args[param] = self.op_args["marg"][param]
_op = self.setup_op(oper_id, test_id, self.com_args, _op_args,
self.test_conf, events)
else:
_op = self.setup_op(oper_id, test_id, self.com_args,
self.op_args, self.test_conf, events)
if test_id.startswith('rp-init-logout-session'):
_csi = self.check_session_iframe.replace(
'<PATH>', '{}/{}'.format(oper_id, test_id))
_op.capabilities['check_session_iframe'] = _csi
elif test_id.startswith('rp-backchannel-'):
_op.capabilities['backchannel_logout_supported'] = True
_op.capabilities[
'backchannel_logout_session_supported'] = True
elif test_id.startswith('rp-frontchannel-'):
_op.capabilities['frontchannel_logout_supported'] = True
_op.capabilities[
'frontchannel_logout_session_supported'] = True
_op.conv = Conversation(test_id, _op, None)
_op.orig_keys = key_summary(_op.keyjar, '').split(', ')
self.op[key] = _op
return _op, path, key
def setup(self, test_id, **kw_args):
redirs = get_redirect_uris(kw_args["client_info"])
_flow = self.flows[test_id]
_cli, _c_info = self.client_factory.make_client(
**kw_args['client_info'])
self.conv = Conversation(_flow,
_cli,
kw_args["msg_factory"],
callback_uris=redirs)
self.conv.entity_config = _c_info
self.conv.tool_config = kw_args['tool_conf']
_cli.conv = self.conv
_cli.event_store = self.conv.events
self.sh.session_setup(path=test_id)
self.sh["conv"] = self.conv
self.conv.sequence = self.sh["sequence"]
def get(self, oper_id, test_id, events, endpoint):
# addr = get_client_address(environ)
key = path = '{}/{}'.format(oper_id, test_id)
try:
_op = self.op[key]
_op.events = events
if endpoint == '.well-known/openid-configuration':
init_keyjar(_op, self.op_args['keyjar'], self.com_args)
write_jwks_uri(_op, self.op_args, self.folder)
except KeyError:
_op = self.setup_op(oper_id, test_id, self.com_args, self.op_args,
self.test_conf, events)
_op.conv = Conversation(test_id, _op, None)
_op.orig_keys = key_summary(_op.keyjar, '').split(', ')
self.op[key] = _op
return _op, path, key
def get(self, oper_id, test_id, events, endpoint):
# addr = get_client_address(environ)
key = path = '{}/{}'.format(oper_id, test_id)
try:
_op = self.op[key]
_op.events = events
if endpoint == '.well-known/openid-configuration':
if test_id == 'rp-key-rotation-op-sign-key-native':
pass
elif test_id == 'rp-id_token-kid-absent-multiple-jwks':
setattr(_op, 'keys', self.op_args['marg']['keys'])
_op_args = {
'baseurl': self.op_args['baseurl'],
'jwks': self.op_args['marg']['jwks']
}
write_jwks_uri(_op, _op_args, self.folder)
else:
init_keyjar(_op, self.op_args['keyjar'], self.com_args)
write_jwks_uri(_op, self.op_args, self.folder)
except KeyError:
if test_id in ['rp-id_token-kid-absent-multiple-jwks']:
_op_args = {}
for param in [
'baseurl', 'cookie_name', 'cookie_ttl', 'endpoints'
]:
_op_args[param] = self.op_args[param]
for param in ["jwks", "keys"]:
_op_args[param] = self.op_args["marg"][param]
_op = self.setup_op(oper_id, test_id, self.com_args, _op_args,
self.test_conf, events)
else:
_op = self.setup_op(oper_id, test_id, self.com_args,
self.op_args, self.test_conf, events)
_op.conv = Conversation(test_id, _op, None)
_op.orig_keys = key_summary(_op.keyjar, '').split(', ')
self.op[key] = _op
return _op, path, key
def op_setup(self, environ, mode, events, test_conf, endpoint):
addr = get_client_address(environ)
path = '/'.join([mode['oper_id'], mode['test_id']])
key = "{}:{}".format(addr, path)
