本文整理汇总了Python中oic.oic.provider.Provider.registration_endpoint方法的典型用法代码示例。如果您正苦于以下问题:Python Provider.registration_endpoint方法的具体用法?Python Provider.registration_endpoint怎么用?Python Provider.registration_endpoint使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类oic.oic.provider.Provider的用法示例。
在下文中一共展示了Provider.registration_endpoint方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_registered_redirect_uri_without_query_component
# 需要导入模块: from oic.oic.provider import Provider [as 别名]
# 或者: from oic.oic.provider.Provider import registration_endpoint [as 别名]
def test_registered_redirect_uri_without_query_component(self):
provider = Provider("FOO", {}, {}, None, None, None, None, "")
rr = RegistrationRequest(operation="register",
redirect_uris=["http://example.org/cb"],
response_types=["code"])
registration_req = rr.to_json()
provider.registration_endpoint(request=registration_req)
correct = [
"http://example.org/cb",
"http://example.org/cb/foo",
]
faulty = [
"http://example.org/foo",
"http://example.com/cb",
"http://example.org/cb?got=you",
"http://example.org/cb/foo?got=you"
]
cid = self._client_id(provider.cdb)
for ruri in faulty:
areq = AuthorizationRequest(redirect_uri=ruri,
client_id=cid,
response_type="code",
scope="openid")
print areq
try:
provider._verify_redirect_uri(areq)
assert False
except RedirectURIError:
pass
for ruri in correct:
areq = AuthorizationRequest(redirect_uri=ruri,
client_id=cid,
response_type="code", scope="openid")
print areq
try:
provider._verify_redirect_uri(areq)
except RedirectURIError, err:
print err
assert False示例2: test_registered_redirect_uri_without_query_component
# 需要导入模块: from oic.oic.provider import Provider [as 别名]
# 或者: from oic.oic.provider.Provider import registration_endpoint [as 别名]
def test_registered_redirect_uri_without_query_component():
provider = Provider("FOO", {}, {}, None, None)
rr = RegistrationRequest(operation="register",
redirect_uris=["http://example.org/cb"])
registration_req = rr.to_urlencoded()
provider.registration_endpoint({}, start_response,
query=registration_req)
correct = [
"http://example.org/cb",
"http://example.org/cb/foo",
"http://example.org/cb?got=you",
"http://example.org/cb/foo?got=you"
]
faulty = [
"http://example.org/foo",
"http://example.com/cb",
]
for ruri in faulty:
areq = AuthorizationRequest(redirect_uri=ruri,
client_id=provider.cdb.keys()[0],
response_type="code",
scope="openid")
print areq
assert provider._verify_redirect_uri(areq) != None
for ruri in correct:
areq = AuthorizationRequest(redirect_uri= ruri,
client_id=provider.cdb.keys()[0])
resp = provider._verify_redirect_uri(areq)
if resp:
print resp.message
assert resp is None示例3: test_registered_redirect_uri_with_query_component
# 需要导入模块: from oic.oic.provider import Provider [as 别名]
# 或者: from oic.oic.provider.Provider import registration_endpoint [as 别名]
def test_registered_redirect_uri_with_query_component(self):
provider2 = Provider("FOOP", {}, {}, None, None, None, None, "")
rr = RegistrationRequest(operation="register",
redirect_uris=["http://example.org/cb?foo=bar"],
response_types=["code"])
registration_req = rr.to_json()
resp = provider2.registration_endpoint(request=registration_req)
regresp = RegistrationResponse().from_json(resp.message)
print regresp.to_dict()
faulty = [
"http://example.org/cb",
"http://example.org/cb/foo",
"http://example.org/cb?got=you",
"http://example.org/cb?foo=you"
"http://example.org/cb?foo=bar&got=you",
"http://example.org/cb?foo=you&foo=bar"
]
correct = [
"http://example.org/cb?foo=bar",
]
cid = regresp["client_id"]
for ruri in faulty:
areq = AuthorizationRequest(redirect_uri=ruri,
client_id=cid,
scope="openid",
response_type="code")
print areq
try:
provider2._verify_redirect_uri(areq)
except RedirectURIError:
pass
for ruri in correct:
areq = AuthorizationRequest(redirect_uri=ruri,
