本文整理匯總了Python中oic.oauth2.Server類的典型用法代碼示例。如果您正苦於以下問題:Python Server類的具體用法?Python Server怎麽用?Python Server使用的例子?那麽, 這裏精選的類代碼示例或許可以為您提供幫助。
在下文中一共展示了Server類的13個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: test_server_parse_token_request
def test_server_parse_token_request():
atr = AccessTokenRequest(
grant_type="authorization_code",
code="SplxlOBeZQQYbYS6WxSbIA",
redirect_uri="https://client.example.com/cb",
extra="foo",
)
uenc = atr.to_urlencoded()
srv = Server()
tr = srv.parse_token_request(body=uenc)
print tr.keys()
assert tr.type() == "AccessTokenRequest"
assert _eq(tr.keys(), ["code", "redirect_uri", "grant_type", "extra"])
assert tr["grant_type"] == "authorization_code"
assert tr["code"] == "SplxlOBeZQQYbYS6WxSbIA"
tr = srv.parse_token_request(body=uenc)
print tr.keys()
assert tr.type() == "AccessTokenRequest"
assert _eq(tr.keys(), ["code", "grant_type", "redirect_uri", "extra"])
assert tr["extra"] == "foo"
示例2: test_server_parse_parse_authorization_request
def test_server_parse_parse_authorization_request():
srv = Server()
ar = AuthorizationRequest(response_type=["code"],
client_id="foobar",
redirect_uri="http://foobar.example.com/oaclient",
state="cold")
uencq = ar.to_urlencoded()
areq = srv.parse_authorization_request(query=uencq)
assert areq.type() == "AuthorizationRequest"
assert areq["response_type"] == ["code"]
assert areq["client_id"] == "foobar"
assert areq["redirect_uri"] == "http://foobar.example.com/oaclient"
assert areq["state"] == "cold"
urluenc = "%s?%s" % ("https://example.com/authz", uencq)
areq = srv.parse_authorization_request(url=urluenc)
assert areq.type() == "AuthorizationRequest"
assert areq["response_type"] == ["code"]
assert areq["client_id"] == "foobar"
assert areq["redirect_uri"] == "http://foobar.example.com/oaclient"
assert areq["state"] == "cold"
示例3: __init__
def __init__(self, jwt_keys=None, name=""):
Server.__init__(self, jwt_keys=jwt_keys)
self.sdb = SessionDB()
self.name = name
self.client = {}
self.registration_expires_in = 3600
self.host = ""
示例4: test_server_parse_refresh_token_request
def test_server_parse_refresh_token_request():
ratr = RefreshAccessTokenRequest(refresh_token="ababababab", client_id="Client_id")
uenc = ratr.to_urlencoded()
srv = Server()
tr = srv.parse_refresh_token_request(body=uenc)
print tr.keys()
assert tr.type() == "RefreshAccessTokenRequest"
assert tr["refresh_token"] == "ababababab"
assert tr["client_id"] == "Client_id"
示例5: test_server_parse_jwt_request
def test_server_parse_jwt_request():
srv = Server()
ar = AuthorizationRequest(
response_type=["code"], client_id="foobar", redirect_uri="http://foobar.example.com/oaclient", state="cold"
)
srv.keyjar["foobar"] = KeyBundle({"hmac": "A1B2C3D4"}, usage=["ver", "sig"])
srv.keyjar[""] = KeyBundle({"hmac": "A1B2C3D4"}, usage=["ver", "sig"])
keys = srv.keyjar.get_signing_key(owner="foobar")
_jwt = ar.to_jwt(key=keys, algorithm="HS256")
req = srv.parse_jwt_request(txt=_jwt)
assert req.type() == "AuthorizationRequest"
assert req["response_type"] == ["code"]
assert req["client_id"] == "foobar"
assert req["redirect_uri"] == "http://foobar.example.com/oaclient"
assert req["state"] == "cold"
示例6: test_server_parse_jwt_request
def test_server_parse_jwt_request():
srv = Server()
ar = AuthorizationRequest(response_type=["code"],
client_id="foobar",
redirect_uri="http://foobar.example.com/oaclient",
state="cold")
srv.keystore.set_verify_key("A1B2C3D4", owner="foobar")
srv.keystore.set_sign_key("A1B2C3D4", owner="foobar")
keys = srv.keystore.get_sign_key(owner="foobar")
_jwt = ar.to_jwt(key=keys, algorithm="HS256")
req = srv.parse_jwt_request(txt=_jwt)
assert req.type() == "AuthorizationRequest"
assert req["response_type"] == ["code"]
assert req["client_id"] == "foobar"
assert req["redirect_uri"] == "http://foobar.example.com/oaclient"
assert req["state"] == "cold"
示例7: __init__
def __init__(self, name, sdb, cdb, authn_broker, authz, client_authn,
symkey="", urlmap=None, iv=0, default_scope="",
ca_bundle=None, verify_ssl=True, default_acr="",
baseurl=''):
self.name = name
self.sdb = sdb
self.cdb = cdb
self.server = Server(ca_certs=ca_bundle, verify_ssl=verify_ssl)
self.authn_broker = authn_broker
if authn_broker is None:
# default cookie function
self.cookie_func = CookieDealer(srv=self).create_cookie
else:
self.cookie_func = self.authn_broker[0][0].create_cookie
for item in self.authn_broker:
item.srv = self
self.authz = authz
self.client_authn = client_authn
self.symkey = symkey
self.seed = rndstr().encode("utf-8")
self.iv = iv or os.urandom(16)
self.cookie_name = "pyoidc"
self.default_scope = default_scope
self.sso_ttl = 0
self.default_acr = default_acr
if urlmap is None:
self.urlmap = {}
else:
self.urlmap = urlmap
self.response_type_map = {
"code": code_response,
"token": token_response,
"none": none_response,
}
self.session_cookie_name = "pyoic_session"
self.baseurl = baseurl
self.keyjar = None
self.trace = None
self.events = None
示例8: create_server
def create_server(self):
self.srv = Server() # pylint: disable=attribute-defined-outside-init
示例9: TestServer
class TestServer(object):
@pytest.fixture(autouse=True)
def create_server(self):
self.srv = Server() # pylint: disable=attribute-defined-outside-init
def test_parse_authz_req(self):
ar = AuthorizationRequest(
response_type=["code"], client_id="foobar", redirect_uri="http://foobar.example.com/oaclient", state="cold"
)
uencq = ar.to_urlencoded()
areq = self.srv.parse_authorization_request(query=uencq)
assert isinstance(areq, AuthorizationRequest)
assert areq["response_type"] == ["code"]
assert areq["client_id"] == "foobar"
assert areq["redirect_uri"] == "http://foobar.example.com/oaclient"
assert areq["state"] == "cold"
urluenc = "%s?%s" % ("https://example.com/authz", uencq)
areq = self.srv.parse_authorization_request(url=urluenc)
assert isinstance(areq, AuthorizationRequest)
assert areq["response_type"] == ["code"]
assert areq["client_id"] == "foobar"
assert areq["redirect_uri"] == "http://foobar.example.com/oaclient"
assert areq["state"] == "cold"
def test_parse_jwt_request(self):
ar = AuthorizationRequest(
response_type=["code"], client_id="foobar", redirect_uri="http://foobar.example.com/oaclient", state="cold"
)
self.srv.keyjar["foobar"] = KeyBundle(
[
{"kty": "oct", "key": "A1B2C3D4".encode("utf-8"), "use": "ver"},
{"kty": "oct", "key": "A1B2C3D4".encode("utf-8"), "use": "sig"},
]
)
self.srv.keyjar[""] = KeyBundle(
[
{"kty": "oct", "key": "A1B2C3D4".encode("utf-8"), "use": "ver"},
{"kty": "oct", "key": "A1B2C3D4".encode("utf-8"), "use": "sig"},
]
)
keys = self.srv.keyjar.get_signing_key(owner="foobar")
_jwt = ar.to_jwt(key=keys, algorithm="HS256")
req = self.srv.parse_jwt_request(txt=_jwt)
assert isinstance(req, AuthorizationRequest)
assert req["response_type"] == ["code"]
assert req["client_id"] == "foobar"
assert req["redirect_uri"] == "http://foobar.example.com/oaclient"
assert req["state"] == "cold"
def test_server_parse_token_request(self):
atr = AccessTokenRequest(
grant_type="authorization_code",
code="SplxlOBeZQQYbYS6WxSbIA",
redirect_uri="https://client.example.com/cb",
extra="foo",
)
uenc = atr.to_urlencoded()
tr = self.srv.parse_token_request(body=uenc)
assert isinstance(tr, AccessTokenRequest)
assert _eq(tr.keys(), ["code", "redirect_uri", "grant_type", "extra"])
assert tr["grant_type"] == "authorization_code"
assert tr["code"] == "SplxlOBeZQQYbYS6WxSbIA"
tr = self.srv.parse_token_request(body=uenc)
assert isinstance(tr, AccessTokenRequest)
assert _eq(tr.keys(), ["code", "grant_type", "redirect_uri", "extra"])
assert tr["extra"] == "foo"
def test_server_parse_refresh_token_request(self):
ratr = RefreshAccessTokenRequest(refresh_token="ababababab", client_id="Client_id")
uenc = ratr.to_urlencoded()
tr = self.srv.parse_refresh_token_request(body=uenc)
assert isinstance(tr, RefreshAccessTokenRequest)
assert tr["refresh_token"] == "ababababab"
assert tr["client_id"] == "Client_id"
示例10: Provider
class Provider(object):
endp = [AuthorizationEndpoint, TokenEndpoint]
def __init__(self, name, sdb, cdb, authn_broker, authz, client_authn,
symkey="", urlmap=None, iv=0, default_scope="",
ca_bundle=None, verify_ssl=True, default_acr="",
baseurl=''):
self.name = name
self.sdb = sdb
self.cdb = cdb
self.server = Server(ca_certs=ca_bundle, verify_ssl=verify_ssl)
self.authn_broker = authn_broker
if authn_broker is None:
# default cookie function
self.cookie_func = CookieDealer(srv=self).create_cookie
else:
self.cookie_func = self.authn_broker[0][0].create_cookie
for item in self.authn_broker:
item.srv = self
self.authz = authz
self.client_authn = client_authn
self.symkey = symkey