# LOGGER.debug("OP key: {}".format(key))
try:
_op = self.op[key]
_op.events = events
if endpoint == '.well-known/openid-configuration':
if mode["test_id"] == 'rp-id_token-kid-absent-multiple-jwks':
setattr(_op, 'keys', self.op_args['marg']['keys'])
_op_args = {
'baseurl': self.op_args['baseurl'],
'jwks': self.op_args['marg']['jwks']
}
write_jwks_uri(_op, _op_args)
else:
init_keyjar(_op, self.op_args['keyjar'], self.com_args)
write_jwks_uri(_op, self.op_args)
except KeyError:
if mode["test_id"] in ['rp-id_token-kid-absent-multiple-jwks']:
_op_args = {}
for param in ['baseurl', 'cookie_name', 'cookie_ttl',
'endpoints']:
_op_args[param] = self.op_args[param]
for param in ["jwks", "keys"]:
_op_args[param] = self.op_args["marg"][param]
_op = setup_op(mode, self.com_args, _op_args, self.test_conf,
events)
else:
_op = setup_op(mode, self.com_args, self.op_args,
self.test_conf, events)
_op.conv = Conversation(mode["test_id"], _op, None)
_op.orig_keys = key_summary(_op.keyjar, '').split(', ')
self.op[key] = _op
return _op, path, key
def setup(self, test_id, **kw_args):
if not self.match_profile(test_id):
return False
self.sh.session_setup(path=test_id)
_flow = self.flows[test_id]
try:
_cap = kw_args['op_profiles'][self.sh['test_conf']['profile']]
except KeyError:
_cap = None
_ent = self.provider_cls(capabilities=_cap, **kw_args['as_args'])
_ent.baseurl = os.path.join(_ent.baseurl, kw_args['sid'])
_ent.jwks_uri = os.path.join(_ent.baseurl,
kw_args['as_args']['jwks_name'])
_ent.name = _ent.baseurl
self.conv = Conversation(_flow,
_ent,
msg_factory=kw_args["msg_factory"])
self.conv.sequence = self.sh["sequence"]
_ent.conv = self.conv
_ent.events = self.conv.events
self.sh["conv"] = self.conv
return True
def main(flows, profile, profiles, **kw_args):
try:
redirs = kw_args["cinfo"]["client"]["redirect_uris"]
except KeyError:
redirs = kw_args["cinfo"]["registered"]["redirect_uris"]
test_list = make_list(flows, profile, **kw_args)
for tid in test_list:
io = ClIO(flows=flows, profile=profile, **kw_args)
sh = SessionHandler(profile, flows, **kw_args)
_flow = flows[tid]
_cli, _cliconf = make_client(**kw_args)
conversation = Conversation(_flow,
_cli,
kw_args["msg_factory"],
interaction=kw_args["conf"].INTERACTION,
trace_cls=Trace,
callback_uris=redirs)
_cli.conv = conversation
# noinspection PyTypeChecker
try:
info = run_flow(profiles, conversation, tid, kw_args["conf"],
profile, kw_args["check_factory"], io, sh)
if info['status'] == OK:
print('+{}'.format(tid))
else:
print('!{}'.format(tid))
for ev in conversation.events:
print(ev)
break
except Exception as err:
exception_trace("", err, logger)
print(conversation.trace)
break
def run_one(test_id, flows, profile, profiles, io, sh, **kw_args):
try:
redirs = kw_args["cinfo"]["client"]["redirect_uris"]
except KeyError:
redirs = kw_args["cinfo"]["registered"]["redirect_uris"]
io = ClIO(flows=flows, profile=profile, **kw_args)
sh = SessionHandler(None, profile, flows, **kw_args)
_flow = flows[test_id]
_cli = make_client(**kw_args)
conversation = Conversation(_flow,
_cli,
kw_args["msg_factory"],
interaction=kw_args["conf"].INTERACTION,
trace_cls=Trace,
callback_uris=redirs)
# noinspection PyTypeChecker
try:
run_flow(profiles, conversation, test_id, kw_args["conf"], profile,
kw_args["check_factory"], io, sh)
except Exception as err:
exception_trace("", err, logger)
print(conversation.trace)