From 0de868941adfcd6b67d8066632fca5559a824874 Mon Sep 17 00:00:00 2001 From: juanifioren Date: Wed, 15 Jul 2015 16:18:34 -0300 Subject: [PATCH] Modify create_id_token function for supporting nonce. --- oidc_provider/lib/endpoints/authorize.py | 3 ++- oidc_provider/lib/utils/token.py | 8 +++----- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/oidc_provider/lib/endpoints/authorize.py b/oidc_provider/lib/endpoints/authorize.py index 1420edd..5c3ad70 100644 --- a/oidc_provider/lib/endpoints/authorize.py +++ b/oidc_provider/lib/endpoints/authorize.py @@ -106,7 +106,8 @@ class AuthorizeEndpoint(object): elif self.grant_type == 'implicit': id_token_dic = create_id_token( user=self.request.user, - aud=self.client.client_id) + aud=self.client.client_id, + nonce=self.params.nonce) token = create_token( user=self.request.user, diff --git a/oidc_provider/lib/utils/token.py b/oidc_provider/lib/utils/token.py index 32f8bfb..38a732d 100644 --- a/oidc_provider/lib/utils/token.py +++ b/oidc_provider/lib/utils/token.py @@ -10,7 +10,7 @@ from oidc_provider.models import * from oidc_provider import settings -def create_id_token(user, aud, nonce=None): +def create_id_token(user, aud, nonce): """ Receives a user object and aud (audience). Then creates the id_token dictionary. @@ -18,16 +18,14 @@ def create_id_token(user, aud, nonce=None): Return a dic. """ - sub = settings.get('OIDC_IDTOKEN_SUB_GENERATOR')( - user=user) + sub = settings.get('OIDC_IDTOKEN_SUB_GENERATOR')(user=user) expires_in = settings.get('OIDC_IDTOKEN_EXPIRE') - now = timezone.now() # Convert datetimes into timestamps. + now = timezone.now() iat_time = int(time.mktime(now.timetuple())) exp_time = int(time.mktime((now + timedelta(seconds=expires_in)).timetuple())) - user_auth_time = user.last_login or user.date_joined auth_time = int(time.mktime(user_auth_time.timetuple()))