def test_srv2():
cc = ClaimsClient(client_id="client_1")
cc.client_secret="hemlig"
req = cc.construct_UserClaimsRequest(request_args={"user_id": "diana",
"claims_names":["gender", "birthdate"]})
srv = ClaimsServer("name", None, CDB, FUNCTIONS, USERDB)
srv.keystore.set_sign_key(rsa_load("rsa.key"), "rsa")
assert srv
environ = BASE_ENVIRON.copy()
environ["REQUEST_METHOD"] = "POST"
txt = req.to_urlencoded()
environ["CONTENT_LENGTH"] = len(txt)
fil = StringIO.StringIO(buf=txt)
environ["wsgi.input"] = fil
resp = srv.claims_endpoint(environ, start_response, LOG())
print resp
assert len(resp) == 1
ucr = UserClaimsResponse().deserialize(resp[0], "json")
ucr.verify(key = srv.keystore.get_keys("sig", owner=None))
print ucr
assert _eq(ucr["claims_names"], ["gender", "birthdate"])
assert "jwt" in ucr
class TestClaimsClient(object):
@pytest.fixture(autouse=True)
def create_claims_client(self):
self.cc = ClaimsClient(client_id="client_1")
self.cc.client_secret = "hemlig"
self.cc.userclaims_endpoint = "https://example.com/claims"
def test_construct_UserClaimsRequest(self):
req = self.cc.construct_UserClaimsRequest(request_args={"sub": "norah",
"claims_names": [
"gender",
"birthdate"]})
assert isinstance(req, UserClaimsRequest)
assert _eq(req.keys(), ['client_secret', 'claims_names', 'sub',
'client_id'])
assert req["sub"] == "norah"
assert req["client_id"] == "client_1"
def test_request_info(self):
request_args = {"sub": "norah", "claims_names": ["gender", "birthdate"]}
uri, body, headers, ucr = self.cc.request_info(UserClaimsRequest,
method="POST",
request_args=request_args)
assert uri == "https://example.com/claims"
assert query_string_compare(body,
"claims_names=gender+birthdate&sub=norah&client_id=client_1&client_secret=hemlig")
def test_srv2():
cc = ClaimsClient(client_id="client_1")
cc.client_secret="hemlig"
req = cc.construct_UserClaimsRequest(request_args={"sub": "diana",
"claims_names":["gender", "birthdate"]})
srv = ClaimsServer("name", None, CDB, FUNCTIONS, USERDB)
srv.keyjar[""] = [KeyBundle(source="file://rsa.key", usage=["ver", "sig"])]
assert srv
environ = BASE_ENVIRON.copy()
environ["REQUEST_METHOD"] = "POST"
txt = req.to_urlencoded()
environ["CONTENT_LENGTH"] = len(txt)
fil = StringIO.StringIO(buf=txt)
environ["wsgi.input"] = fil
resp = srv.claims_endpoint(environ, start_response, LOG())
print resp
assert len(resp) == 1
ucr = UserClaimsResponse().deserialize(resp[0], "json")
ucr.verify(keyjar = srv.keyjar)
print ucr
assert _eq(ucr["claims_names"], ["gender", "birthdate"])
assert "jwt" in ucr
class TestClaimsClient(object):
@pytest.fixture(autouse=True)
def create_claims_client(self):
self.cc = ClaimsClient(client_id="client_1")
self.cc.client_secret = "hemlig"
self.cc.userclaims_endpoint = "https://example.com/claims"
def test_construct_UserClaimsRequest(self):
req = self.cc.construct_UserClaimsRequest(
request_args={
"sub": "norah",
"claims_names": ["gender", "birthdate"]
})
assert isinstance(req, UserClaimsRequest)
assert _eq(req.keys(),
['client_secret', 'claims_names', 'sub', 'client_id'])
assert req["sub"] == "norah"
assert req["client_id"] == "client_1"
def test_request_info(self):
request_args = {
"sub": "norah",
"claims_names": ["gender", "birthdate"]
}
uri, body, headers, ucr = self.cc.request_info(
UserClaimsRequest, method="POST", request_args=request_args)
assert uri == "https://example.com/claims"
assert query_string_compare(
body,
"claims_names=gender+birthdate&sub=norah&client_id=client_1&client_secret=hemlig"
)
def test_srv2():
cc = ClaimsClient(client_id="client_1")
cc.client_secret = "hemlig"
req = cc.construct_UserClaimsRequest(
