本文整理汇总了Python中oic.oic.provider.Provider类的典型用法代码示例。如果您正苦于以下问题:Python Provider类的具体用法?Python Provider怎么用?Python Provider使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了Provider类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: __init__
def __init__(self, name, sdb, cdb, authn_broker, userinfo, authz,
client_authn, symkey, trusted_domains, verify_signer_ssl=True, **kwarg):
Provider.__init__(self, name, sdb, cdb, authn_broker, userinfo, authz,
client_authn, symkey, **kwarg)
self.trusted_domains = trusted_domains
self.verify_signer_ssl = verify_signer_ssl示例2: __init__
def __init__(
self,
name,
sdb,
cdb,
userinfo,
client_authn,
urlmap=None,
ca_certs="",
keyjar=None,
hostname="",
dist_claims_mode=None,
):
Provider.__init__(
self, name, sdb, cdb, None, userinfo, None, client_authn, "", urlmap, ca_certs, keyjar, hostname
)
if keyjar is None:
keyjar = KeyJar(ca_certs)
for cid, _dic in cdb.items():
try:
keyjar.add_symmetric(cid, _dic["client_secret"], ["sig", "ver"])
except KeyError:
pass
self.srvmethod = OICCServer(keyjar=keyjar)
self.dist_claims_mode = dist_claims_mode
self.info_store = {}
self.claims_userinfo_endpoint = ""示例3: test_session_state_in_auth_req_for_session_support
def test_session_state_in_auth_req_for_session_support(self):
provider = Provider(
"foo",
SessionDB(SERVER_INFO["issuer"]),
CDB,
AUTHN_BROKER,
USERINFO,
AUTHZ,
verify_client,
SYMKEY,
urlmap=URLMAP,
keyjar=KEYJAR,
capabilities={"check_session_iframe": "https://op.example.com/check_session"},
)
req_args = {
"scope": ["openid"],
"redirect_uri": "http://localhost:8087/authz",
"response_type": ["code"],
"client_id": "a1b2c3",
}
areq = AuthorizationRequest(**req_args)
resp = provider.authorization_endpoint(request=areq.to_urlencoded())
aresp = self.cons.parse_response(AuthorizationResponse, resp.message, sformat="urlencoded")
assert "session_state" in aresp示例4: __init__
def __init__(self, name, sdb, cdb, function, userdb, urlmap=None,
debug=0, ca_certs="", jwt_keys=None):
Provider.__init__(self, name, sdb, cdb, function, userdb, urlmap,
ca_certs, jwt_keys)
self.test_mode = True
self.trace_log = {}
self.sessions = []
self.max_sessions = 100示例5: test_provider_key_setup
def test_provider_key_setup():
provider = Provider("pyoicserv", SessionDB(), None, None, None)
provider.baseurl = "http://www.example.com/"
provider.key_setup("static", sig={"format": "jwk", "alg": "rsa"})
keys = provider.keyjar.get_signing_key("rsa")
assert len(keys) == 1
assert provider.jwk[0] == "http://www.example.com/static/jwk.json"示例6: test_provider_key_setup
def test_provider_key_setup(self):
provider = Provider("pyoicserv", SessionDB(SERVER_INFO["issuer"]), None,
None, None, None, None, "")
provider.baseurl = "http://www.example.com/"
provider.key_setup("static", sig={"format": "jwk", "alg": "RSA"})
keys = provider.keyjar.get_signing_key("RSA")
assert len(keys) == 1
assert provider.jwks_uri == "http://www.example.com/static/jwks"示例7: test_provider_key_setup
def test_provider_key_setup(self, tmpdir):
path = tmpdir.strpath
provider = Provider("pyoicserv", SessionDB(SERVER_INFO["issuer"]), None, None, None, None, None, "")
provider.baseurl = "http://www.example.com"
provider.key_setup(path, path, sig={"format": "jwk", "alg": "RSA"})
keys = provider.keyjar.get_signing_key("RSA")
assert len(keys) == 1
assert provider.jwks_uri == "http://www.example.com/{}/jwks".format(path)示例8: test_registered_redirect_uri_with_query_component
def test_registered_redirect_uri_with_query_component(self):
