本文整理汇总了Python中oic.oic.provider.Provider.authorization_endpoint方法的典型用法代码示例。如果您正苦于以下问题:Python Provider.authorization_endpoint方法的具体用法?Python Provider.authorization_endpoint怎么用?Python Provider.authorization_endpoint使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类oic.oic.provider.Provider的用法示例。
在下文中一共展示了Provider.authorization_endpoint方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_session_state_in_auth_req_for_session_support
# 需要导入模块: from oic.oic.provider import Provider [as 别名]
# 或者: from oic.oic.provider.Provider import authorization_endpoint [as 别名]
def test_session_state_in_auth_req_for_session_support(self):
provider = Provider(
"foo",
SessionDB(SERVER_INFO["issuer"]),
CDB,
AUTHN_BROKER,
USERINFO,
AUTHZ,
verify_client,
SYMKEY,
urlmap=URLMAP,
keyjar=KEYJAR,
capabilities={"check_session_iframe": "https://op.example.com/check_session"},
)
req_args = {
"scope": ["openid"],
"redirect_uri": "http://localhost:8087/authz",
"response_type": ["code"],
"client_id": "a1b2c3",
}
areq = AuthorizationRequest(**req_args)
resp = provider.authorization_endpoint(request=areq.to_urlencoded())
aresp = self.cons.parse_response(AuthorizationResponse, resp.message, sformat="urlencoded")
assert "session_state" in aresp示例2: TestOICProvider
# 需要导入模块: from oic.oic.provider import Provider [as 别名]
# 或者: from oic.oic.provider.Provider import authorization_endpoint [as 别名]
class TestOICProvider(object):
def setup_class(self):
self.server = Provider("pyoicserv", SessionDB(SERVER_INFO["issuer"]), CDB,
AUTHN_BROKER, USERINFO,
AUTHZ, verify_client, SYMKEY, urlmap=URLMAP,
keyjar=KEYJAR)
self.cons = Consumer({}, CONSUMER_CONFIG, CLIENT_CONFIG,
server_info=SERVER_INFO, )
self.cons.behaviour = {"request_object_signing_alg": DEF_SIGN_ALG["openid_request_object"]}
self.cons.debug = True
self.cons.keyjar[""] = KC_RSA
def test_server_init(self):
assert self.server
assert self.server.authn_broker == AUTHN_BROKER
print self.server.urlmap
assert self.server.urlmap["client_1"] == ["https://example.com/authz"]
def test_server_authorization_endpoint(self):
bib = {"scope": ["openid"],
"state": "id-6da9ca0cc23959f5f33e8becd9b08cae",
"redirect_uri": "http://localhost:8087/authz",
"response_type": ["code"],
"client_id": "a1b2c3",
"nonce": "Nonce"}
arq = AuthorizationRequest(**bib)
resp = self.server.authorization_endpoint(request=arq.to_urlencoded())
print resp.message
assert resp.message
def test_server_authorization_endpoint_request(self):
bib = {"scope": ["openid"],
"state": "id-6da9ca0cc23959f5f33e8becd9b08cae",
"redirect_uri": "http://localhost:8087/authz",
"response_type": ["code", "id_token"],
"client_id": "a1b2c3",
"nonce": "Nonce",
"prompt": ["none"]}
req = AuthorizationRequest(**bib)
# want to be someone else !
ic = {"sub": {"value": "userX"}}
_keys = self.server.keyjar.get_signing_key(key_type="RSA")
req["request"] = make_openid_request(req, _keys, idtoken_claims=ic,
request_object_signing_alg="RS256")
try:
resp = self.server.authorization_endpoint(request=req.to_urlencoded())
except FailedAuthentication:
pass
else:
assert False
def test_server_authorization_endpoint_id_token(self):
bib = {"scope": ["openid"],
"state": "id-6da9ca0cc23959f5f33e8becd9b08cae",
"redirect_uri": "http://localhost:8087/authz",
"response_type": ["code", "id_token"],
"client_id": "a1b2c3",
"nonce": "Nonce",
"prompt": ["none"]}
req = AuthorizationRequest(**bib)
areq = AuthorizationRequest(response_type="code",
client_id="client_1",
redirect_uri="http://example.com/authz",
scope=["openid"], state="state000")
sdb = self.server.sdb
ae = AuthnEvent("userX")
sid = sdb.create_authz_session(ae, areq)
sdb.do_sub(sid)
_info = sdb[sid]
# All this is jut removed when the id_token is constructed
# The proper information comes from the session information
_user_info = IdToken(iss="https://foo.example.om", sub="foo",
aud=bib["client_id"], exp=epoch_in_a_while(minutes=10),
acr="2", nonce=bib["nonce"])
print self.server.keyjar.issuer_keys
print _user_info.to_dict()
idt = self.server.id_token_as_signed_jwt(_info, access_token="access_token",
user_info=_user_info)
req["id_token"] = idt
query_string = req.to_urlencoded()
# client_id not in id_token["aud"] so login required
resp = self.server.authorization_endpoint(request=query_string, cookie="FAIL")
print resp
assert "error=login_required" in resp.message
req["client_id"] = "client_1"
query_string = req.to_urlencoded()
#.........这里部分代码省略.........
