def test_setup_auth_session_revoked(self):
request = AuthorizationRequest(
client_id="client_id",
redirect_uri="https://rp.example.com/cb",
response_type=["id_token"],
state="state",
nonce="nonce",
scope="openid",
)
redirect_uri = request["redirect_uri"]
cinfo = {
"client_id": "client_id",
"redirect_uris": [("https://rp.example.com/cb", {})],
"id_token_signed_response_alg": "RS256",
}
_ec = self.endpoint.endpoint_context
_ec.sdb["session_id"] = SessionInfo(
authn_req=request,
uid="diana",
sub="abcdefghijkl",
authn_event={
"authn_info": "loa1",
"uid": "diana",
"authn_time": utc_time_sans_frac(),
},
revoked=True,
)
item = _ec.authn_broker.db["anon"]
item["method"].user = b64e(
as_bytes(json.dumps({"uid": "krall", "sid": "session_id"}))
)
res = self.endpoint.setup_auth(request, redirect_uri, cinfo, None)
assert set(res.keys()) == {"args", "function"}
def test_create_authn_response(self):
request = AuthorizationRequest(
client_id="client_id",
redirect_uri="https://rp.example.com/cb",
response_type=["id_token"],
state="state",
nonce="nonce",
scope="openid",
)
_ec = self.endpoint.endpoint_context
_ec.sdb["session_id"] = SessionInfo(
authn_req=request,
uid="diana",
sub="abcdefghijkl",
authn_event={
"authn_info": "loa1",
"uid": "diana",
"authn_time": utc_time_sans_frac(),
},
)
_ec.cdb["client_id"] = {
"client_id": "client_id",
"redirect_uris": [("https://rp.example.com/cb", {})],
"id_token_signed_response_alg": "ES256",
}
resp = create_authn_response(self.endpoint, request, "session_id")
assert isinstance(resp["response_args"], AuthorizationErrorResponse)