def test_should_detect_nonce_mismatch(self, client_mock):
client = PyoidcFacade(
ProviderConfiguration(
provider_metadata=ProviderMetadata(issuer=self.ISSUER),
client_metadata=ClientMetadata(client_id=self.CLIENT_ID)),
redirect_uri='https://client.example.com/redirect')
client.exchange_authorization_code = MagicMock(
return_value=self.TOKEN_RESPONSE)
auth_request = {
'state': self.AUTH_RESPONSE['state'],
'nonce': 'other_nonce'
}
with pytest.raises(InvalidIdTokenError):
AuthResponseHandler(client).process_auth_response(
self.AUTH_RESPONSE, auth_request)
def test_token_request_handles_error_response(self):
token_endpoint = self.PROVIDER_BASEURL + '/token'
token_response = TokenErrorResponse(
error='invalid_request',
error_description='test error description')
responses.add(responses.POST,
token_endpoint,
json=token_response.to_dict(),
status=400)
provider_metadata = self.PROVIDER_METADATA.copy(
token_endpoint=token_endpoint)
facade = PyoidcFacade(
ProviderConfiguration(provider_metadata=provider_metadata,
client_metadata=self.CLIENT_METADATA),
REDIRECT_URI)
assert facade.exchange_authorization_code('1234') == token_response
def test_token_request_handles_missing_provider_token_endpoint(self):
facade = PyoidcFacade(
ProviderConfiguration(provider_metadata=self.PROVIDER_METADATA,
client_metadata=self.CLIENT_METADATA),
REDIRECT_URI)
assert facade.exchange_authorization_code('1234') is None
