def test_srv2(): cc = ClaimsClient(client_id="client_1") cc.client_secret="hemlig" req = cc.construct_UserClaimsRequest(request_args={"user_id": "diana", "claims_names":["gender", "birthdate"]}) srv = ClaimsServer("name", None, CDB, FUNCTIONS, USERDB) srv.keystore.set_sign_key(rsa_load("rsa.key"), "rsa") assert srv environ = BASE_ENVIRON.copy() environ["REQUEST_METHOD"] = "POST" txt = req.to_urlencoded() environ["CONTENT_LENGTH"] = len(txt) fil = StringIO.StringIO(buf=txt) environ["wsgi.input"] = fil resp = srv.claims_endpoint(environ, start_response, LOG()) print resp assert len(resp) == 1 ucr = UserClaimsResponse().deserialize(resp[0], "json") ucr.verify(key = srv.keystore.get_keys("sig", owner=None)) print ucr assert _eq(ucr["claims_names"], ["gender", "birthdate"]) assert "jwt" in ucr
class TestClaimsClient(object): @pytest.fixture(autouse=True) def create_claims_client(self): self.cc = ClaimsClient(client_id="client_1") self.cc.client_secret = "hemlig" self.cc.userclaims_endpoint = "https://example.com/claims" def test_construct_UserClaimsRequest(self): req = self.cc.construct_UserClaimsRequest(request_args={"sub": "norah", "claims_names": [ "gender", "birthdate"]}) assert isinstance(req, UserClaimsRequest) assert _eq(req.keys(), ['client_secret', 'claims_names', 'sub', 'client_id']) assert req["sub"] == "norah" assert req["client_id"] == "client_1" def test_request_info(self): request_args = {"sub": "norah", "claims_names": ["gender", "birthdate"]} uri, body, headers, ucr = self.cc.request_info(UserClaimsRequest, method="POST", request_args=request_args) assert uri == "https://example.com/claims" assert query_string_compare(body, "claims_names=gender+birthdate&sub=norah&client_id=client_1&client_secret=hemlig")
def test_srv2(): cc = ClaimsClient(client_id="client_1") cc.client_secret="hemlig" req = cc.construct_UserClaimsRequest(request_args={"sub": "diana", "claims_names":["gender", "birthdate"]}) srv = ClaimsServer("name", None, CDB, FUNCTIONS, USERDB) srv.keyjar[""] = [KeyBundle(source="file://rsa.key", usage=["ver", "sig"])] assert srv environ = BASE_ENVIRON.copy() environ["REQUEST_METHOD"] = "POST" txt = req.to_urlencoded() environ["CONTENT_LENGTH"] = len(txt) fil = StringIO.StringIO(buf=txt) environ["wsgi.input"] = fil resp = srv.claims_endpoint(environ, start_response, LOG()) print resp assert len(resp) == 1 ucr = UserClaimsResponse().deserialize(resp[0], "json") ucr.verify(keyjar = srv.keyjar) print ucr assert _eq(ucr["claims_names"], ["gender", "birthdate"]) assert "jwt" in ucr
class TestClaimsClient(object): @pytest.fixture(autouse=True) def create_claims_client(self): self.cc = ClaimsClient(client_id="client_1") self.cc.client_secret = "hemlig" self.cc.userclaims_endpoint = "https://example.com/claims" def test_construct_UserClaimsRequest(self): req = self.cc.construct_UserClaimsRequest( request_args={ "sub": "norah", "claims_names": ["gender", "birthdate"] }) assert isinstance(req, UserClaimsRequest) assert _eq(req.keys(), ['client_secret', 'claims_names', 'sub', 'client_id']) assert req["sub"] == "norah" assert req["client_id"] == "client_1" def test_request_info(self): request_args = { "sub": "norah", "claims_names": ["gender", "birthdate"] } uri, body, headers, ucr = self.cc.request_info( UserClaimsRequest, method="POST", request_args=request_args) assert uri == "https://example.com/claims" assert query_string_compare( body, "claims_names=gender+birthdate&sub=norah&client_id=client_1&client_secret=hemlig" )
