本文整理汇总了Python中oic.oic.provider.Provider.build_jwx_def方法的典型用法代码示例。如果您正苦于以下问题:Python Provider.build_jwx_def方法的具体用法?Python Provider.build_jwx_def怎么用?Python Provider.build_jwx_def使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类oic.oic.provider.Provider的用法示例。
在下文中一共展示了Provider.build_jwx_def方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: TestProvider
# 需要导入模块: from oic.oic.provider import Provider [as 别名]
# 或者: from oic.oic.provider.Provider import build_jwx_def [as 别名]
#.........这里部分代码省略.........
provider2.keyjar = KEYJAR
# Number of KeyBundles
assert len(provider2.keyjar.issuer_keys[""]) == 1
kb = ec_init({"type": "EC", "crv": "P-256", "use": ["sig"]})
provider2.do_key_rollover(json.loads(kb.jwks()), "b%d")
assert len(provider2.keyjar.issuer_keys[""]) == 2
kb = ec_init({"type": "EC", "crv": "P-256", "use": ["sig"]})
provider2.do_key_rollover(json.loads(kb.jwks()), "b%d")
assert len(provider2.keyjar.issuer_keys[""]) == 3
provider2.remove_inactive_keys(-1)
assert len(provider2.keyjar.issuer_keys[""]) == 2
def test_endsession_endpoint(self):
resp = self.provider.endsession_endpoint("")
self._assert_cookies_expired(resp.headers)
# End session not allowed if no cookie is sent (can't determine session)
resp = self.provider.endsession_endpoint("", cookie="FAIL")
assert resp.status == "400 Bad Request"
def test_endsession_endpoint_with_id_token_hint(self):
id_token = self._auth_with_id_token()
assert self.provider.sdb.get_sids_by_sub(
id_token["sub"]) # verify we got valid session
id_token_hint = id_token.to_jwt(algorithm="none")
resp = self.provider.endsession_endpoint(
urlencode({"id_token_hint": id_token_hint}))
assert not self.provider.sdb.get_sids_by_sub(
id_token["sub"]) # verify session has been removed
self._assert_cookies_expired(resp.headers)
def test_endsession_endpoint_with_post_logout_redirect_uri(self):
id_token = self._auth_with_id_token()
assert self.provider.sdb.get_sids_by_sub(
id_token["sub"]) # verify we got valid session
post_logout_redirect_uri = \
CDB[CLIENT_CONFIG["client_id"]]["post_logout_redirect_uris"][0][0]
resp = self.provider.endsession_endpoint(urlencode(
{"post_logout_redirect_uri": post_logout_redirect_uri}))
assert isinstance(resp, SeeOther)
assert not self.provider.sdb.get_sids_by_sub(
id_token["sub"]) # verify session has been removed
self._assert_cookies_expired(resp.headers)
def test_session_state_in_auth_req_for_session_support(self):
provider = Provider(SERVER_INFO["issuer"], SessionDB(SERVER_INFO["issuer"]), CDB,
AUTHN_BROKER, USERINFO,
AUTHZ, verify_client, SYMKEY, urlmap=URLMAP,
keyjar=KEYJAR)
provider.capabilities.update({
"check_session_iframe": "https://op.example.com/check_session"})
req_args = {"scope": ["openid"],
"redirect_uri": "http://localhost:8087/authz",
"response_type": ["code"],
"client_id": "number5"
}
areq = AuthorizationRequest(**req_args)
resp = provider.authorization_endpoint(
request=areq.to_urlencoded())
aresp = self.cons.parse_response(AuthorizationResponse, resp.message,
sformat="urlencoded")
assert "session_state" in aresp
def _assert_cookies_expired(self, http_headers):
cookies_string = ";".join(
[c[1] for c in http_headers if c[0] == "Set-Cookie"])
all_cookies = SimpleCookie()
try:
cookies_string = cookies_string.decode()
except (AttributeError, UnicodeDecodeError):
pass
all_cookies.load(cookies_string)
now = datetime.datetime.utcnow() #
for c in [self.provider.cookie_name, self.provider.session_cookie_name]:
dt = datetime.datetime.strptime(all_cookies[c]["expires"],
"%a, %d-%b-%Y %H:%M:%S GMT")
assert dt < now # make sure the cookies have expired to be cleared
def _auth_with_id_token(self):
state, location = self.cons.begin("openid", "id_token",
path="http://localhost:8087")
resp = self.provider.authorization_endpoint(
request=location.split("?")[1])
aresp = self.cons.parse_response(AuthorizationResponse, resp.message,
sformat="urlencoded")
return aresp["id_token"]
def test_id_token_RS512_sign(self):
self.provider.capabilities[
'id_token_signing_alg_values_supported'] = ['RS512']
self.provider.build_jwx_def()
id_token = self._auth_with_id_token()
assert id_token.jws_header['alg'] == "RS512"