Пример #1
0
    def test_client_registration_delete(self):
        args = {
            "redirect_uris": ["https://client.example.org/callback", "https://client.example.org/callback2"],
            "client_name": "My Example Client",
            "client_name#ja-Jpan-JP": "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
            "token_endpoint_auth_method": "client_secret_basic",
            "scope": "read write dolphin",
        }
        request = RegistrationRequest(**args)
        resp = self.provider.registration_endpoint(request=request.to_json(), environ={})
        _resp = ClientInfoResponse().from_json(resp.message)
        resp = self.provider.client_info_endpoint(
            request=request.to_json(),
            environ={"HTTP_AUTHORIZATION": "Bearer %s" % (_resp["registration_access_token"],)},
            method="DELETE",
            query="client_id=%s" % _resp["client_id"],
        )

        assert isinstance(resp, NoContent)

        # A read should fail
        resp = self.provider.client_info_endpoint(
            "",
            environ={"HTTP_AUTHORIZATION": "Bearer %s" % (_resp["registration_access_token"],)},
            query="client_id=%s" % _resp["client_id"],
        )

        assert isinstance(resp, Unauthorized)
Пример #2
0
    def registration_endpoint(self, **kwargs):
        """

        :param request: The request
        :param authn: Client authentication information
        :param kwargs: extra keyword arguments
        :return: A Response instance
        """

        _request = RegistrationRequest().deserialize(kwargs["request"], "json")
        try:
            _request.verify()
        except InvalidRedirectUri as err:
            msg = ClientRegistrationError(error="invalid_redirect_uri", error_description="%s" % err)
            return BadRequest(msg.to_json(), content="application/json")
        except (MissingPage, VerificationError) as err:
            msg = ClientRegistrationError(error="invalid_client_metadata", error_description="%s" % err)
            return BadRequest(msg.to_json(), content="application/json")

        # authenticated client
        if self.authn_at_registration:
            try:
                _ = self.verify_client(kwargs["environ"], _request, self.authn_at_registration)
            except (AuthnFailure, UnknownAssertionType):
                return Unauthorized()

        client_id = self.create_new_client(_request)

        return self.client_info(client_id)
Пример #3
0
    def test_registration_endpoint(self):
        request = RegistrationRequest(client_name="myself", redirect_uris=["https://example.com/rp"])
        resp = self.provider.registration_endpoint(request=request.to_json())
        assert isinstance(resp, Response)
        data = json.loads(resp.message)
        assert data["client_name"] == "myself"
        assert _eq(data["redirect_uris"], ["https://example.com/rp"])

        _resp = ClientInfoResponse().from_json(resp.message)
        assert "client_id" in _resp
Пример #4
0
    def test_client_registration_utf_8_client_name(self):
        args = {
            "redirect_uris": ["https://client.example.org/callback", "https://client.example.org/callback2"],
            "client_name": "My Example Client",
            "client_name#ja-Jpan-JP": "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
            "token_endpoint_auth_method": "client_secret_basic",
            "scope": "read write dolphin",
        }

        request = RegistrationRequest(**args)
        resp = self.provider.registration_endpoint(request=request.to_json())
        _resp = ClientInfoResponse().from_json(resp.message)

        assert _resp["client_name#ja-Jpan-JP"] == "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D"
        assert _resp["client_name"] == "My Example Client"
Пример #5
0
    def test_client_registration_update(self):
        args = {
            "redirect_uris": ["https://client.example.org/callback",
                              "https://client.example.org/callback2"],
            "client_name": "My Example Client",
            "client_name#ja-Jpan-JP":
                "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
            "token_endpoint_auth_method": "client_secret_basic",
            "scope": "read write dolphin",
        }
        request = RegistrationRequest(**args)
        resp = self.provider.registration_endpoint(request=request.to_json(),
                                                   environ={})
        _resp = ClientInfoResponse().from_json(resp.message)