provider2 = Provider("FOOP", {}, {}, None, None, None, None, "")
rr = RegistrationRequest(operation="register",
redirect_uris=["http://example.org/cb?foo=bar"],
response_types=["code"])
registration_req = rr.to_json()
resp = provider2.registration_endpoint(request=registration_req)
regresp = RegistrationResponse().from_json(resp.message)
print regresp.to_dict()
faulty = [
"http://example.org/cb",
"http://example.org/cb/foo",
"http://example.org/cb?got=you",
"http://example.org/cb?foo=you"
"http://example.org/cb?foo=bar&got=you",
"http://example.org/cb?foo=you&foo=bar"
]
correct = [
"http://example.org/cb?foo=bar",
]
cid = regresp["client_id"]
for ruri in faulty:
areq = AuthorizationRequest(redirect_uri=ruri,
client_id=cid,
scope="openid",
response_type="code")
print areq
try:
provider2._verify_redirect_uri(areq)
except RedirectURIError:
pass
for ruri in correct:
areq = AuthorizationRequest(redirect_uri=ruri,
client_id=cid, scope="openid",
response_type="code")
resp = provider2._verify_redirect_uri(areq)
print resp
assert resp is None示例9: _create_op
def _create_op(self, issuer, endpoint_baseurl, jwks_uri):
"""
Create the necessary Provider instance.
:type issuer: str
:type endpoint_baseurl: str
:type jwks_uri: str
:param issuer: issuer URL for the OP
:param endpoint_baseurl: baseurl to build endpoint URL from
:param jwks_uri: URL to where the JWKS will be published
"""
kj = KeyJar()
signing_key = KeyBundle(source="file://{}".format(self.conf["signing_key_path"]),
fileformat="der", keyusage=["sig"])
kj.add_kb("", signing_key)
capabilities = {
"response_types_supported": ["id_token"],
"id_token_signing_alg_values_supported": [self.sign_alg],
"response_modes_supported": ["fragment", "query"],
"subject_types_supported": ["public", "pairwise"],
"grant_types_supported": ["implicit"],
"claim_types_supported": ["normal"],
"claims_parameter_supported": True,
"request_parameter_supported": False,
"request_uri_parameter_supported": False,
}
if "client_db_path" in self.conf:
cdb = shelve_wrapper.open(self.conf["client_db_path"])
else:
cdb = {} # client db in memory only
self.provider = Provider(issuer, None, cdb, None, None, None, None, None, keyjar=kj,
capabilities=capabilities, jwks_uri=jwks_uri)
self.provider.baseurl = endpoint_baseurl
self.provider.endp = [RegistrationEndpoint, AuthorizationEndpoint]示例10: __init__
def __init__(self, name, sdb, cdb, function, userdb, urlmap=None,
debug=0, ca_certs="", jwt_keys=None):
Provider.__init__(self, name, sdb, cdb, function, userdb, urlmap,
ca_certs, jwt_keys)
if jwt_keys is None:
jwt_keys = []
for cid, _dic in cdb.items():
jwt_keys.append([_dic["client_secret"], "hmac", "sig", cid])
jwt_keys.append([_dic["client_secret"], "hmac", "ver", cid])
self.srvmethod = OICCServer(jwt_keys=jwt_keys)
self.keystore = self.srvmethod.keystore
self.claims_mode = "aggregate"
self.info_store = {}
self.claims_userinfo_endpoint = ""示例11: test_registered_redirect_uri_with_query_component
def test_registered_redirect_uri_with_query_component():
provider2 = Provider("FOOP", {}, {}, None, None)
environ = {}
rr = RegistrationRequest(operation="register",
redirect_uris=["http://example.org/cb?foo=bar"])
registration_req = rr.to_urlencoded()
resp = provider2.registration_endpoint(environ, start_response,
query=registration_req)
regresp = RegistrationResponse().from_json(resp[0])
print regresp.to_dict()
faulty = [
"http://example.org/cb",
"http://example.org/cb/foo",
"http://example.org/cb?got=you",
"http://example.org/cb?foo=you"
