From 4b3039ceae26c3eb338e44453629a38a21f99713 Mon Sep 17 00:00:00 2001 From: juanifioren Date: Wed, 29 Apr 2015 18:55:48 -0300 Subject: [PATCH] Refactoring for create_id_token function. --- oidc_provider/lib/endpoints/authorize.py | 13 ++----------- oidc_provider/lib/endpoints/token.py | 10 ++-------- oidc_provider/lib/utils/token.py | 19 ++++++++++++------- 3 files changed, 16 insertions(+), 26 deletions(-) diff --git a/oidc_provider/lib/endpoints/authorize.py b/oidc_provider/lib/endpoints/authorize.py index ff2e206..667de5a 100644 --- a/oidc_provider/lib/endpoints/authorize.py +++ b/oidc_provider/lib/endpoints/authorize.py @@ -4,7 +4,6 @@ import uuid from django.utils import timezone from oidc_provider.lib.errors import * -from oidc_provider.lib.utils.common import get_issuer from oidc_provider.lib.utils.params import * from oidc_provider.lib.utils.token import * from oidc_provider.models import * @@ -95,7 +94,6 @@ class AuthorizeEndpoint(object): self.validate_params() if self.grant_type == 'authorization_code': - code = create_code( user=self.request.user, client=self.client, @@ -107,16 +105,9 @@ class AuthorizeEndpoint(object): uri = self.params.redirect_uri + '?code={0}'.format(code.code) else: # Implicit Flow - - # TODO refactor since it's the same as the token endpoint - sub = settings.get('OIDC_IDTOKEN_SUB_GENERATOR')( - user=self.request.user) - id_token_dic = create_id_token( - iss=get_issuer(), - sub=sub, - aud=self.client.client_id, - auth_time=self.request.user.last_login) + user=self.request.user, + aud=self.client.client_id) token = create_token( user=self.request.user, diff --git a/oidc_provider/lib/endpoints/token.py b/oidc_provider/lib/endpoints/token.py index e069577..9c5f9dd 100644 --- a/oidc_provider/lib/endpoints/token.py +++ b/oidc_provider/lib/endpoints/token.py @@ -3,7 +3,6 @@ import urllib from django.http import JsonResponse from oidc_provider.lib.errors import * -from oidc_provider.lib.utils.common import get_issuer from oidc_provider.lib.utils.params import * from oidc_provider.lib.utils.token import * from oidc_provider.models import * @@ -54,14 +53,9 @@ class TokenEndpoint(object): raise TokenError('invalid_grant') def create_response_dic(self): - sub = settings.get('OIDC_IDTOKEN_SUB_GENERATOR')( - user=self.code.user) - id_token_dic = create_id_token( - iss=get_issuer(), - sub=sub, - aud=self.client.client_id, - auth_time=self.code.user.last_login) + user=self.code.user, + aud=self.client.client_id) token = create_token( user=self.code.user, diff --git a/oidc_provider/lib/utils/token.py b/oidc_provider/lib/utils/token.py index 74d04cb..9ef7dd2 100644 --- a/oidc_provider/lib/utils/token.py +++ b/oidc_provider/lib/utils/token.py @@ -5,34 +5,39 @@ import uuid from django.utils import timezone import jwt +from oidc_provider.lib.utils.common import get_issuer from oidc_provider.models import * from oidc_provider import settings -def create_id_token(iss, sub, aud, auth_time): +def create_id_token(user, aud): """ - Receives a user object, iss (issuer) and aud (audience). - Then creates the id_token dic. + Receives a user object and aud (audience). + Then creates the id_token dictionary. See: http://openid.net/specs/openid-connect-core-1_0.html#IDToken Return a dic. """ + sub = settings.get('OIDC_IDTOKEN_SUB_GENERATOR')( + user=user) + expires_in = settings.get('OIDC_IDTOKEN_EXPIRE') now = timezone.now() - # Convert datetimes into timestamps. iat_time = time.mktime(now.timetuple()) exp_time = time.mktime((now + timedelta(seconds=expires_in)).timetuple()) - user_auth_time = time.mktime(auth_time.timetuple()) + + user_auth_time = user.last_login or user.date_joined + auth_time = time.mktime(user_auth_time.timetuple()) dic = { - 'iss': iss, + 'iss': get_issuer(), 'sub': sub, 'aud': aud, 'exp': exp_time, 'iat': iat_time, - 'auth_time': user_auth_time, + 'auth_time': auth_time, } return dic