self.seed = rndstr().encode("utf-8")
self.iv = iv or os.urandom(16)
self.cookie_name = "pyoidc"
self.default_scope = default_scope
self.sso_ttl = 0
self.default_acr = default_acr
if urlmap is None:
self.urlmap = {}
else:
self.urlmap = urlmap
self.response_type_map = {
"code": code_response,
"token": token_response,
"none": none_response,
}
self.session_cookie_name = "pyoic_session"
self.baseurl = baseurl
self.keyjar = None
self.trace = None
@staticmethod
def input(query="", post=None):
# Support GET and POST
if query:
return query
elif post:
return post
else:
raise MissingParameter("No input")
@staticmethod
def _error_response(error, descr=None):
logger.error("%s" % error)
response = ErrorResponse(error=error, error_description=descr)
return Response(response.to_json(), content="application/json",
status="400 Bad Request")
@staticmethod
def _error(error, descr=None):
response = ErrorResponse(error=error, error_description=descr)
return Response(response.to_json(), content="application/json",
status="400 Bad Request")
@staticmethod
def _authz_error(error, descr=None):
response = AuthorizationErrorResponse(error=error)
if descr:
response["error_description"] = descr
return Response(response.to_json(), content="application/json",
status="400 Bad Request")
@staticmethod
def _redirect_authz_error(error, redirect_uri, descr=None, state="",
return_type=None):
err = AuthorizationErrorResponse(error=error)
if descr:
err["error_description"] = descr
if state:
err["state"] = state
if return_type is None or return_type == ["code"]:
location = err.request(redirect_uri)
else:
location = err.request(redirect_uri, True)
return SeeOther(location)
def _verify_redirect_uri(self, areq):
"""
MUST NOT contain a fragment
MAY contain query component
:return: An error response if the redirect URI is faulty otherwise
#.........這裏部分代碼省略.........
示例11: Provider
class Provider(object):
endp = [AuthorizationEndpoint, TokenEndpoint]
def __init__(self, name, sdb, cdb, authn_broker, authz, client_authn,
symkey="", urlmap=None, iv=0, default_scope="",
ca_bundle=None, verify_ssl=True, default_acr=""):
self.name = name
self.sdb = sdb
self.cdb = cdb
self.server = Server(ca_certs=ca_bundle, verify_ssl=verify_ssl)
self.authn_broker = authn_broker
if authn_broker is None:
# default cookie function
self.cookie_func = CookieDealer(srv=self).create_cookie
else:
self.cookie_func = self.authn_broker[0][0].create_cookie
for item in self.authn_broker:
item.srv = self
self.authz = authz
self.client_authn = client_authn
self.symkey = symkey
self.seed = rndstr()
self.iv = iv or os.urandom(16)
self.cookie_name = "pyoidc"
self.default_scope = default_scope
self.sso_ttl = 0
self.default_acr = default_acr
if urlmap is None:
self.urlmap = {}
else:
self.urlmap = urlmap
self.response_type_map = {
"code": code_response,
"token": token_response,
"none": none_response,
}
self.session_cookie_name = "pyoic_session"
def endpoints(self):
for endp in self.endp:
yield endp(None).name
# def authn_reply(self, areq, aresp, bsid, **kwargs):
# """
#
# :param areq: Authorization Request
# :param aresp: Authorization Response
# :param bsid: Session id
# :param kwargs: Additional keyword args
# :return:
# """
# if "redirect_uri" in areq:
# # TODO verify that the uri is reasonable
# redirect_uri = areq["redirect_uri"]
# else:
# redirect_uri = self.urlmap[areq["client_id"]]
#
# location = location_url(areq["response_type"], redirect_uri,
# aresp.to_urlencoded())
#
# LOG_DEBUG("Redirected to: '%s' (%s)" % (location, type(location)))
#
# # set cookie containing session ID
#
# cookie = make_cookie(self.cookie_name, bsid, self.seed)
#
# return Redirect(str(location), headers=[cookie])
#
# def authn_response(self, areq, **kwargs):
# """
#
# :param areq: Authorization request
# :param kwargs: Extra keyword arguments
# :return:
# """
# scode = kwargs["code"]
# areq["response_type"].sort()
# _rtype = " ".join(areq["response_type"])
# return self.response_type_map[_rtype](areq=areq, scode=scode,
# sdb=self.sdb)
@staticmethod
def input(query="", post=None):
# Support GET and POST
if query:
return query
elif post:
return post
else:
raise MissingParameter("No input")
@staticmethod
def _error_response(error, descr=None):
logger.error("%s" % error)
response = ErrorResponse(error=error, error_description=descr)
#.........這裏部分代碼省略.........