示例3: TestProvider
# 需要导入模块: from oic.oic.provider import Provider [as 别名]
# 或者: from oic.oic.provider.Provider import authorization_endpoint [as 别名]
class TestProvider(object):
@pytest.fixture(autouse=True)
def create_provider(self):
self.provider = Provider("pyoicserv", SessionDB(SERVER_INFO["issuer"]),
CDB,
AUTHN_BROKER, USERINFO,
AUTHZ, verify_client, SYMKEY, urlmap=URLMAP,
keyjar=KEYJAR)
self.provider.baseurl = self.provider.name
self.cons = Consumer({}, CONSUMER_CONFIG, CLIENT_CONFIG,
server_info=SERVER_INFO, )
self.cons.behaviour = {
"request_object_signing_alg": DEF_SIGN_ALG["openid_request_object"]}
self.cons.keyjar[""] = KC_RSA
def test_authorization_endpoint(self):
bib = {"scope": ["openid"],
"state": "id-6da9ca0cc23959f5f33e8becd9b08cae",
"redirect_uri": "http://localhost:8087/authz",
"response_type": ["code"],
"client_id": "a1b2c3",
"nonce": "Nonce"}
arq = AuthorizationRequest(**bib)
resp = self.provider.authorization_endpoint(request=arq.to_urlencoded())
parsed = parse_qs(urlparse(resp.message).query)
assert parsed["scope"] == ["openid"]
assert parsed["state"][0] == "id-6da9ca0cc23959f5f33e8becd9b08cae"
assert "code" in parsed
def test_authorization_endpoint_request(self):
bib = {"scope": ["openid"],
"state": "id-6da9ca0cc23959f5f33e8becd9b08cae",
"redirect_uri": "http://localhost:8087/authz",
"response_type": ["code", "id_token"],
"client_id": "a1b2c3",
"nonce": "Nonce",
"prompt": ["none"]}
req = AuthorizationRequest(**bib)
# want to be someone else !
ic = {"sub": {"value": "userX"}}
_keys = self.provider.keyjar.get_signing_key(key_type="RSA")
req["request"] = make_openid_request(req, _keys, idtoken_claims=ic,
request_object_signing_alg="RS256")
with pytest.raises(FailedAuthentication):
self.provider.authorization_endpoint(request=req.to_urlencoded())
def test_authorization_endpoint_id_token(self):
bib = {"scope": ["openid"],
"state": "id-6da9ca0cc23959f5f33e8becd9b08cae",
"redirect_uri": "http://localhost:8087/authz",
"response_type": ["code", "id_token"],
"client_id": "a1b2c3",
"nonce": "Nonce",
"prompt": ["none"]}
req = AuthorizationRequest(**bib)
areq = AuthorizationRequest(response_type="code",
client_id="client_1",
redirect_uri="http://example.com/authz",
scope=["openid"], state="state000")
sdb = self.provider.sdb
ae = AuthnEvent("userX", "salt")
sid = sdb.create_authz_session(ae, areq)
sdb.do_sub(sid, "client_salt")
_info = sdb[sid]
# All this is jut removed when the id_token is constructed
# The proper information comes from the session information
_user_info = IdToken(iss="https://foo.example.om", sub="foo",
aud=bib["client_id"],
exp=epoch_in_a_while(minutes=10),
acr="2", nonce=bib["nonce"])
idt = self.provider.id_token_as_signed_jwt(_info,
access_token="access_token",
user_info=_user_info)
req["id_token"] = idt
query_string = req.to_urlencoded()
# client_id not in id_token["aud"] so login required
resp = self.provider.authorization_endpoint(request=query_string,
cookie="FAIL")
parsed_resp = parse_qs(urlparse(resp.message).fragment)
assert parsed_resp["error"][0] == "login_required"
req["client_id"] = "client_1"
query_string = req.to_urlencoded()
# client_id is in id_token["aud"] so no login required
resp = self.provider.authorization_endpoint(request=query_string,
cookie="FAIL")
assert resp.message.startswith("http://localhost:8087/authz")
#.........这里部分代码省略.........
