本文整理汇总了Python中oic.utils.webfinger.WebFinger.discovery_query方法的典型用法代码示例。如果您正苦于以下问题:Python WebFinger.discovery_query方法的具体用法?Python WebFinger.discovery_query怎么用?Python WebFinger.discovery_query使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类oic.utils.webfinger.WebFinger的用法示例。
在下文中一共展示了WebFinger.discovery_query方法的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: discover
# 需要导入模块: from oic.utils.webfinger import WebFinger [as 别名]
# 或者: from oic.utils.webfinger.WebFinger import discovery_query [as 别名]
def discover(self, *arg, **kwargs):
wf = WebFinger(OIC_ISSUER)
wf.httpd = PBase()
_url = wf.query(kwargs["principal"])
self.trace.request("URL: %s" % _url)
url = wf.discovery_query(kwargs["principal"])
return url示例2: find_srv_discovery_url
# 需要导入模块: from oic.utils.webfinger import WebFinger [as 别名]
# 或者: from oic.utils.webfinger.WebFinger import discovery_query [as 别名]
def find_srv_discovery_url(self, resource):
"""
Use Webfinger to find the OP, The input is a unique identifier
of the user. Allowed forms are the acct, mail, http and https
urls. If no protocol specification is given like if only an
email like identifier is given. It will be translated if possible to
one of the allowed formats.
:param resource: unique identifier of the user.
:return:
"""
wf = WebFinger(httpd=PBase(ca_certs=self.extra["ca_bundle"]))
return wf.discovery_query(resource)示例3: Client
# 需要导入模块: from oic.utils.webfinger import WebFinger [as 别名]
# 或者: from oic.utils.webfinger.WebFinger import discovery_query [as 别名]
#.........这里部分代码省略.........
:param issuer: The issuer identifier
"""
if not pcr:
pcr = self.provider_info[issuer]
for _pref, _prov in PREFERENCE2PROVIDER.items():
try:
vals = self.client_prefs[_pref]
except KeyError:
continue
try:
_pvals = pcr[_prov]
except KeyError:
try:
self.behaviour[_pref] = PROVIDER_DEFAULT[_pref]
except KeyError:
#self.behaviour[_pref]= vals[0]
self.behaviour[_pref] = None
continue
for val in vals:
if val in _pvals:
self.behaviour[_pref]= val
break
if _pref not in self.behaviour:
raise ConfigurationError(
"OP couldn't match preferences",
"%s" % _pref)
for key, val in self.client_prefs.items():
if key not in PREFERENCE2PROVIDER:
self.behaviour[key] = val
def register(self, url, operation="register", application_type="web",
**kwargs):
req = RegistrationRequest(operation=operation,
application_type=application_type)
if operation == "update":
req["client_id"] = self.client_id
req["client_secret"] = self.client_secret
for prop in req.parameters():
if prop in ["operation", "client_id", "client_secret"]:
continue
try:
req[prop] = kwargs[prop]
except KeyError:
try:
req[prop] = self.behaviour[prop]
except KeyError:
pass
if "redirect_uris" not in req:
try:
req["redirect_uris"] = self.redirect_uris
except AttributeError:
raise MissingRequiredAttribute("redirect_uris")
headers = {"content-type": "application/x-www-form-urlencoded"}
if operation == "client_update":
headers["Authorization"] = "Bearer %s" % self.registration_access_token
rsp = self.http_request(url, "POST", data=req.to_urlencoded(),
headers=headers)
if rsp.status_code == 200:
resp = RegistrationResponse().deserialize(rsp.text, "json")
self.client_secret = resp["client_secret"]
self.client_id = resp["client_id"]
self.registration_expires = resp["expires_at"]
self.registration_access_token = resp["registration_access_token"]
else:
err = ErrorResponse().deserialize(rsp.text, "json")
raise Exception("Registration failed: %s" % err.get_json())
return resp
def normalization(self, principal, idtype="mail"):
if idtype == "mail":
(local, domain) = principal.split("@")
subject = "acct:%s" % principal
elif idtype == "url":
p = urlparse.urlparse(principal)
domain = p.netloc
subject = principal
else:
domain = ""
subject = principal