示例12: __init__
def __init__(self, name, sdb, cdb, authn, authz, client_authn,
symkey="", urlmap=None, iv=0, default_scope=""):
self.name = name
self.sdb = sdb
self.cdb = cdb
self.srvmethod = SrvMethod()
self.authn = authn
if authn:
self.authn.srv = self
self.authz = authz
self.client_authn = client_authn
self.symkey = symkey
self.seed = rndstr()
self.iv = iv or os.urandom(16)
self.cookie_name = "pyoidc"
self.default_scope = default_scope
if urlmap is None:
self.urlmap = {}
else:
self.urlmap = urlmap
self.response_type_map = {
"code": code_response,
"token": token_response,
"none": none_response,
}
示例13: Provider
class Provider(object):
def __init__(self, name, sdb, cdb, authn, authz, client_authn,
symkey="", urlmap=None, iv=0, default_scope=""):
self.name = name
self.sdb = sdb
self.cdb = cdb
self.srvmethod = SrvMethod()
self.authn = authn
if authn:
self.authn.srv = self
self.authz = authz
self.client_authn = client_authn
self.symkey = symkey
self.seed = rndstr()
self.iv = iv or os.urandom(16)
self.cookie_name = "pyoidc"
self.default_scope = default_scope
if urlmap is None:
self.urlmap = {}
else:
self.urlmap = urlmap
self.response_type_map = {
"code": code_response,
"token": token_response,
"none": none_response,
}
def subset(self, li1, li2):
"""
Verify that all items in li1 appears in li2
:param li1: List 1
:param li2: List 2
:return: True if all items in li1 appears in li2
"""
for item in li1:
try:
assert item in li2
except AssertionError:
return False
return True
def get_client_id(self, req, authn):
"""
Verify the client and return the client id
:param req: The request
:param authn: Authentication information from the HTTP header
:return:
"""
logger.debug("REQ: %s" % req.to_dict())
if authn:
if authn.startswith("Basic "):
logger.debug("Basic auth")
(_id, _secret) = base64.b64decode(authn[6:]).split(":")
if _id not in self.cdb:
logger.debug("Unknown client_id")
raise FailedAuthentication("Unknown client_id")
else:
try:
assert _secret == self.cdb[_id]["client_secret"]
except AssertionError:
logger.debug("Incorrect secret")
raise FailedAuthentication("Incorrect secret")
else:
try:
assert authn[:6].lower() == "bearer"
logger.debug("Bearer auth")
_token = authn[7:]
except AssertionError:
raise FailedAuthentication("AuthZ type I don't know")
try:
_id = self.cdb[_token]
except KeyError:
logger.debug("Unknown access token")
raise FailedAuthentication("Unknown access token")
else:
try:
_id = req["client_id"]
if _id not in self.cdb:
logger.debug("Unknown client_id")
raise FailedAuthentication("Unknown client_id")
except KeyError:
raise FailedAuthentication("Missing client_id")
return _id
def authn_reply(self, areq, aresp, bsid, **kwargs):
if "redirect_uri" in areq:
# TODO verify that the uri is reasonable
redirect_uri = areq["redirect_uri"]
else:
redirect_uri = self.urlmap[areq["client_id"]]
location = location_url(areq["response_type"], redirect_uri,
#.........這裏部分代碼省略.........