Пример #1
0
def test_server_authorization_endpoint_request():
    server = provider_init

    bib = {
        "scope": ["openid"],
        "state": "id-6da9ca0cc23959f5f33e8becd9b08cae",
        "redirect_uri": "http://localhost:8087/authz",
        "response_type": ["code", "id_token"],
        "client_id": "a1b2c3",
        "nonce": "Nonce",
        "prompt": ["none"]
    }

    req = AuthorizationRequest(**bib)
    # want to be someone else !
    ic = {"sub": {"value": "userX"}}
    _keys = server.keyjar.get_signing_key(key_type="RSA")
    req["request"] = make_openid_request(req,
                                         _keys,
                                         idtoken_claims=ic,
                                         algorithm="RS256")

    try:
        resp = server.authorization_endpoint(request=req.to_urlencoded())
    except FailedAuthentication:
        pass
    else:
        assert False
Пример #2
0
def test_server_authorization_endpoint_request():
    server = provider_init

    bib = {"scope": ["openid"],
           "state": "id-6da9ca0cc23959f5f33e8becd9b08cae",
           "redirect_uri": "http://localhost:8087/authz",
           "response_type": ["code", "id_token"],
           "client_id": "a1b2c3",
           "nonce": "Nonce",
           "prompt": ["none"]}

    req = AuthorizationRequest(**bib)
    ic = {"claims": {"sub": { "value":"username" }}}
    _keys = server.keyjar.get_signing_key(type="rsa")
    req["request"] = make_openid_request(req, _keys, idtoken_claims=ic,
                                         algorithm="RS256")

    environ = BASE_ENVIRON.copy()
    environ["QUERY_STRING"] = req.to_urlencoded()

    resp = server.authorization_endpoint(environ, start_response)

    print resp
    line = resp[0]
    assert "error=login_required" in line
Пример #3
0
    def test_authorization_endpoint_request(self):
        bib = {"scope": ["openid"],
               "state": "id-6da9ca0cc23959f5f33e8becd9b08cae",
               "redirect_uri": "http://localhost:8087/authz",
               "response_type": ["code", "id_token"],
               "client_id": "a1b2c3",
               "nonce": "Nonce",
               "prompt": ["none"]}

        req = AuthorizationRequest(**bib)
        # want to be someone else !
        ic = {"sub": {"value": "userX"}}
        _keys = self.provider.keyjar.get_signing_key(key_type="RSA")
        req["request"] = make_openid_request(req, _keys, idtoken_claims=ic,
                                             request_object_signing_alg="RS256")

        with pytest.raises(FailedAuthentication):
            self.provider.authorization_endpoint(request=req.to_urlencoded())
Пример #4
0
def test_server_authorization_endpoint_request():
    server = provider_init

    bib = {"scope": ["openid"],
           "state": "id-6da9ca0cc23959f5f33e8becd9b08cae",
           "redirect_uri": "http://localhost:8087/authz",
           "response_type": ["code", "id_token"],
           "client_id": "a1b2c3",
           "nonce": "Nonce",
           "prompt": ["none"]}

    req = AuthorizationRequest(**bib)
    # want to be someone else !
    ic = {"sub": {"value": "userX"}}
    _keys = server.keyjar.get_signing_key(key_type="RSA")
    req["request"] = make_openid_request(req, _keys, idtoken_claims=ic,
                                         algorithm="RS256")

    resp = server.authorization_endpoint(request=req.to_urlencoded())

    print resp
    assert "error=login_required" in resp.message