def test_server_parse_token_request():
atr = AccessTokenRequest(grant_type="authorization_code",
code="SplxlOBeZQQYbYS6WxSbIA",
redirect_uri="https://client.example.com/cb",
extra="foo")
uenc = atr.to_urlencoded()
srv = Server()
tr = srv.parse_token_request(body=uenc)
print tr.keys()
assert tr.type() == "AccessTokenRequest"
assert _eq(tr.keys(), ['code', 'redirect_uri', 'grant_type', 'extra'])
assert tr["grant_type"] == "authorization_code"
assert tr["code"] == "SplxlOBeZQQYbYS6WxSbIA"
tr = srv.parse_token_request(body=uenc)
print tr.keys()
assert tr.type() == "AccessTokenRequest"
assert _eq(tr.keys(), ['code', 'grant_type', 'redirect_uri', 'extra'])
assert tr["extra"] == "foo"
def test_server_parse_parse_authorization_request():
srv = Server()
ar = AuthorizationRequest(
response_type=["code"],
client_id="foobar",
redirect_uri="http://foobar.example.com/oaclient",
state="cold")
uencq = ar.to_urlencoded()
areq = srv.parse_authorization_request(query=uencq)
assert areq.type() == "AuthorizationRequest"
assert areq["response_type"] == ["code"]
assert areq["client_id"] == "foobar"
assert areq["redirect_uri"] == "http://foobar.example.com/oaclient"
assert areq["state"] == "cold"
urluenc = "%s?%s" % ("https://example.com/authz", uencq)
areq = srv.parse_authorization_request(url=urluenc)
assert areq.type() == "AuthorizationRequest"
assert areq["response_type"] == ["code"]
assert areq["client_id"] == "foobar"
assert areq["redirect_uri"] == "http://foobar.example.com/oaclient"
assert areq["state"] == "cold"
def __init__(self,
name,
sdb,
cdb,
authn_broker,
authz,
client_authn,
symkey="",
urlmap=None,
iv=0,
default_scope="",
ca_bundle=None,
verify_ssl=True,
default_acr="",
baseurl=''):
self.name = name
self.sdb = sdb
self.cdb = cdb
self.server = Server(ca_certs=ca_bundle, verify_ssl=verify_ssl)
self.authn_broker = authn_broker
if authn_broker is None:
# default cookie function
self.cookie_func = CookieDealer(srv=self).create_cookie
else:
self.cookie_func = self.authn_broker[0][0].create_cookie
for item in self.authn_broker:
item.srv = self
self.authz = authz
self.client_authn = client_authn
self.symkey = symkey
self.seed = rndstr().encode("utf-8")
self.iv = iv or os.urandom(16)
self.cookie_name = "pyoidc"
self.default_scope = default_scope
self.sso_ttl = 0
self.default_acr = default_acr
if urlmap is None:
self.urlmap = {}
else:
self.urlmap = urlmap
self.response_type_map = {
"code": code_response,
"token": token_response,
"none": none_response,
}
self.session_cookie_name = "pyoic_session"
self.baseurl = baseurl
self.keyjar = None
self.trace = None
self.events = None
def test_server_parse_refresh_token_request():
ratr = RefreshAccessTokenRequest(refresh_token="ababababab",
client_id="Client_id")
uenc = ratr.to_urlencoded()
srv = Server()
tr = srv.parse_refresh_token_request(body=uenc)
print tr.keys()
assert tr.type() == "RefreshAccessTokenRequest"
assert tr["refresh_token"] == "ababababab"
assert tr["client_id"] == "Client_id"
def test_device_flow():
_client = Client()
cli = DeviceFlowClient(_client)
_server = Server()
srv = DeviceFlowServer(_server)
# init
req = AuthorizationRequest(client_id=cli.host.client_id,
response_type='device_code')
resp = srv.device_endpoint(req)
# Polling
req = TokenRequest(
grant_type="urn:ietf:params:oauth:grant-type:device_code",
device_code=resp['device_dode'], client_id=cli.host.client_id)
resp = srv.token_endpoint(req)
def test_server_parse_jwt_request():
srv = Server()
ar = AuthorizationRequest(
response_type=["code"],
client_id="foobar",
redirect_uri="http://foobar.example.com/oaclient",
state="cold")
srv.keyjar["foobar"] = KeyBundle([{
"kty": "oct",
"key": "A1B2C3D4",
"use": "ver"
}, {
"kty": "oct",
"key": "A1B2C3D4",
"use": "sig"
}])
srv.keyjar[""] = KeyBundle([{
"kty": "oct",
"key": "A1B2C3D4",
"use": "ver"
}, {
"kty": "oct",
"key": "A1B2C3D4",
"use": "sig"
}])
keys = srv.keyjar.get_signing_key(owner="foobar")
_jwt = ar.to_jwt(key=keys, algorithm="HS256")
req = srv.parse_jwt_request(txt=_jwt)
assert req.type() == "AuthorizationRequest"
assert req["response_type"] == ["code"]
assert req["client_id"] == "foobar"
assert req["redirect_uri"] == "http://foobar.example.com/oaclient"
assert req["state"] == "cold"
def create_server(self):
self.srv = Server() # pylint: disable=attribute-defined-outside-init