client_id=cid, scope="openid",
response_type="code")
resp = provider2._verify_redirect_uri(areq)
print resp
assert resp is None示例4: test_registered_redirect_uri_with_query_component
# 需要导入模块: from oic.oic.provider import Provider [as 别名]
# 或者: from oic.oic.provider.Provider import registration_endpoint [as 别名]
def test_registered_redirect_uri_with_query_component():
provider2 = Provider("FOOP", {}, {}, None, None)
environ = {}
rr = RegistrationRequest(operation="register",
redirect_uris=["http://example.org/cb?foo=bar"])
registration_req = rr.to_urlencoded()
resp = provider2.registration_endpoint(environ, start_response,
query=registration_req)
regresp = RegistrationResponse().from_json(resp[0])
print regresp.to_dict()
faulty = [
"http://example.org/cb",
"http://example.org/cb/foo",
"http://example.org/cb?got=you",
"http://example.org/cb?foo=you"
]
correct = [
"http://example.org/cb?foo=bar",
"http://example.org/cb?foo=bar&got=you",
"http://example.org/cb?foo=bar&foo=you"
]
for ruri in faulty:
areq = AuthorizationRequest(redirect_uri=ruri,
client_id=regresp["client_id"],
scope="openid",
response_type="code")
print areq
assert provider2._verify_redirect_uri(areq) != None
for ruri in correct:
areq = AuthorizationRequest(redirect_uri= ruri,
client_id=regresp["client_id"])
resp = provider2._verify_redirect_uri(areq)
print resp
assert resp == None示例5: TestOICProvider
# 需要导入模块: from oic.oic.provider import Provider [as 别名]
# 或者: from oic.oic.provider.Provider import registration_endpoint [as 别名]
#.........这里部分代码省略.........
path, query = line.split("#")
# redirect
atr = AuthorizationResponse().deserialize(query, "urlencoded")
uir = UserInfoRequest(access_token=atr["access_token"], schema="openid")
resp3 = self.server.userinfo_endpoint(request=uir.to_urlencoded())
ident = OpenIDSchema().deserialize(resp3.message, "json")
print ident.keys()
assert _eq(ident.keys(), ['nickname', 'sub', 'name', 'email'])
# uid = server.sdb[sid]["authn_event"].uid
# _sub = "%x" % hash(uid+server.sdb.base_url)
#
# assert ident["sub"] == hash(USERDB["username"]["sub"]+server.sdb.base_url)
def test_check_session_endpoint(self):
print self.server.name
session = {"sub": "UserID", "client_id": "number5"}
idtoken = self.server.id_token_as_signed_jwt(session)
csr = CheckSessionRequest(id_token=idtoken)
info = self.server.check_session_endpoint(request=csr.to_urlencoded())
print info
idt = IdToken().deserialize(info.message, "json")
print idt.keys()
assert _eq(idt.keys(), ['sub', 'aud', 'iss', 'acr', 'exp', 'iat'])
assert idt["iss"] == self.server.name + "/"
def test_registration_endpoint(self):
req = RegistrationRequest()
req["application_type"] = "web"
req["client_name"] = "My super service"
req["redirect_uris"] = ["http://example.com/authz"]
req["contacts"] = ["[email protected]"]
req["response_types"] = ["code"]
print req.to_dict()
resp = self.server.registration_endpoint(request=req.to_json())
print resp.message
regresp = RegistrationResponse().deserialize(resp.message, "json")
print regresp.keys()
assert _eq(regresp.keys(), ['redirect_uris', 'contacts', 'application_type',
'client_name', 'registration_client_uri',
'client_secret_expires_at',
'registration_access_token',
'client_id', 'client_secret',
'client_id_issued_at', 'response_types'])
def test_provider_key_setup(self):
provider = Provider("pyoicserv", SessionDB(SERVER_INFO["issuer"]), None,
None, None, None, None, "")
provider.baseurl = "http://www.example.com/"
provider.key_setup("static", sig={"format": "jwk", "alg": "RSA"})
keys = provider.keyjar.get_signing_key("RSA")
assert len(keys) == 1
assert provider.jwks_uri == "http://www.example.com/static/jwks"
示例6: TestProvider
# 需要导入模块: from oic.oic.provider import Provider [as 别名]
# 或者: from oic.oic.provider.Provider import registration_endpoint [as 别名]
#.........这里部分代码省略.........