def test_srv2(): cc = ClaimsClient(client_id="client_1") cc.client_secret = "hemlig" req = cc.construct_UserClaimsRequest( request_args={ "sub": "diana", "claims_names": ["gender", "birthdate"] }) srv = ClaimsServer("pyoicserv", SessionDB(), CDB, USERINFO, verify_client, keyjar=KEYJAR, dist_claims_mode=ClaimsMode(USER2MODE)) srv.keyjar[""] = keybundle_from_local_file("rsa.key", "rsa", ["ver", "sig"]) assert srv resp = srv.claims_endpoint(req.to_urlencoded(), "") print resp.message ucr = UserClaimsResponse().deserialize(resp.message, "json") ucr.verify(keyjar=srv.keyjar) print ucr assert _eq(ucr["claims_names"], ["gender", "birthdate"]) assert "jwt" in ucr
def test_srv2(): cc = ClaimsClient(client_id="client_1") cc.client_secret = "hemlig" req = cc.construct_UserClaimsRequest( request_args={"sub": "diana", "claims_names": ["gender", "birthdate"]}) srv = ClaimsServer("pyoicserv", SessionDB("https://example.com"), CDB, USERINFO, verify_client, keyjar=KEYJAR, dist_claims_mode=ClaimsMode(USER2MODE)) srv.keyjar[""] = keybundle_from_local_file("%s/rsa.key" % BASE_PATH, "rsa", ["ver", "sig"]) assert srv resp = srv.claims_endpoint(req.to_urlencoded(), "") print resp.message ucr = UserClaimsResponse().deserialize(resp.message, "json") ucr.verify(keyjar=srv.keyjar) print ucr assert _eq(ucr["claims_names"], ["gender", "birthdate"]) assert "jwt" in ucr
def test_c2(): cc = ClaimsClient(client_id="client_1") cc.client_secret = "hemlig" cc.userclaims_endpoint = "https://example.com/claims" request = UserClaimsRequest method = "POST" request_args = {"sub": "norah", "claims_names": ["gender", "birthdate"]} cc.request_info(request, method=method, request_args=request_args)
def test_1(): cc = ClaimsClient(client_id="client_1") cc.client_secret="hemlig" req = cc.construct_UserClaimsRequest(request_args={"user_id": "norah", "claims_names":["gender", "birthdate"]}) print req assert req.type() == "UserClaimsRequest" assert _eq(req.keys(),['client_secret', 'claims_names', 'user_id', 'client_id']) assert req["user_id"] == "norah" assert req["client_id"] == "client_1"
def test_1(): cc = ClaimsClient(client_id="client_1") cc.client_secret = "hemlig" req = cc.construct_UserClaimsRequest(request_args={"sub": "norah", "claims_names": ["gender", "birthdate"]}) print req assert req.type() == "UserClaimsRequest" assert _eq(req.keys(), ['client_secret', 'claims_names', 'sub', 'client_id']) assert req["sub"] == "norah" assert req["client_id"] == "client_1"
def test_claims_endpoint(self): cc = ClaimsClient(client_id="client_1") cc.client_secret = "hemlig" req = cc.construct_UserClaimsRequest( request_args={"sub": "diana", "claims_names": ["gender", "birthdate"]}) resp = self.srv.claims_endpoint(req.to_urlencoded(), "") ucr = UserClaimsResponse().deserialize(resp.message, "json") ucr.verify(keyjar=self.srv.keyjar) assert _eq(ucr["claims_names"], ["gender", "birthdate"]) assert "jwt" in ucr
