本文整理汇总了Python中oic.oic.consumer.Consumer.parse_authz方法的典型用法代码示例。如果您正苦于以下问题:Python Consumer.parse_authz方法的具体用法?Python Consumer.parse_authz怎么用?Python Consumer.parse_authz使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类oic.oic.consumer.Consumer的用法示例。
在下文中一共展示了Consumer.parse_authz方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_faulty_idtoken_from_accesstoken_endpoint
# 需要导入模块: from oic.oic.consumer import Consumer [as 别名]
# 或者: from oic.oic.consumer.Consumer import parse_authz [as 别名]
def test_faulty_idtoken_from_accesstoken_endpoint():
consumer = Consumer(SessionDB(SERVER_INFO["issuer"]), CONFIG,
CLIENT_CONFIG, SERVER_INFO)
consumer.keyjar = CLIKEYS
mfos = MITMServer("http://localhost:8088")
mfos.keyjar = SRVKEYS
consumer.http_request = mfos.http_request
consumer.redirect_uris = ["http://example.com/authz"]
_state = "state0"
consumer.nonce = rndstr()
consumer.client_secret = "hemlig"
consumer.secret_type = "basic"
consumer.config["response_type"] = ["id_token"]
args = {
"client_id": consumer.client_id,
"response_type": consumer.config["response_type"],
"scope": ["openid"],
}
result = consumer.do_authorization_request(state=_state,
request_args=args)
consumer._backup("state0")
assert result.status_code == 302
# assert result.location.startswith(consumer.redirect_uri[0])
_, query = result.headers["location"].split("?")
print query
try:
consumer.parse_authz(query=query)
except BadSignature:
pass
else:
assert False示例2: handle_authz_response
# 需要导入模块: from oic.oic.consumer import Consumer [as 别名]
# 或者: from oic.oic.consumer.Consumer import parse_authz [as 别名]
def handle_authz_response(environ, start_response):
_cli = Consumer(SESSION_DB, CONSUMER_CONFIG, CLIENT_CONFIG, SERVER_INFO)
aresp, atr, idt = _cli.parse_authz(environ, start_response, DEVNULL())
print "ARESP: %s" % aresp
print "ATR: %s" % atr
print "IDT: %s" % idt
print "GSess: %s" % _cli.grant
kaka = http_util.cookie(CONSUMER_CONFIG["name"], _cli.state, _cli.seed, expire=360, path="/")
resp = http_util.Response("Your will is registered", headers=[kaka])
return resp(environ, start_response)示例3: test_server_authenticated
# 需要导入模块: from oic.oic.consumer import Consumer [as 别名]
# 或者: from oic.oic.consumer.Consumer import parse_authz [as 别名]
def test_server_authenticated():
server = provider_init
_session_db = {}
cons = Consumer(_session_db, CONSUMER_CONFIG, CLIENT_CONFIG,
server_info=SERVER_INFO, )
cons.debug = True
cons.keyjar[""] = KC_RSA
environ = BASE_ENVIRON
location = cons.begin(environ, start_response)
environ = BASE_ENVIRON.copy()
environ["QUERY_STRING"] = location.split("?")[1]
resp = server.authorization_endpoint(environ, start_response)
sid = resp[0][len("<form>"):-len("</form>")]
environ2 = create_return_form_env("user", "password", sid)
resp2 = server.authenticated(environ2, start_response)
print resp2[0]
assert len(resp2) == 1
txt = resp2[0]
pos0 = txt.index("<title>") + len("<title>Redirecting to ")
pos1 = txt.index("</title>")
location = txt[pos0:pos1]
print location
assert location.startswith("http://localhost:8087/authz")
environ = BASE_ENVIRON.copy()
environ["QUERY_STRING"] = location
part = cons.parse_authz(environ, start_response)
aresp = part[0]
assert part[1] is None
assert part[2] is None
#aresp = client.parse_response(AuthorizationResponse, location,
# format="urlencoded",
# state="id-6da9ca0cc23959f5f33e8becd9b08cae")
print aresp.keys()
assert aresp.type() == "AuthorizationResponse"
assert _eq(aresp.keys(), ['code', 'state', 'scope'])
