Пример #1
0
def _create_client(provider_metadata, client_metadata, verify_ssl=True):
    """
    Create a pyoidc client instance.
    :param provider_metadata: provider configuration information
    :type provider_metadata: Mapping[str, Union[str, Sequence[str]]]
    :param client_metadata: client metadata
    :type client_metadata: Mapping[str, Union[str, Sequence[str]]]
    :return: client instance to use for communicating with the configured provider
    :rtype: oic.oic.Client
    """
    client = oic.Client(
        client_authn_method=CLIENT_AUTHN_METHOD, verify_ssl=verify_ssl
    )

    # Provider configuration information
    if "authorization_endpoint" in provider_metadata:
        # no dynamic discovery necessary
        client.handle_provider_config(ProviderConfigurationResponse(**provider_metadata),
                                      provider_metadata["issuer"])
    else:
        # do dynamic discovery
        client.provider_config(provider_metadata["issuer"])

    # Client information
    if "client_id" in client_metadata:
        # static client info provided
        client.store_registration_info(RegistrationRequest(**client_metadata))
    else:
        # do dynamic registration
        client.register(client.provider_info['registration_endpoint'],
                        **client_metadata)

    client.subject_type = (client.registration_response.get("subject_type") or
                           client.provider_info["subject_types_supported"][0])
    return client
Пример #2
0
    def __init__(self,
                 client_id=None,
                 ca_certs=None,
                 client_prefs=None,
                 client_authn_methods=None,
                 keyjar=None,
                 conf=None,
                 server_info=None,
                 authz_page="",
                 flow_type="",
                 password=None,
                 registration_info=None,
                 response_type="",
                 scope="",
                 verify_ssl=True):

        config = {
            "authz_page": authz_page,
            "response_type": response_type,
            "scope": scope
        }

        dynreg.Client.__init__(self, client_id, ca_certs, client_authn_methods,
                               keyjar, verify_ssl)

        self.oidc_client = oic.Client(client_id, ca_certs, client_prefs,
                                      client_authn_methods, keyjar, verify_ssl)

        self.provider_info = None
        # token per user
        self.token = {}
        self.behaviour = {
            "require_signed_request_object":
            DEF_SIGN_ALG["openid_request_object"]
        }

        self.conf = conf or {}
        self.registration_info = registration_info
        self.flow_type = flow_type
        self.scope = scope
        self.state = {}
        self.allow = {}
        self.keyjar = None
        self.client_id = ""
        self.client_secret = ""
        self.request2endpoint.update({
            "RegistrationRequest": "dynamic_client_endpoint",
            "TokenRequest": "token_endpoint",
            "AuthorizationRequest": "authorization_endpoint",
            "RequestingPartyClaimsRequest": "requesting_party_claims_endpoint",
            "IntrospectionRequest": "introspection_endpoint",
            "ResourceSetDescription": "resource_set_registration_endpoint",
            "PermissionRegistrationRequest":
            "permission_registration_endpoint",
            # "AuthorizationDataRequest": "authorization_data_request_endpoint",
            "RPTRequest": "rpt_endpoint"
        })