示例4: __init__
# 需要导入模块: from oic.oic.provider import Provider [as 别名]
# 或者: from oic.oic.provider.Provider import authorization_endpoint [as 别名]
class FakeOP:
STATE = "12345678"
def __init__(self):
op_base_url = TestConfiguration.get_instance().rp_config.OP_URL
self.provider = Provider(
"https://op.tester.se/",
SessionDB(op_base_url),
CDB,
AUTHN_BROKER,
USERINFO,
AUTHZ,
verify_client,
SYMKEY,
urlmap=None,
keyjar=KEYJAR
)
self.provider.baseurl = TestConfiguration.get_instance().rp_config.OP_URL
self.op_base = TestConfiguration.get_instance().rp_config.OP_URL
self.redirect_urls = TestConfiguration.get_instance().rp_config.CLIENTS[PROVIDER]["client_info"][
"redirect_uris"]
def setup_userinfo_endpoint(self):
cons = Consumer({}, CONSUMER_CONFIG, {"client_id": CLIENT_ID},
server_info=SERVER_INFO, )
cons.behaviour = {
"request_object_signing_alg": DEF_SIGN_ALG["openid_request_object"]}
cons.keyjar[""] = KC_RSA
cons.client_secret = "drickyoughurt"
state, location = cons.begin("openid", "token",
path=TestConfiguration.get_instance().rp_base)
resp = self.provider.authorization_endpoint(
request=urlparse(location).query)
# redirect
atr = AuthorizationResponse().deserialize(
urlparse(resp.message).fragment, "urlencoded")
uir = UserInfoRequest(access_token=atr["access_token"], schema="openid")
resp = self.provider.userinfo_endpoint(request=uir.to_urlencoded())
responses.add(
responses.POST,
self.op_base + "userinfo",
body=resp.message,
status=200,
content_type='application/json')
def setup_token_endpoint(self):
authreq = AuthorizationRequest(state="state",
redirect_uri=self.redirect_urls[0],
client_id=CLIENT_ID,
response_type="code",
scope=["openid"])
_sdb = self.provider.sdb
sid = _sdb.token.key(user="sub", areq=authreq)
access_grant = _sdb.token(sid=sid)
ae = AuthnEvent("user", "salt")
_sdb[sid] = {
"oauth_state": "authz",
"authn_event": ae,
"authzreq": authreq.to_json(),
"client_id": CLIENT_ID,
"code": access_grant,
"code_used": False,
"scope": ["openid"],
"redirect_uri": self.redirect_urls[0],
}
_sdb.do_sub(sid, "client_salt")
# Construct Access token request
areq = AccessTokenRequest(code=access_grant, client_id=CLIENT_ID,
redirect_uri=self.redirect_urls[0],
client_secret="client_secret_1")
txt = areq.to_urlencoded()
resp = self.provider.token_endpoint(request=txt)
responses.add(
responses.POST,
self.op_base + "token",
body=resp.message,
status=200,
content_type='application/json')
def setup_authentication_response(self, state=None):
context = Context()
context.path = 'openid/authz_cb'
op_base = TestConfiguration.get_instance().rp_config.OP_URL
if not state:
state = rndstr()
context.request = {
'code': 'F+R4uWbN46U+Bq9moQPC4lEvRd2De4o=',
'scope': 'openid profile email address phone',
'state': state}
context.state = self.generate_state(op_base)
return context
def generate_state(self, op_base):
state = State()
state_id = TestConfiguration.get_instance().rp_config.STATE_ID
state_data = {
#.........这里部分代码省略.........