kumi/django-oidc-provider
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix tests with pyjwkest package.

Browse source
This commit is contained in:
Ignacio 2015-07-27 11:35:05 -03:00
parent 70b3370ee6
commit 064b36d615
1 changed files with 11 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
oidc_provider/tests/test_token_endpoint.py
View file

@ -5,12 +5,12 @@ except ImportError:
from urllib import urlencode from urllib import urlencode
import uuid import uuid
from Crypto.PublicKey import RSA
from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse
from django.test import RequestFactory from django.test import RequestFactory
from django.test import TestCase from django.test import TestCase
from jwkest import base64_to_long from jwkest.jwk import KEYS
import jwt from jwkest.jws import JWS
from jwkest.jwt import JWT
from oidc_provider.lib.utils.token import * from oidc_provider.lib.utils.token import *
from oidc_provider.tests.app.utils import * from oidc_provider.tests.app.utils import *
@ -153,10 +153,9 @@ class TokenTestCase(TestCase):
response = self._post_request(post_data) response = self._post_request(post_data)
response_dic = json.loads(response.content.decode('utf-8')) response_dic = json.loads(response.content.decode('utf-8'))
id_token = jwt.decode(response_dic['id_token'], id_token = JWT().unpack(response_dic['id_token']).payload()
options={'verify_signature': False, 'verify_aud': False})
self.assertEqual(id_token['nonce'], FAKE_NONCE) self.assertEqual(id_token.get('nonce'), FAKE_NONCE)
# Client does not supply a nonce parameter. # Client does not supply a nonce parameter.
code.nonce = '' code.nonce = ''
@ -165,8 +164,7 @@ class TokenTestCase(TestCase):
response = self._post_request(post_data) response = self._post_request(post_data)
response_dic = json.loads(response.content.decode('utf-8')) response_dic = json.loads(response.content.decode('utf-8'))
id_token = jwt.decode(response_dic['id_token'], id_token = JWT().unpack(response_dic['id_token']).payload()
options={'verify_signature': False, 'verify_aud': False})
self.assertEqual(id_token.get('nonce'), None) self.assertEqual(id_token.get('nonce'), None)
@ -179,18 +177,10 @@ class TokenTestCase(TestCase):
# Get public key from discovery. # Get public key from discovery.
request = self.factory.get(reverse('oidc_provider:jwks')) request = self.factory.get(reverse('oidc_provider:jwks'))
response = JwksView.as_view()(request) response = JwksView.as_view()(request)
response_dic = json.loads(response.content.decode('utf-8')) jwks_dic = json.loads(response.content.decode('utf-8'))
# Construct PEM key from exponent and modulus. SIGKEYS = KEYS()
try: SIGKEYS.load_dict(jwks_dic)
key_e = base64_to_long(response_dic['keys'][0]['e'].encode('utf-8')) RSAKEYS = [ k for k in SIGKEYS if k.kty == 'RSA' ]
key_e = long(key_e)
except NameError:
key_e = int(key_e) # Python 3 support.
key_n = base64_to_long(response_dic['keys'][0]['n'].encode('utf-8'))
KEY = RSA.construct((key_n, key_e)).exportKey('PEM')
self.assertEqual(response_dic['keys'][0]['alg'] == 'RS256', True,
msg='Key from jwks_uri MUST have alg "RS256".')
code = self._create_code() code = self._create_code()
@ -199,5 +189,4 @@ class TokenTestCase(TestCase):
response = self._post_request(post_data) response = self._post_request(post_data)
response_dic = json.loads(response.content.decode('utf-8')) response_dic = json.loads(response.content.decode('utf-8'))
id_token = jwt.decode(response_dic['id_token'], KEY, id_token = JWS().verify_compact(response_dic['id_token'], RSAKEYS)
algorithm='RS256', audience=str(self.client.client_id))