print cons.grant[cons.state].keys()
assert _eq(cons.grant[cons.state].keys(), ['code', 'id_token', 'tokens',
'exp_in',
'grant_expiration_time', 'seed'])示例4: test_complete_auth_token_idtoken
# 需要导入模块: from oic.oic.consumer import Consumer [as 别名]
# 或者: from oic.oic.consumer.Consumer import parse_authz [as 别名]
def test_complete_auth_token_idtoken():
consumer = Consumer(SessionDB(SERVER_INFO["issuer"]), CONFIG,
CLIENT_CONFIG, SERVER_INFO)
consumer.keyjar = CLIKEYS
mfos = MyFakeOICServer("http://localhost:8088")
mfos.keyjar = SRVKEYS
consumer.http_request = mfos.http_request
consumer.redirect_uris = ["http://example.com/authz"]
_state = "state0"
consumer.nonce = rndstr()
consumer.client_secret = "hemlig"
consumer.secret_type = "basic"
consumer.config["response_type"] = ["id_token", "token"]
consumer.registration_response = {
"id_token_signed_response_alg": "RS256",
}
consumer.provider_info = {"issuer": "http://localhost:8088/"} # abs min
consumer.authz_req = {} # Store AuthzReq with state as key
args = {
"client_id": consumer.client_id,
"response_type": consumer.config["response_type"],
"scope": ["openid"],
}
result = consumer.do_authorization_request(state=_state,
request_args=args)
# consumer._backup("state0")
assert result.status_code == 302
#assert result.location.startswith(consumer.redirect_uri[0])
_, query = result.headers["location"].split("?")
print query
part = consumer.parse_authz(query=query,
algs=consumer.sign_enc_algs("id_token"))
print part
auth = part[0]
atr = part[1]
assert part[2] is None
#print auth.dictionary()
#print acc.dictionary()
assert auth is None
assert atr.type() == "AccessTokenResponse"
assert _eq(atr.keys(), ['access_token', 'id_token', 'expires_in',
'token_type', 'state', 'scope'])
consumer.verify_id_token(atr["id_token"], consumer.authz_req[atr["state"]])示例5: authz
# 需要导入模块: from oic.oic.consumer import Consumer [as 别名]
# 或者: from oic.oic.consumer.Consumer import parse_authz [as 别名]
def authz(environ, start_response, logger, kaka=None):
"""
This is where I am returned to after authentication at the Authorization
service
"""
_session_db = environ["oic.session_db"]
_cc = environ["oic.client_config"]
_conc = environ["oic.consumer.config"]
_server_info = environ["oic.server.info"]
_log_info = logger.info
try:
_cli = Consumer(_session_db, _conc, _cc, _server_info)
aresp, atr, idt = _cli.parse_authz(environ, start_response, logger)
except (AuthzError, TokenError), err:
resp = http_util.Unauthorized("%s" % err)
return resp(environ, start_response)示例6: test_complete_auth_token
# 需要导入模块: from oic.oic.consumer import Consumer [as 别名]
# 或者: from oic.oic.consumer.Consumer import parse_authz [as 别名]
def test_complete_auth_token():
consumer = Consumer(SessionDB(), CONFIG, CLIENT_CONFIG, SERVER_INFO)
mfos = MyFakeOICServer("http://localhost:8088")
mfos.keyjar = SRVKEYS
consumer.http_request = mfos.http_request
consumer.redirect_uris = ["http://example.com/authz"]
consumer.state = "state0"
consumer.nonce = rndstr()
consumer.client_secret = "hemlig"
consumer.secret_type = "basic"
consumer.config["response_type"] = ["code", "token"]
args = {
"client_id": consumer.client_id,
"response_type": consumer.config["response_type"],
"scope": ["openid"],
}
result = consumer.do_authorization_request(state=consumer.state,
request_args=args)
consumer._backup("state0")
assert result.status_code == 302
#assert result.location.startswith(consumer.redirect_uri[0])
_, query = result.headers["location"].split("?")