for key, value in iteritems(claims):
assert parsed[key] == value
def test_userinfo_endpoint(self):
self.cons.client_secret = "drickyoughurt"
self.cons.config["response_type"] = ["token"]
self.cons.config["request_method"] = "parameter"
state, location = self.cons.begin("openid", "token",
path="http://localhost:8087")
resp = self.provider.authorization_endpoint(
request=urlparse(location).query)
# redirect
atr = AuthorizationResponse().deserialize(
urlparse(resp.message).fragment, "urlencoded")
uir = UserInfoRequest(access_token=atr["access_token"], schema="openid")
resp = self.provider.userinfo_endpoint(request=uir.to_urlencoded())
ident = OpenIDSchema().deserialize(resp.message, "json")
assert _eq(ident.keys(), ['nickname', 'sub', 'name', 'email'])
def test_check_session_endpoint(self):
session = {"sub": "UserID", "client_id": "number5"}
idtoken = self.provider.id_token_as_signed_jwt(session)
csr = CheckSessionRequest(id_token=idtoken)
info = self.provider.check_session_endpoint(request=csr.to_urlencoded())
idt = IdToken().deserialize(info.message, "json")
assert _eq(idt.keys(), ['sub', 'aud', 'iss', 'acr', 'exp', 'iat'])
assert idt["iss"] == self.provider.name + "/"
def test_registration_endpoint(self):
req = RegistrationRequest()
req["application_type"] = "web"
req["client_name"] = "My super service"
req["redirect_uris"] = ["http://example.com/authz"]
req["contacts"] = ["[email protected]"]
req["response_types"] = ["code"]
resp = self.provider.registration_endpoint(request=req.to_json())
regresp = RegistrationResponse().deserialize(resp.message, "json")
assert _eq(regresp.keys(),
['redirect_uris', 'contacts', 'application_type',
'client_name', 'registration_client_uri',
'client_secret_expires_at',
'registration_access_token',
'client_id', 'client_secret',
'client_id_issued_at', 'response_types'])
def test_registration_endpoint_with_non_https_redirect_uri_implicit_flow(
self):
params = {"application_type": "web",
"redirect_uris": ["http://example.com/authz"],
"response_types": ["id_token", "token"]}
req = RegistrationRequest(**params)
resp = self.provider.registration_endpoint(request=req.to_json())
assert resp.status == "400 Bad Request"
error = json.loads(resp.message)
assert error["error"] == "invalid_redirect_uri"
def test_verify_redirect_uris_with_https_code_flow(self):示例7: OIDCFrontend
# 需要导入模块: from oic.oic.provider import Provider [as 别名]
# 或者: from oic.oic.provider.Provider import registration_endpoint [as 别名]
#.........这里部分代码省略.........
"""
Determine, based on the clients request, whether the authentication/error response should
be fragment encoded or not.
:type authn_req: oic.oic.message.AuthorizationRequest
:rtype: bool
:param authn_req: parsed authentication request from the client
:return: True if the response should be fragment encoded
"""
return authn_req.get("response_mode", "fragment") == "fragment"
def _get_authn_request_from_state(self, state):
"""
Extract the clietns request stoed in the SATOSA state.
:type state: satosa.state.State
:rtype: oic.oic.message.AuthorizationRequest
:param state: the current state
:return: the parsed authentication request
"""
stored_state = state.get(self.state_id)
oidc_request = stored_state["oidc_request"]
return AuthorizationRequest().deserialize(oidc_request)
def _register_client(self, context):
"""
Handle the OIDC dynamic client registration.
:type context: satosa.context.Context
:rtype: oic.utils.http_util.Response
:param context: the current context
:return: HTTP response to the client
"""
http_resp = self.provider.registration_endpoint(json.dumps(context.request))
if not isinstance(http_resp, Created):
return http_resp
return self._fixup_registration_response(http_resp)
def _fixup_registration_response(self, http_resp):
# remove client_secret since no token endpoint is published
response = RegistrationResponse().deserialize(http_resp.message, "json")
del response["client_secret"]
# specify supported id token signing alg
response["id_token_signed_response_alg"] = self.sign_alg
http_resp.message = response.to_json()
return http_resp
def _provider_config(self, context):
"""
Construct the provider configuration information (served at /.well-known/openid-configuration).
:type context: satosa.context.Context
:rtype: oic.utils.http_util.Response
:param context: the current context
:return: HTTP response to the client
"""
http_resp = self.provider.providerinfo_endpoint()
if not isinstance(http_resp, Response):
return http_resp
provider_config = ProviderConfigurationResponse().deserialize(http_resp.message, "json")
del provider_config["token_endpoint_auth_methods_supported"]
del provider_config["require_request_uri_registration"]
http_resp.message = provider_config.to_json()