def test_claims_endpoint(self): cc = ClaimsClient(client_id="client_1") cc.client_secret = "hemlig" req = cc.construct_UserClaimsRequest( request_args={ "sub": "diana", "claims_names": ["gender", "birthdate"] }) resp = self.srv.claims_endpoint(req.to_urlencoded(), "") ucr = UserClaimsResponse().deserialize(resp.message, "json") ucr.verify(keyjar=self.srv.keyjar) assert _eq(ucr["claims_names"], ["gender", "birthdate"]) assert "jwt" in ucr
def init_claims_clients(self, client_info): res = {} if client_info is None: return res for cid, specs in client_info.items(): if "dynamic" in specs: cc = self.dynamic_init_claims_client(cid, specs["client"]) else: cc = ClaimsClient(client_id=specs["client_id"]) cc.client_secret = specs["client_secret"] try: cc.keyjar.add(specs["client_id"], specs["jwks_uri"]) except KeyError: pass cc.userclaims_endpoint = specs["userclaims_endpoint"] res[cid] = cc return res
def dynamic_init_claims_client(self, issuer, req_args): cc = ClaimsClient() # dynamic provider info discovery cc.provider_config(issuer) resp = cc.do_registration_request(request_args=req_args) cc.client_id = resp.client_id cc.client_secret = resp.client_secret return cc
def init_claims_clients(client_info): res = {} for cid, specs in client_info.items(): if "dynamic" in specs: cc = dynamic_init_claims_client(cid, args) else: cc = ClaimsClient(client_id=specs["client_id"]) cc.client_secret = specs["client_secret"] try: cc.keystore.load_x509_cert(specs["x509_url"], "ver", cid) except KeyError: pass try: cc.keystore.load_jwk(specs["jwk_url"], "ver", cid) except KeyError: pass cc.userclaims_endpoint = specs["userclaims_endpoint"] res[cid] = cc return res
def dynamic_init_claims_client(issuer, req_args): cc = ClaimsClient() # dynamic provider info discovery cc.provider_config(issuer) resp = cc.do_registration_request(request_args=req_args) cc.client_id = resp.client_id cc.client_secret = resp.client_secret return cc
def init_claims_clients(client_info): res = {} for cid, specs in client_info.items(): if "dynamic" in specs: cc = dynamic_init_claims_client(cid, args) else: cc = ClaimsClient(client_id=specs["client_id"]) cc.client_secret=specs["client_secret"] _req = cc.keystore.crypt.http_request _s2k = cc.keystore.spec2key try: for typ, key in load_x509_cert(_req, specs["x509_url"], _s2k): cc.keystore.set_verify_key(key, typ, cid) except KeyError: pass try: for typ, key in load_jwk(_req, specs["jwk_url"], _s2k): cc.keystore.set_verify_key(key, typ, cid) except KeyError: pass cc.userclaims_endpoint = specs["userclaims_endpoint"] res[cid] = cc return res
def create_claims_client(self): self.cc = ClaimsClient(client_id="client_1") self.cc.client_secret = "hemlig" self.cc.userclaims_endpoint = "https://example.com/claims"
'HTTP_ACCEPT_ENCODING': 'gzip, deflate', 'COMMAND_MODE': 'unix2003'} CDB = { "client_1": { "client_secret": "hemlig"} } def verify_client(env, req, cdb): return True FUNCTIONS = { "verify_client": verify_client, "userinfo": user_info } cc = ClaimsClient(client_id="client_1") cc.client_secret="hemlig" req = cc.construct_UserClaimsRequest(request_args={"user_id": "diana", "claims_names":["gender", "birthdate"]}) srv = ClaimsServer("name", None, CDB, FUNCTIONS, USERDB) srv.keyjar[""] = [KeyChain(source="file://rsa.key", usage=["ver", "sig"])] assert srv environ = BASE_ENVIRON.copy() environ["REQUEST_METHOD"] = "POST" txt = req.to_urlencoded() environ["CONTENT_LENGTH"] = len(txt) fil = StringIO.StringIO(buf=txt)