print query
environ = redirect_environment(query)
part = consumer.parse_authz(environ, start_response)
print part
auth = part[0]
acc = part[1]
assert part[2] is None
#print auth.dictionary()
#print acc.dictionary()
assert auth.type() == "AuthorizationResponse"
assert acc.type() == "AccessTokenResponse"
print auth.keys()
assert _eq(auth.keys(), ['nonce', 'code', 'access_token', 'expires_in',
'token_type', 'state', 'scope', 'refresh_token'])
assert _eq(acc.keys(), ['token_type', 'state', 'access_token', 'scope',
'expires_in', 'refresh_token'])示例7: test_server_authenticated_2
# 需要导入模块: from oic.oic.consumer import Consumer [as 别名]
# 或者: from oic.oic.consumer.Consumer import parse_authz [as 别名]
def test_server_authenticated_2():
server = provider_init
server.baseurl = server.name
_session_db = {}
cons = Consumer(_session_db, CONSUMER_CONFIG, CLIENT_CONFIG,
server_info=SERVER_INFO, )
cons.debug = True
cons.keyjar[""] = KC_RSA
location = cons.begin(scope="openid email claims_in_id_token",
response_type="code id_token",
path="http://localhost:8087")
print location
resp = server.authorization_endpoint(request=location.split("?")[1])
print resp.message
part = cons.parse_authz(resp.message)
print part
aresp = part[0]
assert part[1] is None
assert part[2] is not None
#aresp = cons.parse_response(AuthorizationResponse, location,
# sformat="urlencoded")
print aresp.keys()
assert aresp.type() == "AuthorizationResponse"
assert _eq(aresp.keys(), ['scope', 'state', 'code', 'id_token'])
print cons.grant[cons.state].keys()
assert _eq(cons.grant[cons.state].keys(), ['code', 'id_token', 'tokens',
'exp_in',
'grant_expiration_time', 'seed'])
id_token = part[2]
assert isinstance(id_token, IdToken)
print id_token.keys()
assert _eq(id_token.keys(), ['c_hash', 'sub', 'iss', 'acr', 'exp', 'iat',
'aud', 'nonce'])示例8: test_server_authenticated
# 需要导入模块: from oic.oic.consumer import Consumer [as 别名]
# 或者: from oic.oic.consumer.Consumer import parse_authz [as 别名]
def test_server_authenticated():
server = provider_init
_session_db = {}
cons = Consumer(_session_db, CONSUMER_CONFIG, CLIENT_CONFIG,
server_info=SERVER_INFO, )
cons.debug = True
cons.keyjar[""] = KC_RSA
location = cons.begin("openid", "code", path="http://localhost:8087")
QUERY_STRING = location.split("?")[1]
print QUERY_STRING
resp = server.authorization_endpoint(request=QUERY_STRING)
print resp.message
assert resp.message.startswith("http://localhost:8087/authz")
part = cons.parse_authz(query=location)
aresp = part[0]
assert part[1] is None
assert part[2] is None
#aresp = client.parse_response(AuthorizationResponse, location,
# format="urlencoded",
# state="id-6da9ca0cc23959f5f33e8becd9b08cae")
print aresp.keys()
assert aresp.type() == "AuthorizationResponse"
assert _eq(aresp.keys(), ['request', 'state', 'redirect_uri',
'response_type', 'client_id', 'claims', 'scope'])
print cons.grant[cons.state].keys()
assert _eq(cons.grant[cons.state].keys(), ['tokens', 'id_token', 'exp_in',
'seed', 'grant_expiration_time'])示例9: TestOICConsumer
# 需要导入模块: from oic.oic.consumer import Consumer [as 别名]
# 或者: from oic.oic.consumer.Consumer import parse_authz [as 别名]
#.........这里部分代码省略.........