return subject, domain
def discover(self, principal):
subject, host = self.normalization(principal)
return self.wf.discovery_query(host, subject)示例4: WebFinger
# 需要导入模块: from oic.utils.webfinger import WebFinger [as 别名]
# 或者: from oic.utils.webfinger.WebFinger import discovery_query [as 别名]
import sys
from oic.oauth2 import PBase
from oic.utils.webfinger import OIC_ISSUER
from oic.utils.webfinger import WebFinger
__author__ = 'roland'
wf = WebFinger(OIC_ISSUER)
wf.httpd = PBase()
print (wf.discovery_query(sys.argv[1]))
示例5: PBase
# 需要导入模块: from oic.utils.webfinger import WebFinger [as 别名]
# 或者: from oic.utils.webfinger.WebFinger import discovery_query [as 别名]
#!/usr/bin/env python
from oic.oauth2 import PBase
from oic.oic import Client
from oic.utils.webfinger import WebFinger
__author__ = 'roland'
import argparse
parser = argparse.ArgumentParser()
parser.add_argument('-w', dest='webfinger')
parser.add_argument('-p', dest='providerinfo')
cargs = parser.parse_args()
issuer = ""
if cargs.webfinger:
_httpd = PBase(verify_ssl=False)
w = WebFinger(httpd=_httpd)
issuer = w.discovery_query(cargs.webfinger)
print issuer
if cargs.providerinfo:
cli = Client(verify_ssl=False)
if cargs.providerinfo != "-":
issuer = cargs.providerinfo
cli.provider_config(issuer)
print cli.provider_info示例6: WebFinger
# 需要导入模块: from oic.utils.webfinger import WebFinger [as 别名]
# 或者: from oic.utils.webfinger.WebFinger import discovery_query [as 别名]
#!/usr/bin/env python
import json
import requests
from oic.oauth2 import PBase
from oic.oic import OIDCONF_PATTERN
from oic.utils.webfinger import WebFinger
# This is a complete discovery example with OpenID Connect. After having retrieved the provide URL, its information
# is retrieved and printed. The standard URL format for obtaining OP information is:
# https://<op.servername>/.well-known/openid-configuration
userid = "[email protected]:8060"
wf = WebFinger()
wf.httpd = PBase(verify_ssl=False)
url = wf.discovery_query("acct:%s" % userid)
print "Provider:", url
if url[-1] == '/': url = url[:-1]
url = OIDCONF_PATTERN % url
print "Provider info url:", url
r = requests.request("GET", url, verify=False)
jwt = json.loads(r.text)
print "---- provider configuration info ----"
print json.dumps(jwt, sort_keys=True, indent=4, separators=(',', ': '))示例7: application
# 需要导入模块: from oic.utils.webfinger import WebFinger [as 别名]
# 或者: from oic.utils.webfinger.WebFinger import discovery_query [as 别名]
def application(environ, start_response):
session = environ['beaker.session']
rpSession = RpSession(session)
path = environ.get('PATH_INFO', '').lstrip('/')
if path == "robots.txt":
return static(environ, start_response, LOGGER, "static/robots.txt")
if path.startswith("static/"):
return static(environ, start_response, LOGGER, path)
query = parse_qs(environ["QUERY_STRING"])
if path == "logout":
try:
logoutUrl = rpSession.getClient().endsession_endpoint
logoutUrl += "?" + urllib.urlencode({"post_logout_redirect_uri": SERVER_ENV["base_url"]})
try:
logoutUrl += "&" + urllib.urlencode({"id_token_hint": id_token_as_signed_jwt(rpSession.getClient(), "HS256")})
except:
pass
rpSession.clearSession()
resp = Redirect(str(logoutUrl))
return resp(environ, start_response)
except:
pass
if rpSession.getCallback():
for key, _dict in rp_conf.SERVICE.items():
if "opKey" in _dict and _dict["opKey"] == path:
rpSession.setCallback(False)
func = getattr(rp_conf.SERVICE[key]["instance"], "callback")
return func(environ, SERVER_ENV, start_response, query, rpSession)
if path == "rpAcr" and "key" in query and query["key"][0] in rp_conf.SERVICE:
return chooseAcrValue(environ, start_response, rpSession, query["key"][0])
if path == "rpAuth": #Only called if multiple arc_values (that is authentications) exists.