]
correct = [
"http://example.org/cb?foo=bar",
"http://example.org/cb?foo=bar&got=you",
"http://example.org/cb?foo=bar&foo=you"
]
for ruri in faulty:
areq = AuthorizationRequest(redirect_uri=ruri,
client_id=regresp["client_id"],
scope="openid",
response_type="code")
print areq
assert provider2._verify_redirect_uri(areq) != None
for ruri in correct:
areq = AuthorizationRequest(redirect_uri= ruri,
client_id=regresp["client_id"])
resp = provider2._verify_redirect_uri(areq)
print resp
assert resp == None示例12: test_key_rollover
def test_key_rollover(self):
provider2 = Provider("FOOP", {}, {}, None, None, None, None, "")
provider2.keyjar = KEYJAR
# Number of KeyBundles
assert len(provider2.keyjar.issuer_keys[""]) == 1
kb = ec_init({"type": "EC", "crv": "P-256", "use": ["sig"]})
provider2.do_key_rollover(json.loads(kb.jwks()), "b%d")
assert len(provider2.keyjar.issuer_keys[""]) == 2
kb = ec_init({"type": "EC", "crv": "P-256", "use": ["sig"]})
provider2.do_key_rollover(json.loads(kb.jwks()), "b%d")
assert len(provider2.keyjar.issuer_keys[""]) == 3
provider2.remove_inactive_keys(-1)
assert len(provider2.keyjar.issuer_keys[""]) == 2示例13: setup_class
def setup_class(self):
self.server = Provider("pyoicserv", SessionDB(SERVER_INFO["issuer"]), CDB,
AUTHN_BROKER, USERINFO,
AUTHZ, verify_client, SYMKEY, urlmap=URLMAP,
keyjar=KEYJAR)
self.cons = Consumer({}, CONSUMER_CONFIG, CLIENT_CONFIG,
server_info=SERVER_INFO, )
self.cons.behaviour = {"request_object_signing_alg": DEF_SIGN_ALG["openid_request_object"]}
self.cons.debug = True
self.cons.keyjar[""] = KC_RSA示例14: __init__
def __init__(self, name, sdb, cdb, authn_broker, userinfo, authz,
client_authn, symkey, urlmap=None, keyjar=None,
hostname="", configuration=None, ca_certs="",
template_lookup=None, verify_login_template=None,
base_url=""):
OIDCProvider.__init__(self, name, sdb, cdb, authn_broker, userinfo,
authz, client_authn, symkey, urlmap, ca_certs,
keyjar, hostname, template_lookup,
verify_login_template)
UmaAS.__init__(self, configuration, baseurl=base_url)
if keyjar:
self.keyjar = keyjar
else:
self.keyjar = KeyJar()
self.hostname = hostname or socket.gethostname
#self.jwks_uri = []
self.endp = UmaAS.endp[:]
self.endp.extend(OIDCProvider.endp)示例15: main
def main():
parser = argparse.ArgumentParser(description='Example OIDC Provider.')
parser.add_argument("-p", "--port", default=80, type=int)
parser.add_argument("-b", "--base", default="https://localhost", type=str)
parser.add_argument("-d", "--debug", action="store_true")
parser.add_argument("settings")
args = parser.parse_args()
# Load configuration
with open(args.settings, "r") as f:
settings = yaml.load(f)
baseurl = args.base.rstrip("/")
issuer = "{base}:{port}".format(base=baseurl, port=args.port)
template_dirs = settings["server"].get("template_dirs", "templates")
jinja_env = Environment(loader=FileSystemLoader(template_dirs))
authn_broker, auth_routing = setup_authentication_methods(settings["authn"],
jinja_env)
# Setup userinfo
userinfo_conf = settings["userinfo"]
cls = make_cls_from_name(userinfo_conf["class"])
i = cls(**userinfo_conf["kwargs"])
userinfo = UserInfo(i)
client_db = {}
provider = Provider(issuer, SessionDB(baseurl), client_db, authn_broker,
userinfo, AuthzHandling(), verify_client, None)
provider.baseurl = issuer
provider.symkey = rndstr(16)
# Setup keys
path = os.path.join(os.path.dirname(__file__), "static")
try:
os.makedirs(os.path.dirname(path))
except OSError, e:
if e.errno != errno.EEXIST:
raise e
pass