request_args={
"sub": "diana",
"claims_names": ["gender", "birthdate"]
})
srv = ClaimsServer("pyoicserv",
SessionDB(),
CDB,
USERINFO,
verify_client,
keyjar=KEYJAR,
dist_claims_mode=ClaimsMode(USER2MODE))
srv.keyjar[""] = keybundle_from_local_file("rsa.key", "rsa",
["ver", "sig"])
assert srv
resp = srv.claims_endpoint(req.to_urlencoded(), "")
print resp.message
ucr = UserClaimsResponse().deserialize(resp.message, "json")
ucr.verify(keyjar=srv.keyjar)
print ucr
assert _eq(ucr["claims_names"], ["gender", "birthdate"])
assert "jwt" in ucr
def test_srv2():
cc = ClaimsClient(client_id="client_1")
cc.client_secret = "hemlig"
req = cc.construct_UserClaimsRequest(
request_args={"sub": "diana", "claims_names": ["gender", "birthdate"]})
srv = ClaimsServer("pyoicserv", SessionDB("https://example.com"), CDB,
USERINFO, verify_client,
keyjar=KEYJAR, dist_claims_mode=ClaimsMode(USER2MODE))
srv.keyjar[""] = keybundle_from_local_file("%s/rsa.key" % BASE_PATH, "rsa", ["ver", "sig"])
assert srv
resp = srv.claims_endpoint(req.to_urlencoded(), "")
print resp.message
ucr = UserClaimsResponse().deserialize(resp.message, "json")
ucr.verify(keyjar=srv.keyjar)
print ucr
assert _eq(ucr["claims_names"], ["gender", "birthdate"])
assert "jwt" in ucr
def test_c2():
cc = ClaimsClient(client_id="client_1")
cc.client_secret = "hemlig"
cc.userclaims_endpoint = "https://example.com/claims"
request = UserClaimsRequest
method = "POST"
request_args = {"sub": "norah", "claims_names": ["gender", "birthdate"]}
cc.request_info(request, method=method, request_args=request_args)
def test_1():
cc = ClaimsClient(client_id="client_1")
cc.client_secret="hemlig"
req = cc.construct_UserClaimsRequest(request_args={"user_id": "norah",
"claims_names":["gender", "birthdate"]})
print req
assert req.type() == "UserClaimsRequest"
assert _eq(req.keys(),['client_secret', 'claims_names', 'user_id',
'client_id'])
assert req["user_id"] == "norah"
assert req["client_id"] == "client_1"
def test_1():
cc = ClaimsClient(client_id="client_1")
cc.client_secret = "hemlig"
req = cc.construct_UserClaimsRequest(request_args={"sub": "norah",
"claims_names": ["gender",
"birthdate"]})
print req
assert req.type() == "UserClaimsRequest"
assert _eq(req.keys(), ['client_secret', 'claims_names', 'sub',
'client_id'])
assert req["sub"] == "norah"
assert req["client_id"] == "client_1"
def test_claims_endpoint(self):
cc = ClaimsClient(client_id="client_1")
cc.client_secret = "hemlig"
req = cc.construct_UserClaimsRequest(
request_args={"sub": "diana",
"claims_names": ["gender", "birthdate"]})
resp = self.srv.claims_endpoint(req.to_urlencoded(), "")
ucr = UserClaimsResponse().deserialize(resp.message, "json")
ucr.verify(keyjar=self.srv.keyjar)
assert _eq(ucr["claims_names"], ["gender", "birthdate"])
assert "jwt" in ucr
def test_claims_endpoint(self):
cc = ClaimsClient(client_id="client_1")
cc.client_secret = "hemlig"
req = cc.construct_UserClaimsRequest(
request_args={
"sub": "diana",
"claims_names": ["gender", "birthdate"]
})
resp = self.srv.claims_endpoint(req.to_urlencoded(), "")
ucr = UserClaimsResponse().deserialize(resp.message, "json")
ucr.verify(keyjar=self.srv.keyjar)
assert _eq(ucr["claims_names"], ["gender", "birthdate"])
assert "jwt" in ucr
def init_claims_clients(self, client_info):
res = {}
if client_info is None:
return res
for cid, specs in client_info.items():
if "dynamic" in specs:
cc = self.dynamic_init_claims_client(cid, specs["client"])
else:
cc = ClaimsClient(client_id=specs["client_id"])
cc.client_secret = specs["client_secret"]
try:
cc.keyjar.add(specs["client_id"], specs["jwks_uri"])
except KeyError:
