def test_consumer_client_get_access_token_reques():
_session_db = {}
cons = Consumer(_session_db,
client_config=CLIENT_CONFIG,
server_info=SERVER_INFO,
**CONSUMER_CONFIG)
cons.client_secret = "secret0"
cons.state = "state"
cons.redirect_uris = ["https://www.example.com/oic/cb"]
resp1 = AuthorizationResponse(code="auth_grant", state="state")
cons.parse_response(AuthorizationResponse, resp1.to_urlencoded(),
"urlencoded")
resp2 = AccessTokenResponse(access_token="token1",
token_type="Bearer",
expires_in=0,
state="state")
cons.parse_response(AccessTokenResponse, resp2.to_urlencoded(),
"urlencoded")
url, body, http_args = cons.get_access_token_request()
assert url == "http://localhost:8088/token"
print body
assert body == ("code=auth_grant&client_secret=secret0&"
"grant_type=authorization_code&client_id=number5&"
"redirect_uri=https%3A%2F%2Fwww.example.com%2Foic%2Fcb")
assert http_args == {
'headers': {
'Content-type': 'application/x-www-form-urlencoded'
}
}
def test_consumer_client_get_access_token_reques():
_session_db = {}
cons = Consumer(_session_db, client_config=CLIENT_CONFIG,
server_info=SERVER_INFO, **CONSUMER_CONFIG)
cons.client_secret = "secret0"
_state = "state"
cons.redirect_uris = ["https://www.example.com/oic/cb"]
resp1 = AuthorizationResponse(code="auth_grant", state=_state)
cons.parse_response(AuthorizationResponse, resp1.to_urlencoded(),
"urlencoded")
resp2 = AccessTokenResponse(access_token="token1",
token_type="Bearer", expires_in=0,
state=_state)
cons.parse_response(AccessTokenResponse, resp2.to_urlencoded(),
"urlencoded")
url, body, http_args = cons.get_access_token_request(_state)
assert url == "http://localhost:8088/token"
print body
assert body == ("code=auth_grant&client_secret=secret0&"
"grant_type=authorization_code&client_id=number5&"
"redirect_uri=https%3A%2F%2Fwww.example.com%2Foic%2Fcb")
assert http_args == {'headers': {
'Content-type': 'application/x-www-form-urlencoded'}}
def test_consumer_client_get_access_token_reques():
_session_db = {}
cons = Consumer(_session_db,
client_config=CLIENT_CONFIG,
server_info=SERVER_INFO,
**CONSUMER_CONFIG)
cons.client_secret = "secret0"
_state = "state"
cons.redirect_uris = ["https://www.example.com/oic/cb"]
resp1 = AuthorizationResponse(code="auth_grant", state=_state)
cons.parse_response(AuthorizationResponse, resp1.to_urlencoded(),
"urlencoded")
resp2 = AccessTokenResponse(access_token="token1",
token_type="Bearer",
expires_in=0,
state=_state)
cons.parse_response(AccessTokenResponse, resp2.to_urlencoded(),
"urlencoded")
url, body, http_args = cons.get_access_token_request(_state)
url_obj = URLObject.create(url)
expected_url_obj = URLObject.create("http://localhost:8088/token")
assert url_obj == expected_url_obj
body_splits = body.split('&')
expected_body_splits = "code=auth_grant&client_secret=secret0&" \
"grant_type=authorization_code&client_id=number5&" \
"redirect_uri=https%3A%2F%2Fwww.example.com%2Foic%2Fcb".split('&')
assert set(body_splits) == set(expected_body_splits)
assert http_args == {
'headers': {
'Content-type': 'application/x-www-form-urlencoded'
}
}
def test_consumer_client_auth_info():
_session_db = {}
cons = Consumer(_session_db, client_config=CLIENT_CONFIG,
server_info=SERVER_INFO, **CONSUMER_CONFIG)
cons.client_secret = "secret0"
ra, ha, extra = cons.client_auth_info()
assert ra == {'client_secret': 'secret0', 'client_id': 'number5'}
assert ha == {}
assert extra == {'auth_method': 'bearer_body'}
def test_consumer_client_auth_info():
_session_db = {}
cons = Consumer(_session_db,
client_config=CLIENT_CONFIG,
server_info=SERVER_INFO,
**CONSUMER_CONFIG)
cons.client_secret = "secret0"
ra, ha, extra = cons.client_auth_info()
assert ra == {'client_secret': 'secret0', 'client_id': 'number5'}
assert ha == {}
assert extra == {'auth_method': 'bearer_body'}
def get_consumer(self):
"""
Creates a OAuth 2.0 consumer from a given configuration.