'response_type', 'client_id', 'scope',
'claims', 'request_uri'])
assert authreq["state"] == sid
assert authreq["scope"] == self.consumer.consumer_config["scope"]
assert authreq["client_id"] == self.consumer.client_id
assert authreq["redirect_uri"].startswith("http://localhost:8087/authz")
def test_complete(self):
_state = "state0"
args = {
"client_id": self.consumer.client_id,
"response_type": "code",
"scope": ["openid"],
}
result = self.consumer.do_authorization_request(
state=_state, request_args=args)
assert result.status_code == 302
parsed = urlparse(result.headers["location"])
baseurl = "{}://{}{}".format(parsed.scheme, parsed.netloc, parsed.path)
assert baseurl == self.consumer.redirect_uris[0]
self.consumer.parse_response(AuthorizationResponse, info=parsed.query,
sformat="urlencoded")
resp = self.consumer.complete(_state)
assert isinstance(resp, AccessTokenResponse)
assert _eq(resp.keys(),
['token_type', 'state', 'access_token', 'scope'])
assert resp["state"] == _state
def test_parse_authz(self):
_state = "state0"
args = {
"client_id": self.consumer.client_id,
"response_type": "code",
"scope": ["openid"],
}
result = self.consumer.do_authorization_request(
state=_state, request_args=args)
self.consumer._backup(_state)
part = self.consumer.parse_authz(query=result.headers["location"])
atr = part[0]
assert part[1] is None
assert part[2] is None
assert isinstance(atr, AuthorizationResponse)
assert atr["state"] == _state
assert "code" in atr
def test_parse_authz_implicit(self):
self.consumer.consumer_config["response_type"] = ["token"]
_state = "statxxx"
args = {
"client_id": self.consumer.client_id,
"response_type": "implicit",
"scope": ["openid"],
"redirect_uri": "http://localhost:8088/cb"
}
result = self.consumer.do_authorization_request(
state=_state, request_args=args)示例10: TestOICProvider
# 需要导入模块: from oic.oic.consumer import Consumer [as 别名]
# 或者: from oic.oic.consumer.Consumer import parse_authz [as 别名]
#.........这里部分代码省略.........
user_info=_user_info)
req["id_token"] = idt
query_string = req.to_urlencoded()
# client_id not in id_token["aud"] so login required
resp = self.server.authorization_endpoint(request=query_string, cookie="FAIL")
print resp
assert "error=login_required" in resp.message
req["client_id"] = "client_1"
query_string = req.to_urlencoded()
# client_id is in id_token["aud"] so no login required
resp = self.server.authorization_endpoint(request=query_string, cookie="FAIL")
print resp.message
assert resp.message.startswith("http://localhost:8087/authz")
def test_server_authenticated(self):
_state, location = self.cons.begin("openid", "code",
path="http://localhost:8087")
QUERY_STRING = location.split("?")[1]
print QUERY_STRING
resp = self.server.authorization_endpoint(request=QUERY_STRING)
print resp.message
assert resp.message.startswith("http://localhost:8087/authz")
part = self.cons.parse_authz(query=resp.message)
aresp = part[0]
assert part[1] is None
assert part[2] is None
# aresp = client.parse_response(AuthorizationResponse, location,
# format="urlencoded",
# state="id-6da9ca0cc23959f5f33e8becd9b08cae")
print aresp.keys()
assert aresp.type() == "AuthorizationResponse"
assert _eq(aresp.keys(), ['code', 'state', 'scope'])
print self.cons.grant[_state].keys()
assert _eq(self.cons.grant[_state].keys(),
['code', 'tokens', 'id_token', 'exp_in', 'seed',
'grant_expiration_time'])
def test_server_authenticated_1(self):
state, location = self.cons.begin("openid", "code", path="http://localhost:8087")
resp = self.server.authorization_endpoint(request=location.split("?")[1])
print resp
aresp = self.cons.parse_response(AuthorizationResponse, resp.message,
sformat="urlencoded")
print aresp.keys()
assert aresp.type() == "AuthorizationResponse"
assert _eq(aresp.keys(), ['code', 'state', 'scope'])
示例11: TestProvider
# 需要导入模块: from oic.oic.consumer import Consumer [as 别名]
# 或者: from oic.oic.consumer.Consumer import parse_authz [as 别名]
#.........这里部分代码省略.........