if "acr" in query and query["acr"][0] in rpSession.getAcrvalues() and \
"key" in query and query["key"][0] in rp_conf.SERVICE:
func = getattr(rp_conf.SERVICE[query["key"][0]]["instance"], "create_authnrequest")
return func(environ, SERVER_ENV, start_response, rpSession, query["acr"][0])
if rpSession.getClient() is not None:
rpSession.setCallback(True)
func = getattr(rp_conf.SERVICE[rpSession.getService()]["instance"], "begin")
return func(environ, SERVER_ENV, start_response, rpSession)
if path == "rp":
if "key" in query:
print "key"
key = query["key"][0]
if key in rp_conf.SERVICE:
rpSession.setCallback(True)
func = getattr(rp_conf.SERVICE[key]["instance"], "begin")
return func(environ, SERVER_ENV, start_response, rpSession)
if "uid" in query:
print "uid"
_val = URINormalizer().normalize(query["uid"][0])
wf = WebFinger(httpd=Httpd())
link = wf.discovery_query(resource=_val)
#requests.get(url, verify=True)
md5 = hashlib.md5()
md5.update(link)
opkey = base64.b16encode(md5.digest())
kwargs = {'opKey': opkey,
'description': 'OIDC server with discovery url: ' + link,
'class': pyoidcOIC,
'srv_discovery_url': link,
'scope': ["openid", "profile", "email", "address",
"phone"],
'name': link}
rp_conf.SERVICE[opkey] = kwargs
rp_conf.SERVICE[opkey]["instance"] = pyoidcOIC(None, None, **kwargs)
rpSession.setCallback(True)
func = getattr(rp_conf.SERVICE[opkey]["instance"], "begin")
return func(environ, SERVER_ENV, start_response, rpSession)
if path == "opbyuid":
return opbyuid(environ, start_response)
if path == "oplist":
return oplist(environ, start_response)
if path == "about":
return about(environ, start_response)
return start(environ, start_response)示例8: WebFinger
# 需要导入模块: from oic.utils.webfinger import WebFinger [as 别名]
# 或者: from oic.utils.webfinger.WebFinger import discovery_query [as 别名]
__author__ = 'roland'
# =====================================================================
# Using only very basic functions and methods
# Initiate the WebFinger class
wf = WebFinger()
# contruct the webfinger query URL
query = wf.query("acct:[email protected]", rel=OIC_ISSUER)
print(query)
r = requests.request("GET", query, verify=False)
# parse the JSON returned by the website and dump the content to
# standard out
jwt = json.loads(r.text)
print(json.dumps(jwt, sort_keys=True, indent=4, separators=(',', ': ')))
# =====================================================================
# A bit more high level
wf = WebFinger()
# PBase is a wrapper around requests
wf.httpd = PBase(verify_ssl=False)
# discover_query will follow webfinger redirects
url = wf.discovery_query("acct:[email protected]")
print(url)示例9: WebFinger
# 需要导入模块: from oic.utils.webfinger import WebFinger [as 别名]
# 或者: from oic.utils.webfinger.WebFinger import discovery_query [as 别名]
import sys
from oic.oauth2 import PBase
from oic.utils.webfinger import WebFinger, OIC_ISSUER
__author__ = 'roland'
wf = WebFinger(OIC_ISSUER)
wf.httpd = PBase()
print wf.discovery_query(sys.argv[1])示例10: Client
# 需要导入模块: from oic.utils.webfinger import WebFinger [as 别名]
# 或者: from oic.utils.webfinger.WebFinger import discovery_query [as 别名]
#.........这里部分代码省略.........
def register(self, url, **kwargs):
"""
Register the client at an OP
:param url: The OPs registration endpoint
:param kwargs: parameters to the registration request
:return:
"""
req = self.create_registration_request(**kwargs)
headers = {"content-type": "application/json"}
rsp = self.http_request(url, "POST", data=req.to_json(), headers=headers)
return self.handle_registration_info(rsp)
def normalization(self, principal, idtype="mail"):
if idtype == "mail":
(local, domain) = principal.split("@")
subject = "acct:%s" % principal
elif idtype == "url":
p = urlparse(principal)
domain = p.netloc
subject = principal
else:
domain = ""
subject = principal
return subject, domain
def discover(self, principal):
# subject, host = self.normalization(principal)
return self.wf.discovery_query(principal)
def sign_enc_algs(self, typ):
resp = {}
for key, val in PARAMMAP.items():
try:
resp[key] = self.registration_response[val % typ]
except (TypeError, KeyError):
if key == "sign":
resp[key] = DEF_SIGN_ALG["id_token"]
return resp
def _verify_id_token(self, id_token, nonce="", acr_values=None, auth_time=0, max_age=0):
"""
If the JWT alg Header Parameter uses a MAC based algorithm s uch as
HS256, HS384, or HS512, the octets of the UTF-8 representation of the
client_secret corresponding to the client_id contained in the aud
(audience) Claim are used as the key to validate the signature. For MAC
based algorithms, the behavior is unspecified if the aud is
multi-valued or if an azp value is present that is different than the
aud value.
:param id_token: The ID Token tp check
:param nonce: The nonce specified in the authorization request
:param acr_values: Asked for acr values
:param auth_time: An auth_time claim
:param max_age: Max age of authentication
"""
try:
assert self.provider_info["issuer"] == id_token["iss"]
except AssertionError:
raise OtherError("issuer != iss")