Merge pull request #145 from suutari-ai/use-time-time
Use time.time to generate the timestamps.
This commit is contained in:
commit
c5d0a99b55
4 changed files with 46 additions and 44 deletions
|
@ -1,9 +1,5 @@
|
||||||
import datetime
|
|
||||||
import time
|
|
||||||
|
|
||||||
from django.core.urlresolvers import reverse
|
from django.core.urlresolvers import reverse
|
||||||
from django.http import HttpResponse
|
from django.http import HttpResponse
|
||||||
from django.utils import timezone
|
|
||||||
|
|
||||||
from oidc_provider import settings
|
from oidc_provider import settings
|
||||||
|
|
||||||
|
@ -102,19 +98,3 @@ def default_idtoken_processing_hook(id_token, user):
|
||||||
:rtype dict
|
:rtype dict
|
||||||
"""
|
"""
|
||||||
return id_token
|
return id_token
|
||||||
|
|
||||||
def to_timestamp(dt):
|
|
||||||
"""
|
|
||||||
Convert a datetime to an integer timestamp.
|
|
||||||
|
|
||||||
Inspired from Py3 code, can be replaced by ``int(dt.timestamp())``
|
|
||||||
when Py2 is not supported anymore.
|
|
||||||
|
|
||||||
Note: we assume the timezone of naive datetimes is the one of the
|
|
||||||
system, not settings.TIME_ZONE as this setting may not have been
|
|
||||||
set by the user.
|
|
||||||
"""
|
|
||||||
if timezone.is_aware(dt):
|
|
||||||
return int((dt - datetime.datetime(1970, 1, 1, tzinfo=timezone.utc)).total_seconds())
|
|
||||||
else:
|
|
||||||
return int(time.mktime(dt.timetuple()))
|
|
||||||
|
|
|
@ -1,14 +1,15 @@
|
||||||
from datetime import timedelta
|
from datetime import timedelta
|
||||||
|
import time
|
||||||
import uuid
|
import uuid
|
||||||
|
|
||||||
from Cryptodome.PublicKey.RSA import importKey
|
from Cryptodome.PublicKey.RSA import importKey
|
||||||
from django.utils import timezone
|
from django.utils import dateformat, timezone
|
||||||
from jwkest.jwk import RSAKey as jwk_RSAKey
|
from jwkest.jwk import RSAKey as jwk_RSAKey
|
||||||
from jwkest.jwk import SYMKey
|
from jwkest.jwk import SYMKey
|
||||||
from jwkest.jws import JWS
|
from jwkest.jws import JWS
|
||||||
from jwkest.jwt import JWT
|
from jwkest.jwt import JWT
|
||||||
|
|
||||||
from oidc_provider.lib.utils.common import get_issuer, to_timestamp
|
from oidc_provider.lib.utils.common import get_issuer
|
||||||
from oidc_provider.models import (
|
from oidc_provider.models import (
|
||||||
Code,
|
Code,
|
||||||
RSAKey,
|
RSAKey,
|
||||||
|
@ -28,11 +29,11 @@ def create_id_token(user, aud, nonce='', at_hash='', request=None, scope=[]):
|
||||||
expires_in = settings.get('OIDC_IDTOKEN_EXPIRE')
|
expires_in = settings.get('OIDC_IDTOKEN_EXPIRE')
|
||||||
|
|
||||||
# Convert datetimes into timestamps.
|
# Convert datetimes into timestamps.
|
||||||
now = timezone.now()
|
now = int(time.time())
|
||||||
iat_time = to_timestamp(now)
|
iat_time = now
|
||||||
exp_time = to_timestamp(now + timedelta(seconds=expires_in))
|
exp_time = int(now + expires_in)
|
||||||
user_auth_time = user.last_login or user.date_joined
|
user_auth_time = user.last_login or user.date_joined
|
||||||
auth_time = to_timestamp(user_auth_time)
|
auth_time = int(dateformat.format(user_auth_time, 'U'))
|
||||||
|
|
||||||
dic = {
|
dic = {
|
||||||
'iss': get_issuer(request=request),
|
'iss': get_issuer(request=request),
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
from datetime import timedelta
|
|
||||||
import json
|
import json
|
||||||
|
import time
|
||||||
import uuid
|
import uuid
|
||||||
|
|
||||||
from base64 import b64encode
|
from base64 import b64encode
|
||||||
|
@ -15,7 +15,6 @@ from django.test import (
|
||||||
override_settings,
|
override_settings,
|
||||||
)
|
)
|
||||||
from django.test import TestCase
|
from django.test import TestCase
|
||||||
from django.utils import timezone
|
|
||||||
from jwkest.jwk import KEYS
|
from jwkest.jwk import KEYS
|
||||||
from jwkest.jws import JWS
|
from jwkest.jws import JWS
|
||||||
from jwkest.jwt import JWT
|
from jwkest.jwt import JWT
|
||||||
|
@ -164,9 +163,9 @@ class TokenTestCase(TestCase):
|
||||||
# Retrieve refresh token
|
# Retrieve refresh token
|
||||||
code = self._create_code()
|
code = self._create_code()
|
||||||
post_data = self._auth_code_post_data(code=code.code)
|
post_data = self._auth_code_post_data(code=code.code)
|
||||||
real_now = timezone.now
|
start_time = time.time()
|
||||||
with patch('oidc_provider.lib.utils.token.timezone.now') as now:
|
with patch('oidc_provider.lib.utils.token.time.time') as time_func:
