def claims_info_endpoint(self, request, authn): _log_info = logger.info _log_info("Claims_info_endpoint query: '%s'" % sanitize(request)) ucreq = self.srvmethod.parse_userinfo_claims_request(request) # Access_token is mandatory in UserInfoClaimsRequest uiresp = OpenIDSchema(**self.info_store[ucreq["access_token"]]) _log_info("returning: %s" % sanitize(uiresp.to_dict())) return Response(uiresp.to_json(), content="application/json")
def claims_info_endpoint(self, request, authn): _log_info = logger.info _log_info("Claims_info_endpoint query: '%s'" % sanitize(request)) ucreq = self.srvmethod.parse_userinfo_claims_request(request) # Bearer header or body access_token = bearer_auth(ucreq, authn) uiresp = OpenIDSchema(**self.info_store[access_token]) _log_info("returning: %s" % sanitize(uiresp.to_dict())) return Response(uiresp.to_json(), content="application/json")
def claims_info_endpoint(self, environ, start_response, *args): _log_info = logger.info query = get_or_post(environ) _log_info("Claims_info_endpoint query: '%s'" % query) _log_info("environ: %s" % environ) #ucreq = self.srvmethod.parse_userinfo_claims_request(query) #_log_info("request: %s" % ucreq) # Supposed to be "Bearer <access_token> access_token = self._bearer_auth(environ) uiresp = OpenIDSchema(**self.info_store[access_token]) resp = Response(uiresp.to_json(), content="application/json") return resp(environ, start_response)
def __call__(self, request): data = request.body self.provider.parse_user_info_request(data) _info = { 'sub': 'test-sub', 'name': 'Test User', 'nickname': 'Tester', 'email': '*****@*****.**', 'verified': True, } resp = OpenIDSchema(**_info) userinfo = resp.to_json() return (200, {'Content-Type': 'application/json'}, userinfo)
def userinfo_endpoint(self, data): self.parse_user_info_request(data) _info = { "sub": "melgar", "name": "Melody Gardot", "nickname": "Mel", "email": "*****@*****.**", "verified": True, } resp = OpenIDSchema(**_info) response = Response() if self.userinfo_signed_response_alg: alg = self.userinfo_signed_response_alg response.headers = {"content-type": "application/jwt"} key = self.keyjar.get_signing_key(alg2keytype(alg), "", alg=alg) response.text = resp.to_jwt(key, alg) else: response.headers = {"content-type": "application/json"} response.text = resp.to_json() return response
def userinfo_endpoint(self, data): _ = self.parse_user_info_request(data) _info = { "sub": "melgar", "name": "Melody Gardot", "nickname": "Mel", "email": "*****@*****.**", "verified": True, } resp = OpenIDSchema(**_info) response = Response() if self.userinfo_signed_response_alg: alg = self.userinfo_signed_response_alg response.headers = {"content-type": "application/jwt"} key = self.keyjar.get_signing_key(alg2keytype(alg), "", alg=alg) response.text = resp.to_jwt(key, alg) else: response.headers = {"content-type": "application/json"} response.text = resp.to_json() return response
def userinfo_endpoint(self, request="", **kwargs): """ :param request: The request in a string format """ try: _log_debug = kwargs["logger"].debug _log_info = kwargs["logger"].info except KeyError: _log_debug = logger.debug _log_info = logger.info _sdb = self.sdb if not request or "access_token" not in request: _token = kwargs["authn"] assert _token.startswith("Bearer ") _token = _token[len("Bearer "):] logger.debug("Bearer token: '%s'" % _token) else: uireq = self.server.parse_user_info_request(data=request) logger.debug("user_info_request: %s" % uireq) _token = uireq["access_token"] # should be an access token typ, key = _sdb.token.type_and_key(_token) _log_debug("access_token type: '%s'" % (typ,)) try: assert typ == "T" except AssertionError: raise FailedAuthentication("Wrong type of token") #_log_info("keys: %s" % self.sdb.keys()) if _sdb.is_revoked(key): return self._error(error="access_denied", descr="Token is revoked") session = _sdb[key] # Scope can translate to userinfo_claims info = OpenIDSchema(**self._collect_user_info(session)) # Should I return a JSON or a JWT ? _cinfo = self.cdb[session["client_id"]] if "userinfo_signed_response_alg" in _cinfo: algo = _cinfo["userinfo_signed_response_alg"] # Use my key for signing key = self.keyjar.get_signing_key(alg2keytype(algo), "") jinfo = info.to_jwt(key, algo) content_type = "application/jwt" if "userinfo_encrypted_response_alg" in _cinfo: # encrypt with clients public key jinfo = self.encrypt(jinfo, _cinfo, session["client_id"], "userinfo") elif "userinfo_encrypted_response_alg" in _cinfo: jinfo = self.encrypt(info.to_json(), _cinfo, session["client_id"], "userinfo") content_type = "application/jwt" else: jinfo = info.to_json() content_type = "application/json" return Response(jinfo, content=content_type)