def userinfo_endpoint(self, data):
_ = self.parse_user_info_request(data)
_info = {
"sub": "melgar",
"name": "Melody Gardot",
"nickname": "Mel",
"email": "*****@*****.**",
"verified": True,
}
resp = OpenIDSchema(**_info)
response = Response()
if self.userinfo_signed_response_alg:
alg = self.userinfo_signed_response_alg
response.headers = {"content-type": "application/jwt"}
key = self.keyjar.get_signing_key(alg2keytype(alg), "", alg=alg)
response.text = resp.to_jwt(key, alg)
else:
response.headers = {"content-type": "application/json"}
response.text = resp.to_json()
return response
def userinfo_endpoint(self, data):
self.parse_user_info_request(data)
_info = {
"sub": "melgar",
"name": "Melody Gardot",
"nickname": "Mel",
"email": "*****@*****.**",
"verified": True,
}
resp = OpenIDSchema(**_info)
response = Response()
if self.userinfo_signed_response_alg:
alg = self.userinfo_signed_response_alg
response.headers = {"content-type": "application/jwt"}
key = self.keyjar.get_signing_key(alg2keytype(alg), "", alg=alg)
response.text = resp.to_jwt(key, alg)
else:
response.headers = {"content-type": "application/json"}
response.text = resp.to_json()
return response
def userinfo_endpoint(self, request="", **kwargs):
"""
:param request: The request in a string format
"""
try:
_log_debug = kwargs["logger"].debug
_log_info = kwargs["logger"].info
except KeyError:
_log_debug = logger.debug
_log_info = logger.info
_sdb = self.sdb
if not request or "access_token" not in request:
_token = kwargs["authn"]
assert _token.startswith("Bearer ")
_token = _token[len("Bearer "):]
logger.debug("Bearer token: '%s'" % _token)
else:
uireq = self.server.parse_user_info_request(data=request)
logger.debug("user_info_request: %s" % uireq)
_token = uireq["access_token"]
# should be an access token
typ, key = _sdb.token.type_and_key(_token)
_log_debug("access_token type: '%s'" % (typ,))
try:
assert typ == "T"
except AssertionError:
raise FailedAuthentication("Wrong type of token")
#_log_info("keys: %s" % self.sdb.keys())
if _sdb.is_revoked(key):
return self._error(error="access_denied", descr="Token is revoked")
session = _sdb[key]
# Scope can translate to userinfo_claims
info = OpenIDSchema(**self._collect_user_info(session))
# Should I return a JSON or a JWT ?
_cinfo = self.cdb[session["client_id"]]
if "userinfo_signed_response_alg" in _cinfo:
algo = _cinfo["userinfo_signed_response_alg"]
# Use my key for signing
key = self.keyjar.get_signing_key(alg2keytype(algo), "")
jinfo = info.to_jwt(key, algo)
content_type = "application/jwt"
if "userinfo_encrypted_response_alg" in _cinfo:
# encrypt with clients public key
jinfo = self.encrypt(jinfo, _cinfo, session["client_id"],
"userinfo")
elif "userinfo_encrypted_response_alg" in _cinfo:
jinfo = self.encrypt(info.to_json(), _cinfo, session["client_id"],
"userinfo")
content_type = "application/jwt"
else:
jinfo = info.to_json()
content_type = "application/json"
return Response(jinfo, content=content_type)