|
||||||
now.return_value = real_now()
|
time_func.return_value = start_time
|
||||||
response = self._post_request(post_data)
|
response = self._post_request(post_data)
|
||||||
|
|
||||||
response_dic1 = json.loads(response.content.decode('utf-8'))
|
response_dic1 = json.loads(response.content.decode('utf-8'))
|
||||||
|
@ -174,8 +173,8 @@ class TokenTestCase(TestCase):
|
||||||
|
|
||||||
# Use refresh token to obtain new token
|
# Use refresh token to obtain new token
|
||||||
post_data = self._refresh_token_post_data(response_dic1['refresh_token'])
|
post_data = self._refresh_token_post_data(response_dic1['refresh_token'])
|
||||||
with patch('oidc_provider.lib.utils.token.timezone.now') as now:
|
with patch('oidc_provider.lib.utils.token.time.time') as time_func:
|
||||||
now.return_value = real_now() + timedelta(minutes=10)
|
time_func.return_value = start_time + 600
|
||||||
response = self._post_request(post_data)
|
response = self._post_request(post_data)
|
||||||
|
|
||||||
response_dic2 = json.loads(response.content.decode('utf-8'))
|
response_dic2 = json.loads(response.content.decode('utf-8'))
|
||||||
|
@ -189,6 +188,8 @@ class TokenTestCase(TestCase):
|
||||||
self.assertEqual(id_token1['iss'], id_token2['iss'])
|
self.assertEqual(id_token1['iss'], id_token2['iss'])
|
||||||
self.assertEqual(id_token1['sub'], id_token2['sub'])
|
self.assertEqual(id_token1['sub'], id_token2['sub'])
|
||||||
self.assertNotEqual(id_token1['iat'], id_token2['iat'])
|
self.assertNotEqual(id_token1['iat'], id_token2['iat'])
|
||||||
|
self.assertEqual(id_token1['iat'], int(start_time))
|
||||||
|
self.assertEqual(id_token2['iat'], int(start_time + 600))
|
||||||
self.assertEqual(id_token1['aud'], id_token2['aud'])
|
self.assertEqual(id_token1['aud'], id_token2['aud'])
|
||||||
self.assertEqual(id_token1['auth_time'], id_token2['auth_time'])
|
self.assertEqual(id_token1['auth_time'], id_token2['auth_time'])
|
||||||
self.assertEqual(id_token1.get('azp'), id_token2.get('azp'))
|
self.assertEqual(id_token1.get('azp'), id_token2.get('azp'))
|
||||||
|
|
|
@ -1,10 +1,12 @@
|
||||||
import datetime
|
import time
|
||||||
|
from datetime import datetime
|
||||||
|
|
||||||
from django.test import TestCase
|
from django.test import TestCase
|
||||||
from django.utils import timezone
|
from django.utils import timezone
|
||||||
from django.utils import six
|
|
||||||
|
|
||||||
from oidc_provider.lib.utils.common import get_issuer, to_timestamp
|
from oidc_provider.lib.utils.common import get_issuer
|
||||||
|
from oidc_provider.lib.utils.token import create_id_token
|
||||||
|
from oidc_provider.tests.app.utils import create_fake_user
|
||||||
|
|
||||||
|
|
||||||
class Request(object):
|
class Request(object):
|
||||||
|
@ -47,12 +49,30 @@ class CommonTest(TestCase):
|
||||||
request=request),
|
request=request),
|
||||||
'http://127.0.0.1:9000/openid')
|
'http://127.0.0.1:9000/openid')
|
||||||
|
|
||||||
def test_to_timestamp(self):
|
|
||||||
if not six.PY2:
|
|
||||||
naive_dt = datetime.datetime.now()
|
|
||||||
self.assertEqual(to_timestamp(naive_dt), int(naive_dt.timestamp()))
|
|
||||||
|
|
||||||
aware_dt = datetime.datetime(2016, 3, 2, 14, 2, 6, 123, timezone.utc)
|
def timestamp_to_datetime(timestamp):
|
||||||
self.assertEqual(to_timestamp(aware_dt), 1456927326)
|
tz = timezone.get_current_timezone()
|
||||||
if not six.PY2:
|
return datetime.fromtimestamp(timestamp, tz=tz)
|
||||||
self.assertEqual(to_timestamp(aware_dt), int(aware_dt.timestamp()))
|
|
||||||
|
|
||||||
|
class TokenTest(TestCase):
|
||||||
|
def setUp(self):
|
||||||
|
self.user = create_fake_user()
|
||||||
|
|
||||||
|
def test_create_id_token(self):
|
||||||
|
start_time = int(time.time())
|
||||||
|
login_timestamp = start_time - 1234
|
||||||
|
self.user.last_login = timestamp_to_datetime(login_timestamp)
|
||||||
|
id_token_data = create_id_token(self.user, aud='test-aud')
|
||||||
|
iat = id_token_data['iat']
|
||||||
|
self.assertEqual(type(iat), int)
|
||||||
|
self.assertGreaterEqual(iat, start_time)
|
||||||
|
self.assertLessEqual(iat - start_time, 5) # Can't take more than 5 s
|
||||||
|
self.assertEqual(id_token_data, {
|
||||||
|
'aud': 'test-aud',
|
||||||
|
'auth_time': login_timestamp,
|
||||||
|
'exp': iat + 600,
|
||||||
|
'iat': iat,
|
||||||
|
'iss': 'http://localhost:8000/openid',
|
||||||
|
'sub': str(self.user.id),
|
||||||
|
})
|
||||||
|
|
Loading…
Reference in a new issue