        update = {
            "client_id": _resp["client_id"],
            "client_secret": _resp["client_secret"],
            "redirect_uris": ["https://client.example.org/callback",
                              "https://client.example.org/alt"],
            "scope": "read write dolphin",
            "grant_types": ["authorization_code", "refresh_token"],
            "token_endpoint_auth_method": "client_secret_basic",
            "jwks_uri": "https://client.example.org/my_public_keys.jwks",
            "client_name": "My New Example",
            "client_name#fr": "Mon Nouvel Exemple",
        }
        update_req = RegistrationRequest(**update)
        resp = self.provider.client_info_endpoint(
            request=update_req.to_json(),
            environ={"HTTP_AUTHORIZATION": "Bearer %s" % (
                _resp["registration_access_token"],)},
            method="PUT",
            query="client_id=%s" % _resp["client_id"])

        _resp_up = ClientInfoResponse().from_json(resp.message)
        assert _resp_up["client_id"] == update["client_id"]
        assert _resp_up["client_secret"] == update["client_secret"]
        assert _resp_up["redirect_uris"] == update["redirect_uris"]
        assert _resp_up["scope"] == update["scope"].split()
        assert _resp_up["grant_types"] == update["grant_types"]
        assert _resp_up["token_endpoint_auth_method"] == update[
            "token_endpoint_auth_method"]
        assert _resp_up["jwks_uri"] == update["jwks_uri"]
        assert _resp_up["client_name"] == update["client_name"]
        assert _resp_up["client_name#fr"] == update["client_name#fr"]
Пример #6
0
    def test_registration_uri_error(self):
        args = {
            "redirect_uris": ["https://client.example.org/callback", "https://client.example.org/callback2"],
            "client_name": "My Example Client",
            "client_name#ja-Jpan-JP": "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
            "token_endpoint_auth_method": "client_secret_basic",
            "scope": "read write dolphin",
            # invalid logo_uri
            "logo_uri": "https://client.example.org/logo.png",
            "jwks_uri": "https://client.example.org/my_public_keys.jwks",
        }

        request = RegistrationRequest(**args)
        resp = self.provider.registration_endpoint(request=request.to_json())
        _resp = ClientRegistrationError().from_json(resp.message)

        assert "error" in _resp
        assert _resp["error"] == "invalid_client_metadata"
Пример #7
0
    def test_client_registration_with_software_statement(self):
        jwks, keyjar, kidd = build_keyjar(KEYS)
        fed_operator = 'https://fedop.example.org'

        self.provider.keyjar[fed_operator] = keyjar['']
        ss = make_software_statement(keyjar, fed_operator, client_id='foxtrot')

        args = {
            "redirect_uris": ["https://client.example.org/callback",
                              "https://client.example.org/callback2"],
            "client_name": "XYZ Service B",
            "token_endpoint_auth_method": "client_secret_basic",
            "scope": "read write dolphin",
            'software_statement': ss
        }
        request = RegistrationRequest(**args)
        resp = self.provider.registration_endpoint(request=request.to_json(),
                                                   environ={})
        cli_resp = ClientInfoResponse().from_json(resp.message)
        assert cli_resp
Пример #8
0
    def test_client_user_info_get(self):
        args = {
            "redirect_uris": ["https://client.example.org/callback", "https://client.example.org/callback2"],
            "client_name": "My Example Client",
            "client_name#ja-Jpan-JP": "\u30AF\u30E9\u30A4\u30A2\u30F3\u30C8\u540D",
            "token_endpoint_auth_method": "client_secret_basic",
            "scope": "read write dolphin",
        }
        request = RegistrationRequest(**args)
        resp = self.provider.registration_endpoint(request=request.to_json())
        _resp = ClientInfoResponse().from_json(resp.message)

        resp = self.provider.client_info_endpoint(
            "GET",
            environ={"HTTP_AUTHORIZATION": "Bearer %s" % (_resp["registration_access_token"],)},
            query="client_id=%s" % _resp["client_id"],
            request=request.to_json(),
        )

        _resp_cir = ClientInfoResponse().from_json(resp.message)
        assert _resp == _resp_cir