Merge branch 'v0.1.x' of https://github.com/juanifioren/django-oidc-provider
This commit is contained in:
commit
87b0deb357
7 changed files with 62 additions and 16 deletions
|
@ -6,7 +6,7 @@ env:
|
|||
- DJANGO=1.7
|
||||
- DJANGO=1.8
|
||||
install:
|
||||
- pip install -q Django==$DJANGO --use-mirrors
|
||||
- pip install -q django==$DJANGO
|
||||
- pip install -e .
|
||||
script:
|
||||
- PYTHONPATH=$PYTHONPATH:$PWD django-admin.py test oidc_provider --settings=oidc_provider.tests.app.settings
|
||||
|
|
|
@ -4,6 +4,9 @@ All notable changes to this project will be documented in this file.
|
|||
|
||||
### [Unreleased]
|
||||
|
||||
##### Added
|
||||
- Sending access_token as query string parameter in UserInfo Endpoint.
|
||||
|
||||
##### Changed
|
||||
- Use models setting instead of User.
|
||||
|
||||
|
|
|
@ -22,14 +22,8 @@ class AuthorizeEndpoint(object):
|
|||
|
||||
def __init__(self, request):
|
||||
self.request = request
|
||||
|
||||
self.params = Params()
|
||||
|
||||
# Because in this endpoint we handle both GET
|
||||
# and POST request.
|
||||
self.query_dict = (self.request.POST if self.request.method == 'POST'
|
||||
else self.request.GET)
|
||||
|
||||
self._extract_params()
|
||||
|
||||
# Determine which flow to use.
|
||||
|
@ -47,12 +41,17 @@ class AuthorizeEndpoint(object):
|
|||
|
||||
See: http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
|
||||
"""
|
||||
self.params.client_id = self.query_dict.get('client_id', '')
|
||||
self.params.redirect_uri = self.query_dict.get('redirect_uri', '')
|
||||
self.params.response_type = self.query_dict.get('response_type', '')
|
||||
self.params.scope = self.query_dict.get('scope', '').split()
|
||||
self.params.state = self.query_dict.get('state', '')
|
||||
self.params.nonce = self.query_dict.get('nonce', '')
|
||||
# Because in this endpoint we handle both GET
|
||||
# and POST request.
|
||||
query_dict = (self.request.POST if self.request.method == 'POST'
|
||||
else self.request.GET)
|
||||
|
||||
self.params.client_id = query_dict.get('client_id', '')
|
||||
self.params.redirect_uri = query_dict.get('redirect_uri', '')
|
||||
self.params.response_type = query_dict.get('response_type', '')
|
||||
self.params.scope = query_dict.get('scope', '').split()
|
||||
self.params.state = query_dict.get('state', '')
|
||||
self.params.nonce = query_dict.get('nonce', '')
|
||||
|
||||
def validate_params(self):
|
||||
|
||||
|
|
|
@ -29,6 +29,7 @@ class UserInfoEndpoint(object):
|
|||
def _get_access_token(self):
|
||||
"""
|
||||
Get the access token using Authorization Request Header Field method.
|
||||
Or try getting via GET.
|
||||
See: http://tools.ietf.org/html/rfc6750#section-2.1
|
||||
|
||||
Return a string.
|
||||
|
@ -38,7 +39,7 @@ class UserInfoEndpoint(object):
|
|||
if re.compile('^Bearer\s{1}.+$').match(auth_header):
|
||||
access_token = auth_header.split()[1]
|
||||
else:
|
||||
access_token = ''
|
||||
access_token = self.request.GET.get('access_token', '')
|
||||
|
||||
return access_token
|
||||
|
||||
|
|
|
@ -130,7 +130,6 @@ class AuthorizationCodeFlowTestCase(TestCase):
|
|||
# Simulate that the user is logged.
|
||||
request.user = self.user
|
||||
|
||||
# Remove the hook, because we want to test default behaviour.
|
||||
response = AuthorizeView.as_view()(request)
|
||||
|
||||
# Check if hidden inputs exists in the form,
|
||||
|
@ -273,3 +272,27 @@ class AuthorizationCodeFlowTestCase(TestCase):
|
|||
client=self.client)
|
||||
self.assertEqual(is_code_ok, True,
|
||||
msg='Code returned is invalid.')
|
||||
|
||||
def test_scope_with_plus(self):
|
||||
"""
|
||||
In query string, scope use `+` instead of the space url-encoded.
|
||||
"""
|
||||
scope_test = 'openid email profile'
|
||||
|
||||
query_str = urlencode({
|
||||
'client_id': self.client.client_id,
|
||||
'response_type': 'code',
|
||||
'redirect_uri': self.client.default_redirect_uri,
|
||||
'scope': scope_test,
|
||||
'state': self.state,
|
||||
})
|
||||
|
||||
url = reverse('oidc_provider:authorize') + '?' + query_str
|
||||
|
||||
request = self.factory.get(url)
|
||||
# Simulate that the user is logged.
|
||||
request.user = self.user
|
||||
|
||||
response = AuthorizeView.as_view()(request)
|
||||
|
||||
self.assertEqual(scope_test in response.content.decode('utf-8'), True)
|
||||
|
|
|
@ -1,4 +1,8 @@
|
|||
from datetime import timedelta
|
||||
try:
|
||||
from urllib.parse import urlencode
|
||||
except ImportError:
|
||||
from urllib import urlencode
|
||||
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.test import RequestFactory
|
||||
|
@ -93,3 +97,20 @@ class UserInfoTestCase(TestCase):
|
|||
except KeyError:
|
||||
is_header_field_ok = False
|
||||
self.assertEqual(is_header_field_ok, True)
|
||||
|
||||
def test_accesstoken_query_string_parameter(self):
|
||||
"""
|
||||
Make a GET request to the UserInfo Endpoint by sending access_token
|
||||
as query string parameter.
|
||||
"""
|
||||
token = self._create_token()
|
||||
|
||||
url = reverse('oidc_provider:userinfo') + '?' + urlencode({
|
||||
'access_token': token.access_token,
|
||||
})
|
||||
|
||||
request = self.factory.get(url)
|
||||
response = userinfo(request)
|
||||
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertEqual(bool(response.content), True)
|
||||
|
|
1
tox.ini
1
tox.ini
|
@ -10,6 +10,5 @@ deps =
|
|||
django18: django==1.8
|
||||
|
||||
commands =
|
||||
pip uninstall --yes django-oidc-provider
|
||||
pip install -e .
|
||||
{envbindir}/django-admin.py test oidc_provider --settings=oidc_provider.tests.app.settings
|
||||
|
|
Loading…
Reference in a new issue