示例#1
0
    def claims_info_endpoint(self, request, authn):
        _log_info = logger.info

        _log_info("Claims_info_endpoint query: '%s'" % sanitize(request))

        ucreq = self.srvmethod.parse_userinfo_claims_request(request)
        # Access_token is mandatory in UserInfoClaimsRequest
        uiresp = OpenIDSchema(**self.info_store[ucreq["access_token"]])

        _log_info("returning: %s" % sanitize(uiresp.to_dict()))
        return Response(uiresp.to_json(), content="application/json")
示例#2
0
    def claims_info_endpoint(self, request, authn):
        _log_info = logger.info

        _log_info("Claims_info_endpoint query: '%s'" % sanitize(request))

        ucreq = self.srvmethod.parse_userinfo_claims_request(request)

        # Bearer header or body
        access_token = bearer_auth(ucreq, authn)
        uiresp = OpenIDSchema(**self.info_store[access_token])

        _log_info("returning: %s" % sanitize(uiresp.to_dict()))
        return Response(uiresp.to_json(), content="application/json")
示例#3
0
    def claims_info_endpoint(self, request, authn):
        _log_info = logger.info

        _log_info("Claims_info_endpoint query: '%s'" % sanitize(request))

        ucreq = self.srvmethod.parse_userinfo_claims_request(request)

        # Bearer header or body
        access_token = bearer_auth(ucreq, authn)
        uiresp = OpenIDSchema(**self.info_store[access_token])

        _log_info("returning: %s" % sanitize(uiresp.to_dict()))
        return Response(uiresp.to_json(), content="application/json")
示例#4
0
    def claims_info_endpoint(self, environ, start_response, *args):
        _log_info = logger.info

        query = get_or_post(environ)
        _log_info("Claims_info_endpoint query: '%s'" % query)
        _log_info("environ: %s" % environ)

        #ucreq = self.srvmethod.parse_userinfo_claims_request(query)
        #_log_info("request: %s" % ucreq)

        # Supposed to be "Bearer <access_token>
        access_token = self._bearer_auth(environ)
        uiresp = OpenIDSchema(**self.info_store[access_token])

        resp = Response(uiresp.to_json(), content="application/json")
        return resp(environ, start_response)
    def __call__(self, request):
        data = request.body

        self.provider.parse_user_info_request(data)

        _info = {
            'sub': 'test-sub',
            'name': 'Test User',
            'nickname': 'Tester',
            'email': '*****@*****.**',
            'verified': True,
        }

        resp = OpenIDSchema(**_info)

        userinfo = resp.to_json()

        return (200, {'Content-Type': 'application/json'}, userinfo)
    def __call__(self, request):
        data = request.body

        self.provider.parse_user_info_request(data)

        _info = {
            'sub': 'test-sub',
            'name': 'Test User',
            'nickname': 'Tester',
            'email': '*****@*****.**',
            'verified': True,
        }

        resp = OpenIDSchema(**_info)

        userinfo = resp.to_json()

        return (200, {'Content-Type': 'application/json'}, userinfo)
示例#7
0
    def userinfo_endpoint(self, data):

        self.parse_user_info_request(data)
        _info = {
            "sub": "melgar",
            "name": "Melody Gardot",
            "nickname": "Mel",
            "email": "*****@*****.**",
            "verified": True,
        }

        resp = OpenIDSchema(**_info)
        response = Response()

        if self.userinfo_signed_response_alg:
            alg = self.userinfo_signed_response_alg
            response.headers = {"content-type": "application/jwt"}
            key = self.keyjar.get_signing_key(alg2keytype(alg), "", alg=alg)
            response.text = resp.to_jwt(key, alg)
        else:
            response.headers = {"content-type": "application/json"}
            response.text = resp.to_json()

        return response
示例#8
0
    def userinfo_endpoint(self, data):

        _ = self.parse_user_info_request(data)
        _info = {
            "sub": "melgar",
            "name": "Melody Gardot",
            "nickname": "Mel",
            "email": "*****@*****.**",
            "verified": True,
        }

        resp = OpenIDSchema(**_info)
        response = Response()

        if self.userinfo_signed_response_alg:
            alg = self.userinfo_signed_response_alg
            response.headers = {"content-type": "application/jwt"}
            key = self.keyjar.get_signing_key(alg2keytype(alg), "", alg=alg)
            response.text = resp.to_jwt(key, alg)
        else:
            response.headers = {"content-type": "application/json"}
            response.text = resp.to_json()

        return response
示例#9
0
    def userinfo_endpoint(self, request="", **kwargs):
        """
        :param request: The request in a string format
        """
        try:
            _log_debug = kwargs["logger"].debug
            _log_info = kwargs["logger"].info
        except KeyError:
            _log_debug = logger.debug
            _log_info = logger.info

        _sdb = self.sdb

        if not request or "access_token" not in request:
            _token = kwargs["authn"]
            assert _token.startswith("Bearer ")
            _token = _token[len("Bearer "):]
            logger.debug("Bearer token: '%s'" % _token)
        else:
            uireq = self.server.parse_user_info_request(data=request)
            logger.debug("user_info_request: %s" % uireq)
            _token = uireq["access_token"]

        # should be an access token
        typ, key = _sdb.token.type_and_key(_token)
        _log_debug("access_token type: '%s'" % (typ,))

        try:
            assert typ == "T"
        except AssertionError:
            raise FailedAuthentication("Wrong type of token")

        #_log_info("keys: %s" % self.sdb.keys())
        if _sdb.is_revoked(key):
            return self._error(error="access_denied", descr="Token is revoked")
        session = _sdb[key]

        # Scope can translate to userinfo_claims

        info = OpenIDSchema(**self._collect_user_info(session))

        # Should I return a JSON or a JWT ?
        _cinfo = self.cdb[session["client_id"]]
        if "userinfo_signed_response_alg" in _cinfo:
            algo = _cinfo["userinfo_signed_response_alg"]
            # Use my key for signing
            key = self.keyjar.get_signing_key(alg2keytype(algo), "")
            jinfo = info.to_jwt(key, algo)
            content_type = "application/jwt"
            if "userinfo_encrypted_response_alg" in _cinfo:
                # encrypt with clients public key
                jinfo = self.encrypt(jinfo, _cinfo, session["client_id"],
                                     "userinfo")
        elif "userinfo_encrypted_response_alg" in _cinfo:
            jinfo = self.encrypt(info.to_json(), _cinfo, session["client_id"],
                                 "userinfo")
            content_type = "application/jwt"
        else:
            jinfo = info.to_json()
            content_type = "application/json"

        return Response(jinfo, content=content_type)