def registration_endpoint(self, environ, start_response, **kwargs): logger.debug("@registration_endpoint") try: query = kwargs["query"] except KeyError: try: query = get_or_post(environ) except UnsupportedMethod: resp = BadRequest("Unsupported method") return resp(environ, start_response) request = RegistrationRequest().deserialize(query, "urlencoded") logger.info("registration_request:%s" % request.to_dict()) _keystore = self.server.keystore if request["type"] == "client_associate": # create new id och secret client_id = rndstr(12) while client_id in self.cdb: client_id = rndstr(12) client_secret = secret(self.seed, client_id) self.cdb[client_id] = { "client_secret":client_secret } _cinfo = self.cdb[client_id] if "redirect_uris" in request: for uri in request["redirect_uris"]: if urlparse.urlparse(uri).fragment: err = ClientRegistrationErrorResponse( error="invalid_configuration_parameter", error_description="redirect_uri contains fragment") resp = Response(err.to_json(), content="application/json", status="400 Bad Request") return resp(environ, start_response) for key,val in request.items(): _cinfo[key] = val try: self.keystore.load_keys(request, client_id) except Exception, err: logger.error("Failed to load client keys: %s" % request.to_dict()) err = ClientRegistrationErrorResponse( error="invalid_configuration_parameter", error_description="%s" % err) resp = Response(err.to_json(), content="application/json", status="400 Bad Request") return resp(environ, start_response) response = RegistrationResponseCARS(client_id=client_id)
def test_register_client_with_wrong_response_type(self, context, frontend): redirect_uri = "https://client.example.com" registration_request = RegistrationRequest( redirect_uris=[redirect_uri], response_types=["id_token token"]) context.request = registration_request.to_dict() registration_response = frontend.client_registration(context) assert registration_response.status == "400 Bad Request" error_response = ClientRegistrationErrorResponse().deserialize( registration_response.message, "json") assert error_response["error"] == "invalid_request" assert "response_type" in error_response["error_description"]
def do_client_registration(self, request, client_id, ignore=None): if ignore is None: ignore = [] _cinfo = self.cdb[client_id].copy() logger.debug("_cinfo: %s" % _cinfo) for key, val in request.items(): if key not in ignore: _cinfo[key] = val if "redirect_uris" in request: ruri = [] for uri in request["redirect_uris"]: if urlparse.urlparse(uri).fragment: err = ClientRegistrationErrorResponse( error="invalid_configuration_parameter", error_description="redirect_uri contains fragment") return Response(err.to_json(), content="application/json", status="400 Bad Request") base, query = urllib.splitquery(uri) if query: ruri.append((base, urlparse.parse_qs(query))) else: ruri.append((base, query)) _cinfo["redirect_uris"] = ruri if "sector_identifier_uri" in request: si_url = request["sector_identifier_uri"] try: res = self.server.http_request(si_url) except ConnectionError, err: logger.error("%s" % err) return self._error_response( "invalid_configuration_parameter", descr="Couldn't open sector_identifier_uri") if not res: return self._error_response( "invalid_configuration_parameter", descr="Couldn't open sector_identifier_uri") logger.debug("sector_identifier_uri => %s" % res.text) try: si_redirects = json.loads(res.text) except ValueError: return self._error_response( "invalid_configuration_parameter", descr="Error deserializing sector_identifier_uri content") if "redirect_uris" in request: logger.debug("redirect_uris: %s" % request["redirect_uris"]) for uri in request["redirect_uris"]: try: assert uri in si_redirects except AssertionError: return self._error_response( "invalid_configuration_parameter", descr="redirect_uri missing from sector_identifiers" ) _cinfo["si_redirects"] = si_redirects _cinfo["sector_id"] = si_url
def to_json(self): error = ClientRegistrationErrorResponse(error=self.oauth_error, error_description=str(self)) return error.to_json()