pass
cc.userclaims_endpoint = specs["userclaims_endpoint"]
res[cid] = cc
return res
def init_claims_clients(self, client_info):
res = {}
if client_info is None:
return res
for cid, specs in client_info.items():
if "dynamic" in specs:
cc = self.dynamic_init_claims_client(cid, specs["client"])
else:
cc = ClaimsClient(client_id=specs["client_id"])
cc.client_secret = specs["client_secret"]
try:
cc.keyjar.add(specs["client_id"], specs["jwks_uri"])
except KeyError:
pass
cc.userclaims_endpoint = specs["userclaims_endpoint"]
res[cid] = cc
return res
def dynamic_init_claims_client(self, issuer, req_args):
cc = ClaimsClient()
# dynamic provider info discovery
cc.provider_config(issuer)
resp = cc.do_registration_request(request_args=req_args)
cc.client_id = resp.client_id
cc.client_secret = resp.client_secret
return cc
def init_claims_clients(client_info):
res = {}
for cid, specs in client_info.items():
if "dynamic" in specs:
cc = dynamic_init_claims_client(cid, args)
else:
cc = ClaimsClient(client_id=specs["client_id"])
cc.client_secret = specs["client_secret"]
try:
cc.keystore.load_x509_cert(specs["x509_url"], "ver", cid)
except KeyError:
pass
try:
cc.keystore.load_jwk(specs["jwk_url"], "ver", cid)
except KeyError:
pass
cc.userclaims_endpoint = specs["userclaims_endpoint"]
res[cid] = cc
return res
def dynamic_init_claims_client(issuer, req_args):
cc = ClaimsClient()
# dynamic provider info discovery
cc.provider_config(issuer)
resp = cc.do_registration_request(request_args=req_args)
cc.client_id = resp.client_id
cc.client_secret = resp.client_secret
return cc
def init_claims_clients(client_info):
res = {}
for cid, specs in client_info.items():
if "dynamic" in specs:
cc = dynamic_init_claims_client(cid, args)
else:
cc = ClaimsClient(client_id=specs["client_id"])
cc.client_secret=specs["client_secret"]
_req = cc.keystore.crypt.http_request
_s2k = cc.keystore.spec2key
try:
for typ, key in load_x509_cert(_req, specs["x509_url"], _s2k):
cc.keystore.set_verify_key(key, typ, cid)
except KeyError:
pass
try:
for typ, key in load_jwk(_req, specs["jwk_url"], _s2k):
cc.keystore.set_verify_key(key, typ, cid)
except KeyError:
pass
cc.userclaims_endpoint = specs["userclaims_endpoint"]
res[cid] = cc
return res
def test_c2():
cc = ClaimsClient(client_id="client_1")
cc.client_secret = "hemlig"
cc.userclaims_endpoint = "https://example.com/claims"
request = UserClaimsRequest
method = "POST"
request_args = {"sub": "norah", "claims_names": ["gender", "birthdate"]}
cc.request_info(request, method=method, request_args=request_args)
def create_claims_client(self):
self.cc = ClaimsClient(client_id="client_1")
self.cc.client_secret = "hemlig"
self.cc.userclaims_endpoint = "https://example.com/claims"
def create_claims_client(self):
self.cc = ClaimsClient(client_id="client_1")
self.cc.client_secret = "hemlig"
self.cc.userclaims_endpoint = "https://example.com/claims"
'HTTP_ACCEPT_ENCODING': 'gzip, deflate',
'COMMAND_MODE': 'unix2003'}
CDB = {
"client_1": { "client_secret": "hemlig"}
}
def verify_client(env, req, cdb):
return True
FUNCTIONS = {
"verify_client": verify_client,
"userinfo": user_info
}
cc = ClaimsClient(client_id="client_1")
cc.client_secret="hemlig"
req = cc.construct_UserClaimsRequest(request_args={"user_id": "diana",
"claims_names":["gender", "birthdate"]})
srv = ClaimsServer("name", None, CDB, FUNCTIONS, USERDB)
srv.keyjar[""] = [KeyChain(source="file://rsa.key", usage=["ver", "sig"])]
assert srv
environ = BASE_ENVIRON.copy()
environ["REQUEST_METHOD"] = "POST"
txt = req.to_urlencoded()
environ["CONTENT_LENGTH"] = len(txt)
fil = StringIO.StringIO(buf=txt)