idt = self.provider.id_token_as_signed_jwt(_info,
access_token="access_token",
user_info=_user_info)
req["id_token"] = idt
query_string = req.to_urlencoded()
# client_id not in id_token["aud"] so login required
resp = self.provider.authorization_endpoint(request=query_string,
cookie="FAIL")
parsed_resp = parse_qs(urlparse(resp.message).fragment)
assert parsed_resp["error"][0] == "login_required"
req["client_id"] = "client_1"
query_string = req.to_urlencoded()
# client_id is in id_token["aud"] so no login required
resp = self.provider.authorization_endpoint(request=query_string,
cookie="FAIL")
assert resp.message.startswith("http://localhost:8087/authz")
def test_authenticated(self):
_state, location = self.cons.begin("openid", "code",
path="http://localhost:8087")
resp = self.provider.authorization_endpoint(
request=urlparse(location).query)
parsed = urlparse(resp.message)
assert "{}://{}{}".format(parsed.scheme, parsed.netloc,
parsed.path) == "http://localhost:8087/authz"
part = self.cons.parse_authz(query=resp.message)
aresp = part[0]
assert part[1] is None
assert part[2] is None
assert isinstance(aresp, AuthorizationResponse)
assert _eq(aresp.keys(), ['code', 'state', 'scope'])
assert _eq(self.cons.grant[_state].keys(),
['code', 'tokens', 'id_token', 'exp_in', 'seed',
'grant_expiration_time'])
def test_authenticated_url(self):
state, location = self.cons.begin("openid", "code",
path="http://localhost:8087")
resp = self.provider.authorization_endpoint(
request=urlparse(location).query)
aresp = self.cons.parse_response(AuthorizationResponse, resp.message,
sformat="urlencoded")
assert isinstance(aresp, AuthorizationResponse)
assert _eq(aresp.keys(), ['code', 'state', 'scope'])
def test_authenticated_hybrid(self):
_state, location = self.cons.begin(
scope="openid email claims_in_id_token",
response_type="code id_token",
path="http://localhost:8087")
resp = self.provider.authorization_endpoint(示例12: TestOICConsumer
# 需要导入模块: from oic.oic.consumer import Consumer [as 别名]
# 或者: from oic.oic.consumer.Consumer import parse_authz [as 别名]
#.........这里部分代码省略.........
print location
#vkeys = {".":srv.keyjar.get_verify_key()}
authreq = srv.parse_authorization_request(url=location)
print authreq.keys()
assert _eq(authreq.keys(), ['max_age', 'state', 'redirect_uri',
'response_type', 'client_id', 'scope',
'claims', 'request_uri'])
assert authreq["state"] == self.consumer.state
assert authreq["scope"] == self.consumer.config["scope"]
assert authreq["client_id"] == self.consumer.client_id
assert authreq["redirect_uri"].startswith("http://localhost:8087/authz")
def test_complete(self):
mfos = MyFakeOICServer("http://localhost:8088")
mfos.keyjar = SRVKEYS
self.consumer.http_request = mfos.http_request
self.consumer.state = "state0"
self.consumer.nonce = rndstr()
self.consumer.redirect_uris = ["https://example.com/cb"]
args = {
"client_id": self.consumer.client_id,
"response_type": "code",
"scope": ["openid"],
}
result = self.consumer.do_authorization_request(
state=self.consumer.state, request_args=args)
assert result.status_code == 302
print "redirect_uris", self.consumer.redirect_uris
print result.headers["location"]
assert result.headers["location"].startswith(
self.consumer.redirect_uris[0])
_, query = result.headers["location"].split("?")
#vkeys = {".": self.consumer.keyjar.get_verify_key()}
self.consumer.parse_response(AuthorizationResponse, info=query,
sformat="urlencoded")
resp = self.consumer.complete()
print resp
assert resp.type() == "AccessTokenResponse"
print resp.keys()
assert _eq(resp.keys(), ['token_type', 'state', 'access_token',
'scope', 'expires_in', 'refresh_token'])
assert resp["state"] == self.consumer.state
def test_parse_authz(self):
mfos = MyFakeOICServer("http://localhost:8088")
mfos.keyjar = SRVKEYS
self.consumer.http_request = mfos.http_request
self.consumer.state = "state0"
self.consumer.nonce = rndstr()
args = {
"client_id": self.consumer.client_id,
"response_type": "code",
"scope": ["openid"],
}
result = self.consumer.do_authorization_request(
state=self.consumer.state, request_args=args)
print self.consumer.sdb.keys()
print self.consumer.sdb["state0"].keys()
part = self.consumer.parse_authz(query=result.headers["location"])
print part
atr = part[0]
assert part[1] is None
assert part[2] is None
assert atr.type() == "AuthorizationResponse"
assert atr["state"] == "state0"
assert "code" in atr
def test_parse_authz_implicit(self):
self.consumer.config["response_type"] = "implicit"
args = {
"client_id": self.consumer.client_id,
"response_type": "implicit",
"scope": ["openid"],
}
result = self.consumer.do_authorization_request(
state=self.consumer.state, request_args=args)
part = self.consumer.parse_authz(query=result.headers["location"])
print part
assert part[0] is None
atr = part[1]
assert part[2] is None
assert atr.type() == "AccessTokenResponse"
assert atr["state"] == "state0"
assert "access_token" in atr