:param user_id_hash_type: Tells the OAuth consumer how to ask for user id. In oidc can
pairwise and public be used.
:type user_id_hash_type: UserIdHashType
:rtype: Consumer
:return: An OAuth 2.0 consumer.
"""
consumer = Consumer(session_db=None,
client_config=self.config["client_config"],
server_info=self.config["server_info"],
authz_page=self.config["authz_page"],
response_type=self.config["response_type"])
consumer.client_secret = self.config["client_secret"]
return consumer
def get_consumer(self):
"""
Creates a OAuth 2.0 consumer from a given configuration.
:param user_id_hash_type: Tells the OAuth consumer how to ask for user id. In oidc can
pairwise and public be used.
:type user_id_hash_type: UserIdHashType
:rtype: Consumer
:return: An OAuth 2.0 consumer.
"""
consumer = Consumer(
session_db=None,
client_config=self.config["client_config"],
server_info=self.config["server_info"],
authz_page=self.config["authz_page"],
response_type=self.config["response_type"])
consumer.client_secret = self.config["client_secret"]
return consumer
if args.conf_path:
sys.path.insert(0, args.conf_path)
RP_CONF = importlib.import_module(args.config)
# per AS instantiate a consumer
for name, info in RP_CONF.AS_CONF.items():
c_conf = {"client_id": info["client_id"]}
CONSUMER[name] = Consumer(
session_db={}, client_config=c_conf,
server_info={
"authorization_endpoint": info["authorization_endpoint"],
"token_endpoint": info["token_endpoint"]},
authz_page="authz_cb", response_type="code")
CONSUMER[name].client_secret = info["client_secret"]
SRV = wsgiserver.CherryPyWSGIServer(('0.0.0.0', RP_CONF.PORT),
SessionMiddleware(application,
session_opts))
if RP_CONF.BASE.startswith("https"):
from cherrypy.wsgiserver import ssl_pyopenssl
SRV.ssl_adapter = ssl_pyopenssl.pyOpenSSLAdapter(
RP_CONF.SERVER_CERT, RP_CONF.SERVER_KEY, RP_CONF.CA_BUNDLE)
LOGGER.info(START_MESG % (RP_CONF.PORT, RP_CONF.HOST))
print(START_MESG % (RP_CONF.PORT, RP_CONF.HOST))
try:
SRV.start()
# per AS instantiate a consumer
for name, info in RP_CONF.AS_CONF.items():
c_conf = {"client_id": info["client_id"]}
CONSUMER[name] = Consumer(session_db={},
client_config=c_conf,
server_info={
"authorization_endpoint":
info["authorization_endpoint"],
"token_endpoint":
info["token_endpoint"]
},
authz_page="authz_cb",
response_type="code")
CONSUMER[name].client_secret = info["client_secret"]
SRV = wsgiserver.CherryPyWSGIServer(
('0.0.0.0', RP_CONF.PORT), SessionMiddleware(application,
session_opts))
if RP_CONF.BASE.startswith("https"):
from cherrypy.wsgiserver import ssl_pyopenssl
SRV.ssl_adapter = ssl_pyopenssl.pyOpenSSLAdapter(
RP_CONF.SERVER_CERT, RP_CONF.SERVER_KEY, RP_CONF.CA_BUNDLE)
LOGGER.info(START_MESG % (RP_CONF.PORT, RP_CONF.HOST))
print(START_MESG % (RP_CONF.PORT, RP_CONF.HOST))
try:
SRV.start()