kumi/django-oidc-provider
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Added OIDC_ID_TOKEN_PROCESSING_HOOK functionality

Browse source
This commit is contained in:
Wojciech Bartosiak 2016-02-12 16:02:35 +00:00
parent 22c53abd63
commit 7a357001b6
7 changed files with 55 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored
View file

@ -7,3 +7,5 @@ dist/
.tox .tox
.coverage .coverage
src/ src/
.venv
.idea

13
oidc_provider/lib/utils/common.py
View file

@ -1,4 +1,3 @@
from django.conf import settings as django_settings
from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse
from django.http import HttpResponse from django.http import HttpResponse
@ -49,3 +48,15 @@ def default_after_userlogin_hook(request, user, client):
Default function for setting OIDC_AFTER_USERLOGIN_HOOK. Default function for setting OIDC_AFTER_USERLOGIN_HOOK.
""" """
return None return None
def additional_id_token_processing_hook(id_token):
"""
Hook to perform some additional actions ti `id_token` dictionary just before serialization.
:param id_token: dictionary contains values that going to be serialized into `id_token`
:type id_token: dict
:return: custom modified dictionary of values for `id_token`
:rtype dict
"""
return id_token

2
oidc_provider/lib/utils/token.py
View file

@ -44,6 +44,8 @@ def create_id_token(user, aud, nonce):
if nonce: if nonce:
dic['nonce'] = str(nonce) dic['nonce'] = str(nonce)
dic = settings.get('OIDC_ID_TOKEN_PROCESSING_HOOK', import_str=True)(dic)
return dic return dic

8
oidc_provider/settings.py
View file

@ -97,6 +97,14 @@ class DefaultSettings(object):
""" """
return 'oidc_provider.lib.utils.common.DefaultUserInfo' return 'oidc_provider.lib.utils.common.DefaultUserInfo'
@property
def OIDC_ID_TOKEN_PROCESSING_HOOK(self):
"""
OPTIONAL. A string with the location of your hook.
Used to add extra dictionary values specific for your app into id_token.
"""
return 'oidc_provider.lib.utils.common.additional_id_token_processing_hook'
default_settings = DefaultSettings() default_settings = DefaultSettings()

13
oidc_provider/tests/app/utils.py
View file

@ -1,4 +1,6 @@
import os import os
import random
import string
try: try:
from urlparse import parse_qs, urlsplit from urlparse import parse_qs, urlsplit
except ImportError: except ImportError:
@ -9,7 +11,8 @@ from django.contrib.auth.models import User
from oidc_provider.models import * from oidc_provider.models import *
FAKE_NONCE = 'cb584e44c43ed6bd0bc2d9c7e242837d' FAKE_NONCE = 'cb584e44c43ed6bd0bc2d9c7e242837d'
FAKE_RANDOM_STRING = ''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(32))
def create_fake_user(): def create_fake_user():
@ -103,3 +106,11 @@ def fake_sub_generator(user):
Fake function for setting OIDC_IDTOKEN_SUB_GENERATOR. Fake function for setting OIDC_IDTOKEN_SUB_GENERATOR.
""" """
return user.email return user.email
def fake_id_token_processing_hook(id_token):
"""
Fake function for inserting some keys into token. Testing OIDC_ID_TOKEN_PROCESSING_HOOK
"""
id_token['test_id_token_processing_hook'] = FAKE_RANDOM_STRING
return id_token

20
oidc_provider/tests/test_token_endpoint.py
View file

@ -1,16 +1,12 @@
from base64 import b64encode from base64 import b64encode
import json
try: try:
from urllib.parse import urlencode from urllib.parse import urlencode
except ImportError: except ImportError:
from urllib import urlencode from urllib import urlencode
import uuid
from django.core.urlresolvers import reverse
from django.test import RequestFactory, override_settings from django.test import RequestFactory, override_settings
from django.test import TestCase from django.test import TestCase
from jwkest.jwk import KEYS from jwkest.jwk import KEYS
from jwkest.jws import JWS
from jwkest.jwt import JWT from jwkest.jwt import JWT
from mock import patch from mock import patch
@ -339,3 +335,19 @@ class TokenTestCase(TestCase):
id_token = JWT().unpack(response_dic['id_token'].encode('utf-8')).payload() id_token = JWT().unpack(response_dic['id_token'].encode('utf-8')).payload()
self.assertEqual(id_token.get('sub'), self.user.email) self.assertEqual(id_token.get('sub'), self.user.email)
@override_settings(OIDC_ID_TOKEN_PROCESSING_HOOK='oidc_provider.tests.app.utils.fake_id_token_processing_hook')
def test_additional_id_token_processing_hook(self):
"""
Test custom function for setting OIDC_ID_TOKEN_PROCESSING_HOOK.
"""
code = self._create_code()
post_data = self._auth_code_post_data(code=code.code)
response = self._post_request(post_data)
response_dic = json.loads(response.content.decode('utf-8'))
id_token = JWT().unpack(response_dic['id_token'].encode('utf-8')).payload()
self.assertEqual(id_token.get('test_id_token_processing_hook'), FAKE_RANDOM_STRING)

6
tox.ini
View file

@ -6,9 +6,9 @@ envlist=
[testenv] [testenv]
deps = deps =
django17: django==1.7 django17: django>=1.7,<1.8
django18: django==1.8 django18: django>=1.8,<1.9
django19: django==1.9 django19: django>=1.9,<2.0
coverage coverage
mock mock