Add id_token to response
This commit is contained in:
parent
1a31bc6554
commit
7b9f08c46c
|
@ -168,7 +168,7 @@ class TokenEndpoint(object):
|
||||||
self.client,
|
self.client,
|
||||||
self.params['scope'].split(' '))
|
self.params['scope'].split(' '))
|
||||||
|
|
||||||
token.id_token = create_id_token(
|
id_token_dic = create_id_token(
|
||||||
user=self.user,
|
user=self.user,
|
||||||
aud=self.client.client_id,
|
aud=self.client.client_id,
|
||||||
nonce='self.code.nonce',
|
nonce='self.code.nonce',
|
||||||
|
@ -177,12 +177,15 @@ class TokenEndpoint(object):
|
||||||
scope=self.params['scope'],
|
scope=self.params['scope'],
|
||||||
)
|
)
|
||||||
|
|
||||||
|
token.id_token = id_token_dic
|
||||||
token.save()
|
token.save()
|
||||||
|
|
||||||
return {
|
return {
|
||||||
'access_token': token.access_token,
|
'access_token': token.access_token,
|
||||||
'refresh_token': token.refresh_token,
|
'refresh_token': token.refresh_token,
|
||||||
'expires_in': settings.get('OIDC_TOKEN_EXPIRE'),
|
'expires_in': settings.get('OIDC_TOKEN_EXPIRE'),
|
||||||
'token_type': 'bearer'
|
'token_type': 'bearer',
|
||||||
|
'id_token': encode_id_token(id_token_dic, token.client),
|
||||||
}
|
}
|
||||||
|
|
||||||
def create_code_response_dic(self):
|
def create_code_response_dic(self):
|
||||||
|
|
|
@ -213,7 +213,6 @@ class TokenTestCase(TestCase):
|
||||||
response_dict = json.loads(response.content.decode('utf-8'))
|
response_dict = json.loads(response.content.decode('utf-8'))
|
||||||
print(response_dict)
|
print(response_dict)
|
||||||
|
|
||||||
self.assertEqual(400, response.status_code)
|
|
||||||
self.assertEqual(403, response.status_code)
|
self.assertEqual(403, response.status_code)
|
||||||
self.assertEqual('access_denied', response_dict['error'])
|
self.assertEqual('access_denied', response_dict['error'])
|
||||||
|
|
||||||
|
@ -246,14 +245,15 @@ class TokenTestCase(TestCase):
|
||||||
)
|
)
|
||||||
|
|
||||||
response_dict = json.loads(response.content.decode('utf-8'))
|
response_dict = json.loads(response.content.decode('utf-8'))
|
||||||
expected_response_dic = {
|
id_token = JWS().verify_compact(response_dict['id_token'].encode('utf-8'), self._get_keys())
|
||||||
"access_token": 'fake_token',
|
print(id_token)
|
||||||
"refresh_token": 'fake_token',
|
|
||||||
"expires_in": 120,
|
|
||||||
"token_type": "bearer",
|
|
||||||
}
|
|
||||||
|
|
||||||
self.assertDictEqual(expected_response_dic, response_dict)
|
self.assertEqual(response_dict['access_token'], 'fake_token')
|
||||||
|
self.assertEqual(response_dict['refresh_token'], 'fake_token')
|
||||||
|
self.assertEqual(response_dict['expires_in'], 120)
|
||||||
|
self.assertEqual(response_dict['token_type'], 'bearer')
|
||||||
|
self.assertEqual(id_token['sub'], str(self.user.id))
|
||||||
|
self.assertEqual(id_token['aud'], self.client.client_id);
|
||||||
|
|
||||||
@override_settings(OIDC_TOKEN_EXPIRE=720)
|
@override_settings(OIDC_TOKEN_EXPIRE=720)
|
||||||
def test_authorization_code(self):
|
def test_authorization_code(self):
|
||||||
|
|
Loading…
Reference in a new issue