def test_construct_with_resource_request(self): bh = BearerHeader() request = ResourceRequest(access_token="Sesame") http_args = bh.construct(request, service=get_service()) assert "access_token" not in request assert http_args == {"headers": {"Authorization": "Bearer Sesame"}}
def test_construct_with_http_args(self): request = ResourceRequest(access_token="Sesame") bh = BearerHeader() # Any HTTP args should just be passed on http_args = bh.construct(request, service=get_service(), http_args={"foo": "bar"}) assert _eq(http_args.keys(), ["foo", "headers"]) assert http_args["headers"] == {"Authorization": "Bearer Sesame"}
def test_construct_with_headers_in_http_args(self): request = ResourceRequest(access_token="Sesame") bh = BearerHeader() http_args = bh.construct(request, service=get_service(), http_args={"headers": { "x-foo": "bar" }}) assert _eq(http_args.keys(), ["headers"]) assert _eq(http_args["headers"].keys(), ["Authorization", "x-foo"]) assert http_args["headers"]["Authorization"] == "Bearer Sesame"
def test_construct_with_token(self, services): authz_service = services['authorization'] _state = authz_service.create_state('Issuer') req = AuthorizationRequest(state=_state, response_type='code', redirect_uri='https://example.com', scope=['openid']) authz_service.store_item(req, 'auth_request', _state) # Add a state and bind a code to it resp1 = AuthorizationResponse(code="auth_grant", state=_state) response = services['authorization'].parse_response( resp1.to_urlencoded(), "urlencoded") services['authorization'].update_service_context(response, key=_state) # based on state find the code and then get an access token resp2 = AccessTokenResponse(access_token="token1", token_type="Bearer", expires_in=0, state=_state) response = services['accesstoken'].parse_response( resp2.to_urlencoded(), "urlencoded") services['accesstoken'].update_service_context(response, key=_state) # and finally use the access token, bound to a state, to # construct the authorization header http_args = BearerHeader().construct(ResourceRequest(), services['accesstoken'], key=_state) assert http_args == {"headers": {"Authorization": "Bearer token1"}}
def fetch_distributed_claims(self, userinfo, callback=None): """ :param userinfo: A :py:class:`oidcmsg.message.Message` sub class instance :param callback: A function that can be used to fetch things :return: Updated userinfo instance """ try: _csrc = userinfo["_claim_sources"] except KeyError: pass else: for csrc, spec in _csrc.items(): if "endpoint" in spec: if "access_token" in spec: cauth = BearerHeader() http_args = cauth.construct( service=self.service['userinfo'], access_token=spec['access_token']) _resp = self.http.send(spec["endpoint"], 'GET', **http_args) else: if callback: token = callback(spec['endpoint']) cauth = BearerHeader() http_args = cauth.construct( service=self.service['userinfo'], access_token=token) _resp = self.http.send(spec["endpoint"], 'GET', **http_args) else: _resp = self.http.send(spec["endpoint"], 'GET') if _resp.status_code == 200: _uinfo = json.loads(_resp.text) else: # There shouldn't be any redirect raise FetchException('HTTP error {}: {}'.format( _resp.status_code, _resp.reason)) claims = [ value for value, src in userinfo["_claim_names"].items() if src == csrc ] if set(claims) != set(_uinfo.keys()): logger.warning( "Claims from claim source doesn't match what's in " "the userinfo") # only add those I expected for key in claims: userinfo[key] = _uinfo[key] return userinfo